ó O'—^c@sXddlZddlmZddlmZddlmZmZddlm Z ddl m Z ddl m Z mZdd lmZdd lmZdd lmZdd lmZdd lmZddlmZejdƒZde eefd„ƒYZdeefd„ƒYZdeeefd„ƒYZdeeefd„ƒYZ dS(iÿÿÿÿN(t HttpResponse(tsensitive_post_parameters(tViewtFormView(ttimezone(tmethod_decorator(tLoginRequiredMixintCsrfExemptMixini(toauth2_settings(tOAuthToolkitError(t AllowForm(tHttpResponseUriRedirect(tget_application_modeli(t OAuthLibMixintoauth2_providertBaseAuthorizationViewcBs eZdZd„Zd„ZRS(s Implements a generic endpoint to handle *Authorization Requests* as in :rfc:`4.1.1`. The view does not implement any strategy to determine *authorize/do not authorize* logic. The endpoint is used in the following flows: * Authorization code * Implicit grant cOs%i|_tt|ƒj|||ŽS(N(t oauth2_datatsuperRtdispatch(tselftrequesttargstkwargs((s</tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/views/base.pyRs cKsUtt|ƒj||\}}|r5t|dƒS|dj}|j|d|ƒS(s Handle errors either by redirecting to redirect_uri with a json in the body containing error details or providing an error response turlterrortstatus(RRterror_responseR t status_codetrender_to_response(RRRtredirectRR((s</tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/views/base.pyR#s ! (t__name__t __module__t__doc__RR(((s</tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/views/base.pyRs  tAuthorizationViewcBsVeZdZdZeZejZej Z ej Z e Zd„Zd„Zd„ZRS(sÆ Implements and endpoint to handle *Authorization Requests* as in :rfc:`4.1.1` and prompting the user with a form to determine if she authorizes the client application to access her data. This endpoint is reached two times during the authorization process: * first receive a ``GET`` request from user asking authorization for a certain client application, a form is served possibly showing some useful info and prompting for *authorize/do not authorize*. * then receive a ``POST`` request possibly after user authorized the access Some informations contained in the ``GET`` request and needed to create a Grant token during the ``POST`` request would be lost between the two steps above, so they are temporary stored in hidden fields on the form. A possible alternative could be keeping such informations in the session. The endpoint is used in the followin flows: * Authorization code * Implicit grant soauth2_provider/authorize.htmlcCs–|jjd|jjdgƒƒ}i|jjddƒd6dj|ƒd6|jjddƒd6|jjddƒd6|jjddƒd6}|S(Ntscopetscopest redirect_urit t client_idtstatet response_type(RtgettNonetjoin(RR#t initial_data((s</tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/views/base.pyt get_initialNs$c Csyâi|jjdƒd6|jjdƒd6|jjddƒd6|jjddƒd6}|jjdƒ}|jjdƒ}|jd|jd|d |d|ƒ\}}}}||_tjd j|jƒƒt |jƒSWnt k r} |j | ƒSXdS( NR&R$R(R'R"tallowRR#t credentialss Success url for the request: {0}( t cleaned_dataR)R*tcreate_authorization_responseRt success_urltlogtdebugtformatR R R( RtformR/R#R.turitheaderstbodyRR((s</tmp/pip-unpacked-wheel-ndW12l/oauth2_provider/views/base.pyt form_validZs * c OsæyÂ|j|ƒ\}}g|D]}tj|^q|d<||ds" j