Pass redirect_uri fields in POST. Use full URL

Pass in the missing redirect_uri value along with login data. Use the full URI (complete with request args) as the form's action. This resolves the error raised when wrong credentials are provided.
author: Frederick Muriuki Muriithi 2024-04-26 10:05:26 +0300
committer: Frederick Muriuki Muriithi 2024-04-26 10:05:26 +0300
commit: a19ad9852945fe882be1231b727b6687bccd0b37 (patch)
tree: 33812566018a28629ac2e560d38c1912def1bd49 /gn_auth/templates/oauth2
parent: 118c15bd84c2bccc8419a914b6bf3d84890e4fdb (diff)
download: gn-auth-a19ad9852945fe882be1231b727b6687bccd0b37.tar.gz
1 files changed, 6 insertions, 1 deletions
diff --git a/gn_auth/templates/oauth2/authorise-user.html b/gn_auth/templates/oauth2/authorise-user.html
index b9284e5..c3842bf 100644
--- a/gn_auth/templates/oauth2/authorise-user.html
+++ b/gn_auth/templates/oauth2/authorise-user.html
@@ -7,8 +7,13 @@
 {%block content%}
 {{flash_messages()}}
 
-<form method="POST" action="{{url_for('oauth2.auth.authorise')}}">
+<form method="POST" action="{{url_for(
+                            'oauth2.auth.authorise',
+                            response_type=response_type,
+                            client_id=client.client_id,
+                            redirect_uri=redirect_uri)}}">
   <input type="hidden" name="response_type" value="{{response_type}}" />
+  <input type="hidden" name="redirect_uri" value="{{redirect_uri}}" />
   <input type="hidden" name="scope" value="{{scope | join(' ')}}" />
   <input type="hidden" name="client_id" value="{{client.client_id}}" />
   <p>
author	Frederick Muriuki Muriithi	2024-04-26 10:05:26 +0300
committer	Frederick Muriuki Muriithi	2024-04-26 10:05:26 +0300
commit	a19ad9852945fe882be1231b727b6687bccd0b37 (patch)
tree	33812566018a28629ac2e560d38c1912def1bd49 /gn_auth/templates/oauth2
parent	118c15bd84c2bccc8419a914b6bf3d84890e4fdb (diff)
download	gn-auth-a19ad9852945fe882be1231b727b6687bccd0b37.tar.gz