Add support for selecting scopes during IndieAuth's 'code' type

This commit is contained in:
Danielle McLean 2017-11-01 13:27:55 +11:00
parent 0a202a215d
commit 06278935b6
Signed by untrusted user: 00dani
GPG key ID: 5A5D2D1AFF12EEC5
3 changed files with 34 additions and 6 deletions

View file

@ -3,13 +3,13 @@ from secrets import token_hex
class IndieAuthCodeManager(models.Manager):
def create_from_dict(self, d):
def create_from_qdict(self, d):
code = self.create(
me=d['me'],
client_id=d['client_id'],
redirect_uri=d['redirect_uri'],
response_type=d.get('response_type', 'id'),
scope=d.get('scope', ''),
scope=" ".join(d.getlist('scope')),
)
code.code = token_hex(32)
return code

View file

@ -22,6 +22,18 @@
<div class="card-body">
<p class="card-text">do you want to confirm your identity, <a class="code" href="{{ me }}">{{ me }}</a>, with this app?</p>
{% if params.response_type == 'code' %}
<p class="card-text">additionally, this app is requesting the following <i>scopes</i> - you can edit the scopes that will be granted to the app, if you wish</p>
<div class="custom-controls-stacked card-text">
{% for scope in scopes %}
<label class="custom-control custom-checkbox">
<input name="scope" type="checkbox" class="custom-control-input" checked value="{{ scope }}" />
<span class="custom-control-indicator"></span>
<span class="custom-control-description">{{ scope }}</span>
</label>
{% endfor %}
</div>
{% endif %}
<p class="card-text"><small>you will be redirected to <a class="code" href="{{ params.redirect_uri }}">{{ params.redirect_uri }}</a> after authorising this app</small></p>
</div>

View file

@ -62,6 +62,22 @@ class IndieView(TemplateView):
content_type='text/plain',
)
type = params['response_type']
if type not in ('id', 'code'):
return HttpResponseBadRequest(
'unknown response_type: {0}'.format(type),
content_type='text/plain'
)
scopes = ()
if type == 'code':
if 'scope' not in params:
return HttpResponseBadRequest(
'scopes required for code type',
content_type='text/plain',
)
scopes = params['scope'].split(' ')
client = mf2py.Parser(url=params['client_id'], html_parser='html5lib')
rels = (client.to_dict()['rel-urls']
.get(params['redirect_uri'], {})
@ -78,6 +94,7 @@ class IndieView(TemplateView):
'me': me,
'verified': verified,
'params': params,
'scopes': scopes,
'title': 'indieauth',
}
@ -112,10 +129,9 @@ class IndieView(TemplateView):
@login_required
@require_POST
def approve(request):
post = request.POST.dict()
code = IndieAuthCode.objects.create_from_dict(post)
code = IndieAuthCode.objects.create_from_qdict(request.POST)
code.save()
params = {'code': code.code, 'me': code.me}
if 'state' in post:
params['state'] = post['state']
if 'state' in request.POST:
params['state'] = request.POST['state']
return redirect(code.redirect_uri + '?' + urlencode(params))