Documentation on skip_authorization

[lakshaykc]

I'm trying to use skip_authorization=True as mentioned in the documentation page. The document says, "To this end, you have to set skip_authorization = True on the Application model, either programmaticaly or within the Django admin". It is unclear how to implement this. I don't want to skip authorization of the django login as that is the primary entry point for a user.

In this PR, skip_authorization_completely=True was added to the class AuthorizationView but it seems like the code has changed since then and only application.skip_authorization is used. Can anyone explain where is that set in the django app?

I understand that I can change the default to True in models.py (skip_authorization = models.BooleanField(default=False)) but I'm curious if I can do it through a setting in the django app itself.

[medmunds]

@lakshaykc you can set the skip_authorization option on a particular DOT Application in Django's admin interface. Go to https://<your-django-site>/admin/oauth2_provider/application/, click into the DOT application you want to change, enable the "Skip authorization" checkbox toward the bottom, and then save your change.

I don't want to skip authorization of the django login as that is the primary entry point for a user

Understandably. No worries, it works the way you want.

End users have to be logged in ("authenticated") to your Django app before DOT's AuthorizationView will issue a token to ("authorize") an OAuth2 client application for that user. AuthorizationView always redirects to Django's login form if the user isn't already authenticated.

Put another way, Application.skip_authorization doesn't skip the Django authentication login step. It skips the separate OAuth2 authorization step that asks a user if they want to "Authorize DOT Application name? It requires the following permissions... [Cancel] [Authorize]"

[waxlamp]

In my project I'm able to set this via the admin console as suggested. But I'm wondering how to set it programmatically. Is there a setting I can put in code to turn this on/off per project?

[medmunds]

@waxlamp to control this programmatically, set the skip_authorization property on the oauth2_provider Application model for the particular client app you want to change.

[waxlamp]

@waxlamp to control this programmatically, set the skip_authorization property on the oauth2_provider Application model for the particular client app you want to change.

Thanks!

[MatsKeWorks]

Also, please rename this to skip_consent, since we are stil authorizing and only skipping consent.

Not aware on the impact of this, willing to contribute.

[dopry]

It seems like the OP's request has been answered.

@MatsKeWorks, feel free to submit a PR. It could be as simple as a new label without renaming the underlying field or renaming the field on the model.