diff options
author | Stéphane Raimbault <stephane.raimbault@gmail.com> | 2013-05-23 16:28:33 +0200 |
---|---|---|
committer | Stéphane Raimbault <stephane.raimbault@gmail.com> | 2013-05-23 16:41:00 +0200 |
commit | 7adc247d399cd3d90d6692a4f82cb170b2bdc012 (patch) | |
tree | 30d5ce88c140662b8be890be947941048b3f477e | |
parent | 2361afa930088ada30197d1817e0d14a8b8d05fc (diff) | |
download | oauthlib-7adc247d399cd3d90d6692a4f82cb170b2bdc012.tar.gz |
Fix extracting of scope values from POST
Many inputs with same name are stored in a list.
-rw-r--r-- | docs/server2.rst | 2 | ||||
-rw-r--r-- | examples/skeleton_oauth2_web_application_server.py | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/docs/server2.rst b/docs/server2.rst index 2baa81f..3b648e6 100644 --- a/docs/server2.rst +++ b/docs/server2.rst @@ -284,7 +284,7 @@ preview of a near future =) # In almost every case, you will want to include the current # user in these extra credentials in order to associate the user with # the authorization code or bearer token. - return request.POST['scopes'], {'user': request.user} + return request.POST.getlist['scopes'], {'user': request.user} @provider.access_token_view diff --git a/examples/skeleton_oauth2_web_application_server.py b/examples/skeleton_oauth2_web_application_server.py index feb1ed0..e847c4d 100644 --- a/examples/skeleton_oauth2_web_application_server.py +++ b/examples/skeleton_oauth2_web_application_server.py @@ -133,7 +133,7 @@ def authorize(request, scopes=None, client_id=None): def authorization_response(request): # Only return scopes the user actually authorized, i.e. the checked # scope checkboxes from the authorize view. - return request.POST['scopes'], {'user': request.user} + return request.POST.getlist(['scopes']), {'user': request.user} @provider.access_token_view |