From c3ac176c156f74ca3dcc7c908d863047f8ae085f Mon Sep 17 00:00:00 2001 From: Matthew Scragg Date: Fri, 13 Nov 2015 17:03:58 -0600 Subject: [PATCH] set token in session before making oauth request --- realms/modules/auth/oauth/models.py | 4 +--- realms/modules/auth/oauth/views.py | 4 +++- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/realms/modules/auth/oauth/models.py b/realms/modules/auth/oauth/models.py index 1004d7e..e8a9492 100644 --- a/realms/modules/auth/oauth/models.py +++ b/realms/modules/auth/oauth/models.py @@ -111,9 +111,7 @@ class User(BaseUser): return users.get(user_id) @staticmethod - def auth(provider, data, resp): - oauth_token = resp.get(User.get_provider_value(provider, 'token_name')) - session[provider + "_token"] = (oauth_token, '') + def auth(provider, data, oauth_token): field_map = providers.get(provider).get('field_map') if not field_map: raise NotImplementedError diff --git a/realms/modules/auth/oauth/views.py b/realms/modules/auth/oauth/views.py index b80f00e..7daec3a 100644 --- a/realms/modules/auth/oauth/views.py +++ b/realms/modules/auth/oauth/views.py @@ -29,9 +29,11 @@ def callback(provider): flash('Access denied: %s' % e.message) return redirect(next_url) + oauth_token = resp.get(User.get_provider_value(provider, 'token_name')) + session[provider + "_token"] = (oauth_token, '') profile = User.get_provider_value(provider, 'profile') data = remote_app.get(profile) if profile else resp - User.auth(provider, data, resp) + User.auth(provider, data, oauth_token) return redirect(next_url)