diff --git a/apps/authentication/backends/oauth2/backends.py b/apps/authentication/backends/oauth2/backends.py index 0c40d09bd..16a617b16 100644 --- a/apps/authentication/backends/oauth2/backends.py +++ b/apps/authentication/backends/oauth2/backends.py @@ -98,16 +98,19 @@ class OAuth2Backend(JMSModelBackend): access_token_url = '{url}{separator}{query}'.format( url=settings.AUTH_OAUTH2_ACCESS_TOKEN_ENDPOINT, separator=separator, query=urlencode(query_dict) ) + # token_method -> get, post(post_data), post_json token_method = settings.AUTH_OAUTH2_ACCESS_TOKEN_METHOD.lower() - requests_func = getattr(requests, token_method, requests.get) logger.debug(log_prompt.format('Call the access token endpoint[method: %s]' % token_method)) headers = { 'Accept': 'application/json' } - if token_method == 'post': - access_token_response = requests_func(access_token_url, headers=headers, data=query_dict) + if token_method.startswith('post'): + body_key = 'json' if token_method.endswith('json') else 'data' + access_token_response = requests.post( + access_token_url, headers=headers, **{body_key: query_dict} + ) else: - access_token_response = requests_func(access_token_url, headers=headers) + access_token_response = requests.get(access_token_url, headers=headers) try: access_token_response.raise_for_status() access_token_response_data = access_token_response.json() diff --git a/apps/settings/serializers/auth/oauth2.py b/apps/settings/serializers/auth/oauth2.py index 56ddd6a66..b5a0dbb62 100644 --- a/apps/settings/serializers/auth/oauth2.py +++ b/apps/settings/serializers/auth/oauth2.py @@ -43,7 +43,7 @@ class OAuth2SettingSerializer(serializers.Serializer): ) AUTH_OAUTH2_ACCESS_TOKEN_METHOD = serializers.ChoiceField( default='GET', label=_('Client authentication method'), - choices=(('GET', 'GET'), ('POST', 'POST')) + choices=(('GET', 'GET'), ('POST', 'POST-DATA'), ('POST_JSON', 'POST-JSON')) ) AUTH_OAUTH2_PROVIDER_USERINFO_ENDPOINT = serializers.CharField( required=True, max_length=1024, label=_('Provider userinfo endpoint')