Merge pull request #379 from poswald/docs-application-urls

Change documentation for the Application urls

Author: poswald

docs/advanced_topics.rst

@@ -55,9 +55,9 @@ That's all, now Django OAuth Toolkit will use your model wherever an Application
 Skip authorization form
 =======================
 
-Depending on the OAuth2 flow in use and the access token policy, users might be prompted  for the
-same authorization multiple times: sometimes this is acceptable or even desiderable but other it isn't.
-To control DOT behaviour you can use `approval_prompt` parameter when hitting the authorization endpoint.
+Depending on the OAuth2 flow in use and the access token policy, users might be prompted for the
+same authorization multiple times: sometimes this is acceptable or even desirable but other times it isn't.
+To control DOT behaviour you can use the `approval_prompt` parameter when hitting the authorization endpoint.
 Possible values are:
 
 * `force` - users are always prompted for authorization.

docs/contributing.rst

@@ -47,7 +47,7 @@ of the pull request.
 Pull upstream changes into your fork regularly
 ==============================================
 
-It's a good practice to pull upstream changes from master into your fork on a regular basis, infact if you work on
+It's a good practice to pull upstream changes from master into your fork on a regular basis, in fact if you work on
 outdated code and your changes diverge too far from master, the pull request has to be rejected.
 
 To pull in upstream changes::
@@ -85,7 +85,7 @@ Add the tests!
 --------------
 
 Whenever you add code, you have to add tests as well. We cannot accept untested code, so unless it is a peculiar
-situation you previously discussed with the core commiters, if your pull request reduces the test coverage it will be
+situation you previously discussed with the core committers, if your pull request reduces the test coverage it will be
 **immediately rejected**.
 
 Code conventions matter

docs/tutorial/tutorial_02.rst

@@ -34,14 +34,44 @@ URL this view will respond to:
 
 .. code-block:: python
 
+    from django.conf.urls import patterns, url
+    import oauth2_provider.views as oauth2_views
+    from django.conf import settings
     from .views import ApiEndpoint
 
-    urlpatterns = patterns(
-        '',
+    # OAuth2 provider endpoints
+    oauth2_endpoint_views = [
+        url(r'^authorize/$', oauth2_views.AuthorizationView.as_view(), name="authorize"),
+        url(r'^token/$', oauth2_views.TokenView.as_view(), name="token"),
+        url(r'^revoke-token/$', oauth2_views.RevokeTokenView.as_view(), name="revoke-token"),
+    ]
+
+    if settings.DEBUG:
+        # OAuth2 Application Management endpoints
+        oauth2_endpoint_views += [
+            url(r'^applications/$', oauth2_views.ApplicationList.as_view(), name="list"),
+            url(r'^applications/register/$', oauth2_views.ApplicationRegistration.as_view(), name="register"),
+            url(r'^applications/(?P<pk>\d+)/$', oauth2_views.ApplicationDetail.as_view(), name="detail"),
+            url(r'^applications/(?P<pk>\d+)/delete/$', oauth2_views.ApplicationDelete.as_view(), name="delete"),
+            url(r'^applications/(?P<pk>\d+)/update/$', oauth2_views.ApplicationUpdate.as_view(), name="update"),
+        ]
+
+        # OAuth2 Token Management endpoints
+        oauth2_endpoint_views += [
+            url(r'^authorized-tokens/$', oauth2_views.AuthorizedTokensListView.as_view(), name="authorized-token-list"),
+            url(r'^authorized-tokens/(?P<pk>\d+)/delete/$', oauth2_views.AuthorizedTokenDeleteView.as_view(),
+                name="authorized-token-delete"),
+        ]
+
+    urlpatterns = [
+        # OAuth 2 endpoints:
+        url(r'^o/', include(oauth2_endpoint_views, namespace="oauth2_provider")),
+
         url(r'^admin/', include(admin.site.urls)),
-        url(r'^o/', include('oauth2_provider.urls', namespace='oauth2_provider')),  # look ma, I'm a provider!
-        url(r'^api/hello', ApiEndpoint.as_view()),  # and also a resource server!
-    )
+        url(r'^api/hello', ApiEndpoint.as_view()),  # an example resource endpoint
+    ]
+
+You will probably want to write your own application views to deal with permissions and access control but the ones packaged with the library can get you started when developing the app.
 
 Since we inherit from `ProtectedResourceView`, we're done and our API is OAuth2 protected - for the sake of the lazy
 programmer.
@@ -51,7 +81,7 @@ Testing your API
 Time to make requests to your API.
 
 For a quick test, try accessing your app at the url `/api/hello` with your browser
-and verify that it reponds with a `403` (in fact no `HTTP_AUTHORIZATION` header was provided).
+and verify that it responds with a `403` (in fact no `HTTP_AUTHORIZATION` header was provided).
 You can test your API with anything that can perform HTTP requests, but for this tutorial you can use the online
 `consumer client <http://django-oauth-toolkit.herokuapp.com/consumer/client>`_.
 Just fill the form with the URL of the API endpoint (i.e. http://localhost:8000/api/hello if you're on localhost) and