From a19ad9852945fe882be1231b727b6687bccd0b37 Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Fri, 26 Apr 2024 10:05:26 +0300
Subject: Pass redirect_uri fields in POST. Use full URL

Pass in the missing redirect_uri value along with login data. Use the
full URI (complete with request args) as the form's action.

This resolves the error raised when wrong credentials are provided.
---
 gn_auth/auth/authentication/oauth2/views.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'gn_auth/auth/authentication')

diff --git a/gn_auth/auth/authentication/oauth2/views.py b/gn_auth/auth/authentication/oauth2/views.py
index 8e2ceef..52f3346 100644
--- a/gn_auth/auth/authentication/oauth2/views.py
+++ b/gn_auth/auth/authentication/oauth2/views.py
@@ -48,13 +48,16 @@ def authorise():
                 "oauth2/authorise-user.html",
                 client=client,
                 scope=client.scope,
-                response_type=request.args["response_type"])
+                response_type=request.args["response_type"],
+                redirect_uri=request.args["redirect_uri"])
 
         form = request.form
         def __authorise__(conn: db.DbConnection) -> Response:
             email_passwd_msg = "Email or password is invalid!"
             redirect_response = redirect(url_for("oauth2.auth.authorise",
-                                                 client_id=client_id))
+                                                 response_type=form["response_type"],
+                                                 client_id=client_id,
+                                                 redirect_uri=form["redirect_uri"]))
             try:
                 email = validate_email(
                     form.get("user:email"), check_deliverability=False)
-- 
cgit v1.2.3