From 8c7604ffe00ba95f416a0768fb831deae2313dcb Mon Sep 17 00:00:00 2001 From: Adam Coldrick Date: Fri, 25 Oct 2019 21:43:55 +0100 Subject: [PATCH] Add support for POST requests to /v1/openid/authorize_return Some OpenID providers make a POST request to the `return_to` URL if the query string would be too long. This commit adds support for POST requests to this endpoint. The change in notification_hook.py is to stop attempting to parse the empty string as JSON when receiving this POST request. Change-Id: I34d7032d795a5d36799bffc51864e63e585c6eb1 --- storyboard/api/v1/auth.py | 2 +- storyboard/notifications/notification_hook.py | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/storyboard/api/v1/auth.py b/storyboard/api/v1/auth.py index 2e5fc711..93a347f3 100644 --- a/storyboard/api/v1/auth.py +++ b/storyboard/api/v1/auth.py @@ -37,7 +37,7 @@ class AuthController(rest.RestController): _custom_actions = { "authorize": ["GET"], - "authorize_return": ["GET"], + "authorize_return": ["GET", "POST"], "token": ["POST"], } diff --git a/storyboard/notifications/notification_hook.py b/storyboard/notifications/notification_hook.py index aab541c6..152292fb 100644 --- a/storyboard/notifications/notification_hook.py +++ b/storyboard/notifications/notification_hook.py @@ -88,8 +88,8 @@ class NotificationHook(hooks.PecanHook): # On a POST method, the server has assigned an ID to the resource, # so we should be getting it from the resource rather than the URL. if state.request.method == 'POST': - response_body = json.loads(response.body) - if response_body: + if response.body: + response_body = json.loads(response.body) if not subresource: resource_id = response_body.get('id') elif subresource == 'comment':