use correct token endpoint parameters

client_id and state were incorrect
2015-02-02 22:49:20 -08:00 · 2015-02-02 22:49:20 -08:00 · 408bc20956
parent 74de2173c5
commit 408bc20956
1 changed files with 12 additions and 13 deletions
--- a/flask_micropub.py
+++ b/flask_micropub.py
@ -32,6 +32,7 @@ class MicropubClient:
    """
    def __init__(self, app=None, client_id=None):
        self.app = app
+        self.client_id = client_id
        if app is not None:
            self.init_app(app, client_id)

@ -45,6 +46,7 @@ class MicropubClient:
            displayed when the user is asked to authorize this client. If not
            provided, the app name will be used.
        """
+        if not self.client_id:
            if client_id:
                self.client_id = client_id
            else:
@ -87,11 +89,9 @@ class MicropubClient:
            'client_id': self.client_id,
            'redirect_uri': redirect_url,
            'scope': scope,
+            'state': next_url or '',
        }

-        if next_url:
-            auth_params['state'] = next_url
-
        return flask.redirect(
            auth_url + '?' + urlencode(auth_params))

@ -109,7 +109,7 @@ class MicropubClient:
        redirect_uri = flask.url_for(flask.request.endpoint, _external=True)
        access_token = None
        state = flask.request.args.get('state')
-        next_url = state
+        next_url = state if state != '' else None

        if '_micropub_endpoints' in flask.session:
            auth_url, token_url, micropub_url \
@ -124,13 +124,12 @@ class MicropubClient:
                next_url=next_url, error='no authorization endpoint')

        code = flask.request.args.get('code')
-        client_id = ''

        # validate the authorization code
        flask.current_app.logger.debug('Flask-Micropub: checking code against auth url: %s', auth_url)
        response = requests.post(auth_url, data={
            'code': code,
-            'client_id': client_id,
+            'client_id': self.client_id,
            'redirect_uri': redirect_uri,
            'state': state,
        })
@ -166,7 +165,7 @@ class MicropubClient:
            'code': code,
            'me': confirmed_me,
            'redirect_uri': redirect_uri,
-            'client_id': client_id,
+            'client_id': self.client_id,
            'state': state,
        })
        flask.current_app.logger.debug('Flask-Micropub: token response: %d - %s',