Add approve deny form

duzumaki · duzumaki · commit 9a5bf82f559a · 2025-01-14T16:58:03.000Z
diff --git a/oauth2_provider/templates/oauth2_provider/device/accept_deny.html b/oauth2_provider/templates/oauth2_provider/device/accept_deny.html
@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Accept or Deny</title>
+</head>
+<body>
+    <h1>Please choose an action:</h1>
+    <form method="post">
+        {% csrf_token %}
+        <button type="submit" name="action" value="accept">Accept</button>
+        <button type="submit" name="action" value="deny">Deny</button>
+    </form>
+</body>
+</html>
diff --git a/oauth2_provider/urls.py b/oauth2_provider/urls.py
@@ -13,6 +13,7 @@
     path("introspect/", views.IntrospectTokenView.as_view(), name="introspect"),
     path("device-authorization/", views.DeviceAuthorizationView.as_view(), name="device-authorization"),
     path("device/", views.device_user_code_view, name="device"),
+    path("device-confirm/<str:device_code>", views.device_confirm_view, name="device-confirm"),
 ]
 
 
diff --git a/oauth2_provider/views/device.py b/oauth2_provider/views/device.py
@@ -80,3 +80,24 @@ def device_user_code_view(request):
     return http.HttpResponsePermanentRedirect(
         reverse("oauth2_provider:device-confirm", kwargs={"device_code": device.device_code}), status=308
     )
+
+
+@login_required
+def device_confirm_view(request: http.HttpRequest, device_code: str):
+    device: Device = get_device_model().objects.get(device_code=device_code)
+
+    if device.status in (device.AUTHORIZED, device.DENIED):
+        return http.HttpResponse("Invalid")
+
+    action = request.POST.get("action")
+
+    if action == "accept":
+        device.status = device.AUTHORIZED
+        device.save(update_fields=["status"])
+        return http.HttpResponse("approved")
+    elif action == "deny":
+        device.status = device.DENIED
+        device.save(update_fields=["status"])
+        return http.HttpResponse("deny")
+
+    return render(request, "oauth2_provider/device/accept_deny.html")
diff --git a/tests/app/idp/templates/device/accept_deny.html b/tests/app/idp/templates/device/accept_deny.html
@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Accept or Deny</title>
+</head>
+<body>
+    <h1>Please choose an action:</h1>
+    <form method="post">
+        {% csrf_token %}
+        <button type="submit" name="action" value="accept">Accept</button>
+        <button type="submit" name="action" value="deny">Deny</button>
+    </form>
+</body>
+</html>

Original file line number	Diff line number	Diff line change
`@@ -13,6 +13,7 @@`
`13`	`13`	`path("introspect/", views.IntrospectTokenView.as_view(), name="introspect"),`
`14`	`14`	`path("device-authorization/", views.DeviceAuthorizationView.as_view(), name="device-authorization"),`
`15`	`15`	`path("device/", views.device_user_code_view, name="device"),`
	`16`	`+ path("device-confirm/<str:device_code>", views.device_confirm_view, name="device-confirm"),`
`16`	`17`	`]`
`17`	`18`
`18`	`19`