#68 Improve OAuth implementation

FAForever · May 29, 2017 · bad443d · bad443d
1 parent ab131ff
commit bad443d
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 12 deletions.
diff --git a/...forever/api/security/OAuthController.java → ...api/security/OAuthApprovalController.java b/...forever/api/security/OAuthController.java → ...api/security/OAuthApprovalController.java
@@ -17,10 +17,10 @@
 @Controller
 @RequestMapping("/oauth")
 @SessionAttributes("authorizationRequest")
-public class OAuthController {
+public class OAuthApprovalController {
   private OAuthClientRepository oAuthClientRepository;
 
-  public OAuthController(OAuthClientRepository oAuthClientRepository) {
+  public OAuthApprovalController(OAuthClientRepository oAuthClientRepository) {
     this.oAuthClientRepository = oAuthClientRepository;
   }
 

diff --git a/src/main/java/com/faforever/api/security/OAuthClientDetails.java b/src/main/java/com/faforever/api/security/OAuthClientDetails.java
@@ -11,11 +11,11 @@ public class OAuthClientDetails extends BaseClientDetails {
 
   public OAuthClientDetails(OAuthClient oAuthClient) {
     super(oAuthClient.getId(),
-        null,
-        oAuthClient.getDefaultScope().replace(' ', ','),
-        // FIXME read from database instead of hardcoding (but DB migration is required) #68
-        "authorization_code,refresh_token,implicit,password,client_credentials",
-        null);
+      null,
+      oAuthClient.getDefaultScope().replace(' ', ','),
+      "authorization_code,refresh_token,implicit,password,client_credentials",
+      null,
+      oAuthClient.getRedirectUris());
     setClientSecret(oAuthClient.getClientSecret());
   }
 }
diff --git a/src/main/resources/templates/oauth_confirm_access.html b/src/main/resources/templates/oauth_confirm_access.html
@@ -98,7 +98,6 @@
       border-bottom: 1px solid #ccc;
       padding: 1.5em 0;
       list-style-type: none;
-      list-style-type: none;
       -webkit-padding-start: 1em;
       -ms-padding-start: 1em;
       -moz-padding-start: 1em;
@@ -132,12 +131,12 @@ <h2>
   <input name='user_oauth_approval' value='false' type='hidden'/>
   <div class="button-bar">
     <form id='confirmationForm' name='confirmationForm' action='/oauth/authorize' method='post'>
-      <input name='user_oauth_approval' value='true' type='hidden'/>
-      <input name="authorize" value="Authorize" type="submit" class="button"/>
+      <input name='user_oauth_approval' value='false' type='hidden'/>
+      <input name="deny" value="Deny" type="submit" class="button"/>
     </form>
     <form id='denialForm' name='denialForm' action='/oauth/authorize' method='post'>
-      <input name='user_oauth_approval' value='false' type='hidden'/>
-      <input name="deny" value="Deny" type="submit" class="button allow-submit"/>
+      <input name='user_oauth_approval' value='true' type='hidden'/>
+      <input name="authorize" value="Authorize" type="submit" class="button allow-submit"/>
     </form>
   </div>
 </div>