A set of templates is provided. These templates range from Django Admin Site alternatives to manage the Apps that use your App as a provider, to Error and Authorization Templates.
You can override default templates located in templates/oauth2_provider
folder and provide a custom layout. To override these templates you just need to create a folder named oauth2_provider
inside your templates folder and, inside this folder, add a file that matches the name of the template you're trying to override.
The templates available are:
If you just want a different look and feel you may only override this template. To inherit this template just add {% extends "oauth2_provider/base.html" %}
in the first line of the other templates. This is what is done with the default templates.
The blocks defined in it are:
title
inside the HTML title tag;css
inside the head;content
in the body.
Authorize is rendered in ~oauth2_provider.views.base.AuthorizationView
(authorize/
).
This template gets passed the following context variables:
scopes
-list
with the scopes requested by the application;
Caution
See settings_default_scopes
to understand what is returned if no scopes are requested.
scopes_descriptions
-list
with the descriptions for the scopes requested;application
- An~oauth2_provider.models.Application
object
Note
If you haven't created your own Application Model (see how in extend_app_model
), you will get an ~oauth2_provider.models.AbstractApplication
object.
client_id
- Passed in the URI, already validated.redirect_uri
- Passed in the URI (optional), already validated.
Note
If it wasn't provided on the request, the default one has been set (see ~oauth2_provider.models.AbstractApplication.default_redirect_uri
).
response_type
- Passed in the URI, already validated.state
- Passed in the URI (optional).form
- An~oauth2_provider.forms.AllowForm
with all the hidden fields already filled with the values above.
Important
One extra variable, named error
will also be available if an Oauth2 exception occurs. This variable is a dict
with error
and description
Example (this is the default page you may find on templates/oauth2_provider/authorize.html
): :
{% extends "oauth2_provider/base.html" %}
{% load i18n %}
{% block content %}
<div class="block-center">
{% if not error %}
<form id="authorizationForm" method="post">
<h3 class="block-center-heading">{% trans "Authorize" %} {{ application.name }}?</h3>
{% csrf_token %}
{% for field in form %}
{% if field.is_hidden %}
{{ field }}
{% endif %}
{% endfor %}
<p>{% trans "Application requires the following permissions" %}</p>
<ul>
{% for scope in scopes_descriptions %}
<li>{{ scope }}</li>
{% endfor %}
</ul>
{{ form.errors }}
{{ form.non_field_errors }}
<div class="control-group">
<div class="controls">
<input type="submit" class="btn btn-large" value="Cancel"/>
<input type="submit" class="btn btn-large btn-primary" name="allow" value="Authorize"/>
</div>
</div>
</form>
{% else %}
<h2>Error: {{ error.error }}</h2>
<p>{{ error.description }}</p>
{% endif %}
</div>
{% endblock %}
The management templates are Django Admin Site alternatives to manage the Apps.
All templates receive ~oauth2_provider.models.Application
objects.
Note
If you haven't created your own Application Model (see how in extend_app_model
), you will get an ~oauth2_provider.models.AbstractApplication
object.
Rendered in ~oauth2_provider.views.base.ApplicationList
(applications/
). This class inherits django.views.generic.edit.ListView
.
This template gets passed the following template context variable:
applications
- alist
with all the applications, may beNone
.
Rendered in ~oauth2_provider.views.base.ApplicationUpdate
(applications/<pk>/update/
). This class inherits django.views.generic.edit.UpdateView
.
This template gets passed the following template context variables:
application
- the~oauth2_provider.models.Application
object.form
- a~django.forms.Form
with the following fields:name
client_id
client_secret
client_type
authorization_grant_type
redirect_uris
Caution
In the default implementation this template in extended by application_registration_form.html. Be sure to provide the same blocks if you are only overriding this template.
Rendered in ~oauth2_provider.views.base.ApplicationRegistration
(applications/register/
). This class inherits django.views.generic.edit.CreateView
.
This template gets passed the following template context variable:
form
- a~django.forms.Form
with the following fields:name
client_id
client_secret
client_type
authorization_grant_type
redirect_uris
Note
In the default implementation this template extends application_form.html.
Rendered in ~oauth2_provider.views.base.ApplicationDetail
(applications/<pk>/
). This class inherits django.views.generic.edit.DetailView
.
This template gets passed the following template context variable:
application
- the~oauth2_provider.models.Application
object.
Rendered in ~oauth2_provider.views.base.ApplicationDelete
(applications/<pk>/delete/
). This class inherits django.views.generic.edit.DeleteView
.
This template gets passed the following template context variable:
application
- the~oauth2_provider.models.Application
object.
Important
To override successfully this template you should provide a form that posts to the same URL, example: <form method="post" action="">
All templates receive ~oauth2_provider.models.AccessToken
objects.
Rendered in ~oauth2_provider.views.base.AuthorizedTokensListView
(authorized_tokens/
). This class inherits django.views.generic.edit.ListView
.
This template gets passed the following template context variable:
authorized_tokens
- alist
with all the tokens that belong to applications that the user owns, may beNone
.
Important
To override successfully this template you should provide links to revoke the token, example: <a href="{% url 'oauth2_provider:authorized-token-delete' authorized_token.pk %}">revoke</a>
Rendered in ~oauth2_provider.views.base.AuthorizedTokenDeleteView
(authorized_tokens/<pk>/delete/
). This class inherits django.views.generic.edit.DeleteView
.
This template gets passed the following template context variable:
authorized_token
- the~oauth2_provider.models.AccessToken
object.
Important
To override successfully this template you should provide a form that posts to the same URL, example: <form method="post" action="">