From a19ad9852945fe882be1231b727b6687bccd0b37 Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Fri, 26 Apr 2024 10:05:26 +0300 Subject: Pass redirect_uri fields in POST. Use full URL Pass in the missing redirect_uri value along with login data. Use the full URI (complete with request args) as the form's action. This resolves the error raised when wrong credentials are provided. --- gn_auth/auth/authentication/oauth2/views.py | 7 +++++-- gn_auth/templates/oauth2/authorise-user.html | 7 ++++++- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/gn_auth/auth/authentication/oauth2/views.py b/gn_auth/auth/authentication/oauth2/views.py index 8e2ceef..52f3346 100644 --- a/gn_auth/auth/authentication/oauth2/views.py +++ b/gn_auth/auth/authentication/oauth2/views.py @@ -48,13 +48,16 @@ def authorise(): "oauth2/authorise-user.html", client=client, scope=client.scope, - response_type=request.args["response_type"]) + response_type=request.args["response_type"], + redirect_uri=request.args["redirect_uri"]) form = request.form def __authorise__(conn: db.DbConnection) -> Response: email_passwd_msg = "Email or password is invalid!" redirect_response = redirect(url_for("oauth2.auth.authorise", - client_id=client_id)) + response_type=form["response_type"], + client_id=client_id, + redirect_uri=form["redirect_uri"])) try: email = validate_email( form.get("user:email"), check_deliverability=False) diff --git a/gn_auth/templates/oauth2/authorise-user.html b/gn_auth/templates/oauth2/authorise-user.html index b9284e5..c3842bf 100644 --- a/gn_auth/templates/oauth2/authorise-user.html +++ b/gn_auth/templates/oauth2/authorise-user.html @@ -7,8 +7,13 @@ {%block content%} {{flash_messages()}} -
+ +

-- cgit v1.2.3