trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

providers/oauth2: fix misleading name of cors_allow_any 

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#771
This commit is contained in:
Jens Langhammer 2021-04-22 23:29:49 +02:00
parent 82f6c515ea
commit 392d9bb10b
3 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
authentik/providers/oauth2/utils.py
View File

@ -26,8 +26,8 @@ class TokenResponse(JsonResponse):
self["Pragma"] = "no-cache"
def cors_allow_any(request: HttpRequest, response: HttpResponse, *allowed_origins: str):
"""Add headers to permit CORS requests from any origin, with or without credentials,
def cors_allow(request: HttpRequest, response: HttpResponse, *allowed_origins: str):
"""Add headers to permit CORS requests from allowed_origins, with or without credentials,
with any headers."""
origin = request.META.get("HTTP_ORIGIN")
if not origin:

4
authentik/providers/oauth2/views/provider.py
View File

@ -19,7 +19,7 @@ from authentik.providers.oauth2.models import (
ResponseTypes,
ScopeMapping,
)
from authentik.providers.oauth2.utils import cors_allow_any
from authentik.providers.oauth2.utils import cors_allow
LOGGER = get_logger()
@ -112,5 +112,5 @@ class ProviderInfoView(View):
OAuth2Provider, pk=application.provider_id
)
response = super().dispatch(request, *args, **kwargs)
cors_allow_any(request, response, *self.provider.redirect_uris.split("\n"))
cors_allow(request, response, *self.provider.redirect_uris.split("\n"))
return response

4
authentik/providers/oauth2/views/userinfo.py
View File

@ -14,7 +14,7 @@ from authentik.providers.oauth2.constants import (
SCOPE_GITHUB_USER_READ,
)
from authentik.providers.oauth2.models import RefreshToken, ScopeMapping
from authentik.providers.oauth2.utils import TokenResponse, cors_allow_any
from authentik.providers.oauth2.utils import TokenResponse, cors_allow
LOGGER = get_logger()
@ -88,7 +88,7 @@ class UserInfoView(View):
allowed_origins = []
if self.token:
allowed_origins = self.token.provider.redirect_uris.split("\n")
cors_allow_any(self.request, response, *allowed_origins)
cors_allow(self.request, response, *allowed_origins)
return response
def options(self, request: HttpRequest) -> HttpResponse: