From f09c5b5edb19ca8cf9f7dd2d9b6bb17b408870d8 Mon Sep 17 00:00:00 2001
From: Julian Rother <julianr@fsmpi.rwth-aachen.de>
Date: Sat, 31 Oct 2020 01:16:11 +0100
Subject: [PATCH] Disabled exceptions for non-HTTPS

---
 app.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app.py b/app.py
index 04c09f1..9f7579c 100644
--- a/app.py
+++ b/app.py
@@ -13,6 +13,8 @@ def create_app(test_config=None):
 		app.config.from_pyfile('config.py', silent=True)
 	else:
 		app.config.from_mapping(test_config)
+	# oauthlib enforces the OAuth2.0 requirement to use HTTPS, when this is not set
+	os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1' # That behaviour sucks, so disable it
 
 	@app.route("/auth")
 	def auth():
@@ -87,7 +89,5 @@ a valid redirect_uri for the client_id.
 	return app
 
 if __name__ == '__main__':
-	# oauthlib enforces the OAuth2.0 requirement to use HTTPS, when this is not set
-	os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1' # Don't do that in production!
 	testapp = create_app()
 	testapp.run(debug=True, host='localhost', port=5002)
-- 
GitLab