A set of templates is provided. These templates range from Django Admin Site alternatives to manage the Apps that use your App as a provider, to Error and Authorization Templates.
You can override default templates located in templates/oauth2_provider
folder and provide a custom layout.
To override these templates you just need to create a folder named oauth2_provider
inside your templates folder and, inside this folder, add a file that matches the name of the template you're trying to override.
The templates available are:
If you just want a different look and feel you may only override this template.
To inherit this template just add {% extends "oauth2_provider/base.html" %}
in the first line of the other templates. This is what is done with the default templates.
The blocks defined in it are:
title
inside the HTML title tag;css
inside the head;content
in the body.
Authorize is rendered in :class:`~oauth2_provider.views.base.AuthorizationView` (authorize/
).
This template gets passed the following context variables:
scopes
- :obj:`list` with the scopes requested by the application;
Caution!
See :ref:`settings_default_scopes` to understand what is returned if no scopes are requested.
scopes_descriptions
- :obj:`list` with the descriptions for the scopes requested;application
- An :class:`~oauth2_provider.models.Application` object
Note
If you haven't created your own Application Model (see how in :ref:`extend_app_model`), you will get an :class:`~oauth2_provider.models.AbstractApplication` object.
client_id
- Passed in the URI, already validated.redirect_uri
- Passed in the URI (optional), already validated.
Note
If it wasn't provided on the request, the default one has been set (see :meth:`~oauth2_provider.models.AbstractApplication.default_redirect_uri`).
response_type
- Passed in the URI, already validated.state
- Passed in the URI (optional).form
- An :class:`~oauth2_provider.forms.AllowForm` with all the hidden fields already filled with the values above.
Important
One extra variable, named error
will also be available if an Oauth2 exception occurs.
This variable is a :obj:`dict` with error
and description
Example (this is the default page you may find on templates/oauth2_provider/authorize.html
):
{% extends "oauth2_provider/base.html" %} {% load i18n %} {% block content %} <div class="block-center"> {% if not error %} <form id="authorizationForm" method="post"> <h3 class="block-center-heading">{% trans "Authorize" %} {{ application.name }}?</h3> {% csrf_token %} {% for field in form %} {% if field.is_hidden %} {{ field }} {% endif %} {% endfor %} <p>{% trans "Application requires the following permissions" %}</p> <ul> {% for scope in scopes_descriptions %} <li>{{ scope }}</li> {% endfor %} </ul> {{ form.errors }} {{ form.non_field_errors }} <div class="control-group"> <div class="controls"> <input type="submit" class="btn btn-large" value="Cancel"/> <input type="submit" class="btn btn-large btn-primary" name="allow" value="Authorize"/> </div> </div> </form> {% else %} <h2>Error: {{ error.error }}</h2> <p>{{ error.description }}</p> {% endif %} </div> {% endblock %}
The management templates are Django Admin Site alternatives to manage the Apps.
All templates receive :class:`~oauth2_provider.models.Application` objects.
Note
If you haven't created your own Application Model (see how in :ref:`extend_app_model`), you will get an :class:`~oauth2_provider.models.AbstractApplication` object.
Rendered in :class:`~oauth2_provider.views.base.ApplicationList` (applications/
).
This class inherits :class:`django.views.generic.edit.ListView`.
This template gets passed the following template context variable:
applications
- a :obj:`list` with all the applications, may beNone
.
Rendered in :class:`~oauth2_provider.views.base.ApplicationUpdate` (applications/<pk>/update/
).
This class inherits :class:`django.views.generic.edit.UpdateView`.
This template gets passed the following template context variables:
application
- the :class:`~oauth2_provider.models.Application` object.form
- a :obj:`~django.forms.Form` with the following fields:name
client_id
client_secret
client_type
authorization_grant_type
redirect_uris
Caution!
In the default implementation this template in extended by application_registration_form.html. Be sure to provide the same blocks if you are only overiding this template.
Rendered in :class:`~oauth2_provider.views.base.ApplicationRegistration` (applications/register/
).
This class inherits :class:`django.views.generic.edit.CreateView`.
This template gets passed the following template context variable:
form
- a :obj:`~django.forms.Form` with the following fields:name
client_id
client_secret
client_type
authorization_grant_type
redirect_uris
Note
In the default implementation this template extends application_form.html.
Rendered in :class:`~oauth2_provider.views.base.ApplicationDetail` (applications/<pk>/
).
This class inherits :class:`django.views.generic.edit.DetailView`.
This template gets passed the following template context variable:
application
- the :class:`~oauth2_provider.models.Application` object.
Rendered in :class:`~oauth2_provider.views.base.ApplicationDelete` (applications/<pk>/delete/
).
This class inherits :class:`django.views.generic.edit.DeleteView`.
This template gets passed the following template context variable:
application
- the :class:`~oauth2_provider.models.Application` object.
Important
To override successfully this template you should provide a form that posts to the same URL, example:
<form method="post" action="">
All templates receive :class:`~oauth2_provider.models.AccessToken` objects.
Rendered in :class:`~oauth2_provider.views.base.AuthorizedTokensListView` (authorized_tokens/
).
This class inherits :class:`django.views.generic.edit.ListView`.
This template gets passed the following template context variable:
authorized_tokens
- a :obj:`list` with all the tokens that belong to applications that the user owns, may beNone
.
Important
To override successfully this template you should provide links to revoke the token, example:
<a href="{% url 'oauth2_provider:authorized-token-delete' authorized_token.pk %}">revoke</a>
Rendered in :class:`~oauth2_provider.views.base.AuthorizedTokenDeleteView` (authorized_tokens/<pk>/delete/
).
This class inherits :class:`django.views.generic.edit.DeleteView`.
This template gets passed the following template context variable:
authorized_token
- the :class:`~oauth2_provider.models.AccessToken` object.
Important
To override successfully this template you should provide a form that posts to the same URL, example:
<form method="post" action="">