diff --git a/awx/api/authentication.py b/awx/api/authentication.py index 9dfb883ac3..0bd7f52f37 100644 --- a/awx/api/authentication.py +++ b/awx/api/authentication.py @@ -11,7 +11,7 @@ from django.utils.encoding import smart_text # Django REST Framework from rest_framework import authentication -# Django OAuth Toolkit +# Django-OAuth-Toolkit from oauth2_provider.contrib.rest_framework import OAuth2Authentication logger = logging.getLogger('awx.api.authentication') @@ -48,7 +48,7 @@ class LoggedOAuth2Authentication(OAuth2Authentication): user, token = ret username = user.username if user else '' logger.info(smart_text( - u"User {} performed a {} to {} through the API using OAuth token {}.".format( + u"User {} performed a {} to {} through the API using OAuth 2 token {}.".format( username, request.method, request.path, token.pk ) )) diff --git a/docs/auth/oauth.md b/docs/auth/oauth.md index 3da2fa2c8f..f40e2217da 100644 --- a/docs/auth/oauth.md +++ b/docs/auth/oauth.md @@ -231,10 +231,10 @@ implies 'read' as well. ## Application Functions -This page lists OAuth utility endpoints used for authorization, token refresh and revoke. +This page lists OAuth 2 utility endpoints used for authorization, token refresh and revoke. Note endpoints other than `/api/o/authorize/` are not meant to be used in browsers and do not support HTTP GET. The endpoints here strictly follow -[RFC specs for OAuth2](https://tools.ietf.org/html/rfc6749), so please use that for detailed +[RFC specs for OAuth 2](https://tools.ietf.org/html/rfc6749), so please use that for detailed reference. The `implicit` grant type can only be used to acquire a access token if the user is already logged in via session authentication, as that confirms that the user is authorized to create an access token. Here we give some examples to demonstrate the typical usage of these endpoints in AWX context (Note AWX net location default to `http://localhost:8013` in examples): @@ -434,7 +434,7 @@ at /api/v2/tokens/. ## Acceptance Criteria * All CRUD operations for OAuth 2 applications and tokens should function as described. -* RBAC rules applied to OAuth applications and tokens should behave as described. +* RBAC rules applied to OAuth 2 applications and tokens should behave as described. * A default application should be auto-created for each new user. * Incoming requests using unexpired OAuth 2 token correctly in authentication header should be able to successfully authenticate themselves.