Skip to content
Snippets Groups Projects
Commit 883301c8 authored by Julian's avatar Julian
Browse files

Fix for 45d4598e (Replace flask_oauthlib with plain oauthlib)

45d4598e accidentally removed the OAuth2.0 access permission check based on
Client.required_group. This change adds it again.
parent 45d4598e
Branches
Tags
No related merge requests found
......@@ -175,6 +175,8 @@ def authorize():
# Here we would normally ask the user, if he wants to give the requesting
# service access to his data. Since we only have trusted services (the
# clients defined in the server config), we don't ask for consent.
if not client.access_allowed(credentials['user']):
raise oauthlib.oauth2.rfc6749.errors.AccessDeniedError('User is not permitted to authenticate with this service.')
session['oauth2-clients'] = session.get('oauth2-clients', [])
if client.client_id not in session['oauth2-clients']:
session['oauth2-clients'].append(client.client_id)
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment