From 2abd25b82a7238763a184968eeeb1801ac8b84d3 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Mat=C3=ADas=20Aguirre?= Date: Thu, 5 Jul 2012 01:10:43 -0300 Subject: [PATCH] Add option to avoid redirect_state parameter. Refs #386 --- social_auth/backends/__init__.py | 6 +++++- social_auth/backends/google.py | 1 + 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/social_auth/backends/__init__.py b/social_auth/backends/__init__.py index aa8e215..0171118 100644 --- a/social_auth/backends/__init__.py +++ b/social_auth/backends/__init__.py @@ -660,6 +660,7 @@ class BaseOAuth2(BaseOAuth): RESPONSE_TYPE = 'code' SCOPE_VAR_NAME = None DEFAULT_SCOPE = None + REDIRECT_STATE = True def state_token(self): """Generate csrf token to include as state parameter.""" @@ -667,7 +668,10 @@ class BaseOAuth2(BaseOAuth): def get_redirect_uri(self, state): """Build redirect_uri with redirect_state parameter.""" - return url_add_parameters(self.redirect_uri, {'redirect_state': state}) + uri = self.redirect_uri + if self.REDIRECT_STATE: + uri = url_add_parameters(uri, {'redirect_state': state}) + return uri def auth_url(self): """Return redirect url""" diff --git a/social_auth/backends/google.py b/social_auth/backends/google.py index 295a3db..f3bd90b 100644 --- a/social_auth/backends/google.py +++ b/social_auth/backends/google.py @@ -195,6 +195,7 @@ class GoogleOAuth2(BaseOAuth2): SETTINGS_SECRET_NAME = 'GOOGLE_OAUTH2_CLIENT_SECRET' SCOPE_VAR_NAME = 'GOOGLE_OAUTH_EXTRA_SCOPE' DEFAULT_SCOPE = GOOGLE_OAUTH2_SCOPE + REDIRECT_STATE = False def user_data(self, access_token, *args, **kwargs): """Return user data from Google API""" -- 2.39.5