[FIX] auth_oauth: improve method _auth_oauth_signin
bzr revid: rco@openerp.com-20121126104251-j6355zk91f468y5y
This commit is contained in:
parent
c15ca7dbe9
commit
867a84c3f8
|
@ -47,21 +47,21 @@ class res_users(osv.Model):
|
||||||
|
|
||||||
def _auth_oauth_signin(self, cr, uid, provider, validation, params, context=None):
|
def _auth_oauth_signin(self, cr, uid, provider, validation, params, context=None):
|
||||||
""" retrieve and sign in the user corresponding to provider and validated access token
|
""" retrieve and sign in the user corresponding to provider and validated access token
|
||||||
:param provider: oauth provider id
|
:param provider: oauth provider id (int)
|
||||||
:param validation: result of validation of access token (dict)
|
:param validation: result of validation of access token (dict)
|
||||||
:param params: oauth parameters (dict)
|
:param params: oauth parameters (dict)
|
||||||
:return: login or None
|
:return: user login (str)
|
||||||
|
|
||||||
This method can be overridden to add alternative signin methods.
|
This method can be overridden to add alternative signin methods.
|
||||||
"""
|
"""
|
||||||
oauth_uid = validation['user_id']
|
oauth_uid = validation['user_id']
|
||||||
user_ids = self.search(cr, uid, [("oauth_uid", "=", oauth_uid), ('oauth_provider_id', '=', provider)])
|
user_ids = self.search(cr, uid, [("oauth_uid", "=", oauth_uid), ('oauth_provider_id', '=', provider)])
|
||||||
if user_ids:
|
if not user_ids:
|
||||||
assert len(user_ids) == 1
|
raise openerp.exceptions.AccessDenied()
|
||||||
user = self.browse(cr, uid, user_ids[0], context=context)
|
assert len(user_ids) == 1
|
||||||
user.write({'oauth_access_token': access_token})
|
user = self.browse(cr, uid, user_ids[0], context=context)
|
||||||
return user.login
|
user.write({'oauth_access_token': params['access_token']})
|
||||||
return None
|
return user.login
|
||||||
|
|
||||||
def auth_oauth(self, cr, uid, provider, params, context=None):
|
def auth_oauth(self, cr, uid, provider, params, context=None):
|
||||||
# Advice by Google (to avoid Confused Deputy Problem)
|
# Advice by Google (to avoid Confused Deputy Problem)
|
||||||
|
|
Loading…
Reference in New Issue