X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/c6bf21a9d054f29d788272767b7a77d58fe56aec..9cb8311f02e1bd0e2188e3b1db623400aaf8da47:/app/controllers/oauth_controller.rb diff --git a/app/controllers/oauth_controller.rb b/app/controllers/oauth_controller.rb index 98075b8f8..f70a644cd 100644 --- a/app/controllers/oauth_controller.rb +++ b/app/controllers/oauth_controller.rb @@ -38,7 +38,7 @@ class OauthController < ApplicationController def oauthorize @token = RequestToken.find_by_token params[:oauth_token] - unless @token.invalidated? + unless @token.nil? or @token.invalidated? if request.post? any_auth = false @token.client_application.permissions.each do |pref| @@ -52,9 +52,17 @@ class OauthController < ApplicationController if any_auth @token.authorize!(@user) - redirect_url = params[:oauth_callback] || @token.client_application.callback_url - if redirect_url - redirect_to "#{redirect_url}?oauth_token=#{@token.token}" + if @token.oauth10? + redirect_url = params[:oauth_callback] || @token.client_application.callback_url + else + redirect_url = @token.oob? ? @token.client_application.callback_url : @token.callback_url + end + if redirect_url and not redirect_url.empty? + if @token.oauth10? + redirect_to "#{redirect_url}?oauth_token=#{@token.token}" + else + redirect_to "#{redirect_url}?oauth_token=#{@token.token}&oauth_verifier=#{@token.verifier}" + end else render :action => "authorize_success" end