remove implicit grant type for OAuth 2 apps

This commit is contained in:
Christian Adams
2019-05-28 14:22:57 -04:00
parent 41f2b83ae2
commit cb279843d2
7 changed files with 28 additions and 97 deletions

View File

@@ -1108,7 +1108,7 @@ class UserAuthorizedTokenSerializer(BaseOAuth2TokenSerializer):
)
obj = super(UserAuthorizedTokenSerializer, self).create(validated_data)
obj.save()
if obj.application and obj.application.authorization_grant_type != 'implicit':
if obj.application:
RefreshToken.objects.create(
user=current_user,
token=generate_token(),
@@ -1130,7 +1130,7 @@ class OAuth2TokenSerializer(BaseOAuth2TokenSerializer):
if obj.application and obj.application.user:
obj.user = obj.application.user
obj.save()
if obj.application and obj.application.authorization_grant_type != 'implicit':
if obj.application:
RefreshToken.objects.create(
user=current_user,
token=generate_token(),