diff options
author | Andrew Godwin | 2022-12-11 00:25:48 -0700 |
---|---|---|
committer | Andrew Godwin | 2022-12-12 11:56:49 -0700 |
commit | 3e062aed360ca54c26733b175d00d0d4671f3591 (patch) | |
tree | 6109169ac8886a4e38cf0e9816e56e74417a5ade /api/views/oauth.py | |
parent | 1017c71ba1d80a1690e357a938ad46f246a456ae (diff) | |
download | takahe-3e062aed360ca54c26733b175d00d0d4671f3591.tar.gz takahe-3e062aed360ca54c26733b175d00d0d4671f3591.tar.bz2 takahe-3e062aed360ca54c26733b175d00d0d4671f3591.zip |
Timelines working
Diffstat (limited to 'api/views/oauth.py')
-rw-r--r-- | api/views/oauth.py | 4 |
1 files changed, 0 insertions, 4 deletions
diff --git a/api/views/oauth.py b/api/views/oauth.py index 6be2778..b97ce5a 100644 --- a/api/views/oauth.py +++ b/api/views/oauth.py @@ -66,7 +66,6 @@ class AuthorizationView(LoginRequiredMixin, TemplateView): class TokenView(View): def post(self, request): grant_type = request.POST["grant_type"] - scopes = set(self.request.POST.get("scope", "read").split()) try: application = Application.objects.get( client_id=self.request.POST["client_id"] @@ -84,9 +83,6 @@ class TokenView(View): token = Token.objects.get(code=code, application=application) except Token.DoesNotExist: return JsonResponse({"error": "invalid_code"}, status=400) - # Verify the scopes match the token - if scopes != set(token.scopes): - return JsonResponse({"error": "invalid_scope"}, status=400) # Update the token to remove its code token.code = None token.save() |