mirror of
https://github.com/jointakahe/takahe.git
synced 2024-11-25 16:51:00 +00:00
efd5f481e9
This implements a few oauth2 fixes: - passes along the state object - enforces authorization code expiration (currently set to 1 minute, we could make this configurable) - enforces redirect_uri - properly checks for client_secret when granting a token - handles pulling client authentication for token grant from basic auth - implement token revocation
45 lines
2 KiB
HTML
45 lines
2 KiB
HTML
{% extends "base_plain.html" %}
|
|
|
|
{% block title %}Authorize {{ application.name }}{% endblock %}
|
|
|
|
{% block content %}
|
|
{% if not identities %}
|
|
<p>
|
|
You cannot give access to {{ application.name }} as you
|
|
have no identities yet. Log in via the website and create
|
|
at least one identity, then retry this process.
|
|
</p>
|
|
{% else %}
|
|
<form method="POST">
|
|
{% csrf_token %}
|
|
<fieldset>
|
|
<legend>Authorize</legend>
|
|
<div class="field">
|
|
<div class="label-input">
|
|
<label for="identity">Select Identity</label>
|
|
<select name="identity" id="identity">
|
|
{% for identity in identities %}
|
|
<option value="{{ identity.pk }}">{{ identity.handle }}</option>
|
|
{% endfor %}
|
|
</select>
|
|
</div>
|
|
</div>
|
|
<p>Do you want to give <b>{{ application.name }}</b> access to this identity?</p>
|
|
<p>It will have permission to:</p>
|
|
<ul>
|
|
{% if "read" in scope %}<li>Read all of your data</li>{% endif %}
|
|
{% if "write" in scope %}<li>Create posts, edit follows, and change all other data</li>{% endif %}
|
|
{% if "push" in scope %}<li>Receive push notifications</li>{% endif %}
|
|
</ul>
|
|
<input type="hidden" name="client_id" value="{{ application.client_id }}">
|
|
<input type="hidden" name="state" value="{{ state }}">
|
|
<input type="hidden" name="redirect_uri" value="{{ redirect_uri }}">
|
|
<input type="hidden" name="scope" value="{{ scope }}">
|
|
</fieldset>
|
|
<div class="buttons">
|
|
<a href="#" class="secondary button left">Deny</a>
|
|
<button>Allow</button>
|
|
</div>
|
|
</form>
|
|
{% endif %}
|
|
{% endblock %}
|