From 65f1db6ccc648ea2e0d2452e6c7106883452e0aa Mon Sep 17 00:00:00 2001
From: Serghei MIHAI <smihai@entrouvert.com>
Date: Thu, 14 Aug 2014 14:14:15 +0200
Subject: [PATCH] handle the correctly authorized_scopes attribute format

Closes #5231
---
 authentic2_idp_oauth2/models.py | 12 ++++++++++--
 authentic2_idp_oauth2/views.py  |  3 ++-
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/authentic2_idp_oauth2/models.py b/authentic2_idp_oauth2/models.py
index d523394..66e5f64 100644
--- a/authentic2_idp_oauth2/models.py
+++ b/authentic2_idp_oauth2/models.py
@@ -1,4 +1,5 @@
 from django.core.exceptions import ValidationError
+from django.core.validators import RegexValidator
 from django.db import models
 from django.utils.translation import ugettext_lazy as _
 from django.template import Template
@@ -8,15 +9,22 @@ from provider.oauth2.models import Client
 from authentic2.models import LogoutUrlAbstract
 from authentic2.managers import GetBySlugManager
 
+
+
 class A2Client(LogoutUrlAbstract, Client):
 
     authorized_scopes = models.CharField('automatically granted scopes',
-                                         max_length=256, blank=True, null=True,
-                                         help_text=_('space separated scopes'))
+                                         max_length=256, blank=True,
+                                         help_text=_('space separated scopes'),
+                                         validators = [RegexValidator(('^[a-z]+([ \+][a-z]+)+$'))]
+    )
     class Meta:
         verbose_name = _('client')
         verbose_name_plural = _('clients')
 
+    def clean(self):
+        self.authorized_scopes = self.authorized_scopes.strip()
+
 
 class AttributeRelease(models.Model):
     client = models.ForeignKey(A2Client, verbose_name=_('client'))
diff --git a/authentic2_idp_oauth2/views.py b/authentic2_idp_oauth2/views.py
index 1fb0369..efe775e 100644
--- a/authentic2_idp_oauth2/views.py
+++ b/authentic2_idp_oauth2/views.py
@@ -91,7 +91,8 @@ class Authorize(Authorize):
 
         automatic_grant = app_settings.AUTOMATIC_GRANT
         if hasattr(client, 'a2client'):
-            client_scopes = client.a2client.authorized_scopes.split(' ')
+            client_scopes = client.a2client.authorized_scopes
+            client_scopes = filter(None, map(unicode.strip, client_scopes.strip().split(' ')))
             automatic_grant += ((client.url, client_scopes),)
 
         for url_prefix, scopes in automatic_grant: