From 3e062aed360ca54c26733b175d00d0d4671f3591 Mon Sep 17 00:00:00 2001
From: Andrew Godwin
Date: Sun, 11 Dec 2022 00:25:48 -0700
Subject: Timelines working

---
 api/views/oauth.py | 4 ----
 1 file changed, 4 deletions(-)

(limited to 'api/views/oauth.py')

diff --git a/api/views/oauth.py b/api/views/oauth.py
index 6be2778..b97ce5a 100644
--- a/api/views/oauth.py
+++ b/api/views/oauth.py
@@ -66,7 +66,6 @@ class AuthorizationView(LoginRequiredMixin, TemplateView):
 class TokenView(View):
     def post(self, request):
         grant_type = request.POST["grant_type"]
-        scopes = set(self.request.POST.get("scope", "read").split())
         try:
             application = Application.objects.get(
                 client_id=self.request.POST["client_id"]
@@ -84,9 +83,6 @@ class TokenView(View):
                 token = Token.objects.get(code=code, application=application)
             except Token.DoesNotExist:
                 return JsonResponse({"error": "invalid_code"}, status=400)
-            # Verify the scopes match the token
-            if scopes != set(token.scopes):
-                return JsonResponse({"error": "invalid_scope"}, status=400)
             # Update the token to remove its code
             token.code = None
             token.save()
-- 
cgit v1.2.3