auth2_fc: set default scopes to profile and email (#39231)
And move default value to app_settings file. Support for FC data provider had to be modified.
This commit is contained in:
parent
fdc8098e5f
commit
27f4e2b13e
|
@ -128,7 +128,7 @@ class AppSettings(object):
|
|||
|
||||
@property
|
||||
def scopes(self):
|
||||
return self._setting('SCOPES', [])
|
||||
return self._setting('SCOPES', ['profile', 'email'])
|
||||
|
||||
@property
|
||||
def popup(self):
|
||||
|
|
|
@ -159,7 +159,6 @@ def clean_fc_session(session):
|
|||
|
||||
class FcOAuthSessionViewMixin(LoggerMixin):
|
||||
'''Add the OAuth2 dance to a view'''
|
||||
scopes = ['openid', 'profile', 'birth', 'email']
|
||||
redirect_field_name = REDIRECT_FIELD_NAME
|
||||
in_popup = False
|
||||
token = None
|
||||
|
@ -210,10 +209,7 @@ class FcOAuthSessionViewMixin(LoggerMixin):
|
|||
return self.redirect(request, next_url=there, *args, **kwargs)
|
||||
|
||||
def get_scopes(self):
|
||||
if app_settings.scopes:
|
||||
return list(set(['openid'] + app_settings.scopes))
|
||||
else:
|
||||
return self.scopes
|
||||
return list(set(['openid'] + app_settings.scopes))
|
||||
|
||||
def get_ressource(self, url, verify):
|
||||
try:
|
||||
|
@ -327,11 +323,10 @@ class FcOAuthSessionViewMixin(LoggerMixin):
|
|||
elif 'error' in request.GET:
|
||||
return self.authorization_error(request, *args, **kwargs)
|
||||
else:
|
||||
scopes = self.get_scopes()
|
||||
if 'fd_scopes' in request.GET:
|
||||
scopes = request.GET.get('fd_scopes')
|
||||
scopes = scopes.split()
|
||||
self.scopes.extend(scopes)
|
||||
return ask_authorization(request, self.get_scopes(), self.logger)
|
||||
scopes = list(set(scopes) | set(request.GET['fd_scopes'].split()))
|
||||
return ask_authorization(request, scopes, self.logger)
|
||||
|
||||
|
||||
class PopupViewMixin(object):
|
||||
|
|
|
@ -78,7 +78,7 @@ def check_authorization_url(url):
|
|||
assert 'client_id' in parsed
|
||||
assert parsed['client_id'] == 'xxx'
|
||||
assert 'scope' in parsed
|
||||
assert set(parsed['scope'].split()) == set(['openid', 'profile', 'birth', 'email'])
|
||||
assert set(parsed['scope'].split()) == set(['openid', 'profile', 'email'])
|
||||
assert 'state' in parsed
|
||||
assert 'nonce' in parsed
|
||||
assert parsed['state'] == parsed['nonce']
|
||||
|
|
Loading…
Reference in New Issue