Revision 8c7e1398

b/snf-pithos-app/pithos/api/util.py
34 34
from functools import wraps
35 35
from datetime import datetime
36 36
from urllib import quote, unquote, urlencode
37
from urlparse import urlunsplit, urlsplit, parse_qsl
37 38

  
38 39
from django.http import (HttpResponse, Http404, HttpResponseRedirect,
39 40
                         HttpResponseNotAllowed)
......
1196 1197
                client_id, client_secret = OAUTH2_CLIENT_CREDENTIALS
1197 1198
                # TODO: check if client credentials are not set
1198 1199
                authorization_code = request.GET.get('code')
1200
                redirect_uri = unquote(request.build_absolute_uri(
1201
                    request.get_full_path()))
1199 1202
                if authorization_code is None:
1200 1203
                    # request authorization code
1201 1204
                    params = {'response_type': 'code',
1202 1205
                              'client_id': client_id,
1203
                              'redirect_uri':
1204
                              request.build_absolute_uri(request.path),
1206
                              'redirect_uri': redirect_uri,
1205 1207
                              'state': '',  # TODO include state for security
1206 1208
                              'scope': requested_resource}
1207 1209
                    return HttpResponseRedirect('%s?%s' %
......
1210 1212
                                                 urlencode(params)))
1211 1213
                else:
1212 1214
                    # request short-term access token
1213
                    redirect_uri = request.build_absolute_uri(request.path)
1215
                    parts = list(urlsplit(redirect_uri))
1216
                    params = dict(parse_qsl(parts[3], keep_blank_values=True))
1217
                    if 'code' in params:  # always True
1218
                        del params['code']
1219
                    if 'state' in params:
1220
                        del params['state']
1221
                    parts[3] = urlencode(params)
1222
                    redirect_uri = urlunsplit(parts)
1214 1223
                    data = astakos.get_token('authorization_code',
1215 1224
                                             *OAUTH2_CLIENT_CREDENTIALS,
1216 1225
                                             redirect_uri=redirect_uri,
1217 1226
                                             scope=requested_resource,
1218 1227
                                             code=authorization_code)
1219
                    params = {'access_token': data.get('access_token', '')}
1220
                    return HttpResponseRedirect('%s?%s' % (redirect_uri,
1221
                                                           urlencode(params)))
1228
                    params['access_token'] = data.get('access_token', '')
1229
                    parts[3] = urlencode(params)
1230
                    redirect_uri = urlunsplit(parts)
1231
                    return HttpResponseRedirect(redirect_uri)
1222 1232
            except AstakosClientException, err:
1223 1233
                logger.exception(err)
1224 1234
                raise PermissionDenied

Also available in: Unified diff