From 549d6e6909de067c7efaf8a17563ec3eebb28ec8 Mon Sep 17 00:00:00 2001
From: Aaron Romeo <aaron.romeo@gmail.com>
Date: Tue, 25 Feb 2014 15:54:14 -0500
Subject: [PATCH 1/2] Created a setting for the default value for approval
 prompt.

---
 oauth2_provider/settings.py                   |  1 +
 .../tests/test_authorization_code.py          | 44 +++++++++++++++++++
 oauth2_provider/views/base.py                 |  2 +-
 requirements/testing.txt                      |  3 +-
 4 files changed, 48 insertions(+), 2 deletions(-)

diff --git a/oauth2_provider/settings.py b/oauth2_provider/settings.py
index 8e01ec575..89cb0d812 100644
--- a/oauth2_provider/settings.py
+++ b/oauth2_provider/settings.py
@@ -35,6 +35,7 @@
     'AUTHORIZATION_CODE_EXPIRE_SECONDS': 60,
     'ACCESS_TOKEN_EXPIRE_SECONDS': 36000,
     'APPLICATION_MODEL': getattr(settings, 'OAUTH2_PROVIDER_APPLICATION_MODEL', 'oauth2_provider.Application'),
+    'REQUEST_APPROVAL_PROMPT': 'force',
 
     # Special settings that will be evaluated at runtime
     '_SCOPES': [],
diff --git a/oauth2_provider/tests/test_authorization_code.py b/oauth2_provider/tests/test_authorization_code.py
index a4f3b90f0..27d771bfc 100644
--- a/oauth2_provider/tests/test_authorization_code.py
+++ b/oauth2_provider/tests/test_authorization_code.py
@@ -118,6 +118,50 @@ def test_pre_auth_approval_prompt(self):
         response = self.client.get(url)
         self.assertEqual(response.status_code, 200)
 
+    def test_pre_auth_approval_prompt_default(self):
+        """
+
+        """
+        self.assertEqual(oauth2_settings.REQUEST_APPROVAL_PROMPT, 'force')
+
+        AccessToken.objects.create(user=self.test_user, token='1234567890',
+                                   application=self.application,
+                                   expires=timezone.now()+datetime.timedelta(days=1),
+                                   scope='read write')
+        self.client.login(username="test_user", password="123456")
+        query_string = urlencode({
+            'client_id': self.application.client_id,
+            'response_type': 'code',
+            'state': 'random_state_string',
+            'scope': 'read write',
+            'redirect_uri': 'http://example.it',
+        })
+        url = "{url}?{qs}".format(url=reverse('oauth2_provider:authorize'), qs=query_string)
+        response = self.client.get(url)
+        self.assertEqual(response.status_code, 200)
+
+    def test_pre_auth_approval_prompt_default_override(self):
+        """
+
+        """
+        oauth2_settings.REQUEST_APPROVAL_PROMPT = 'auto'
+
+        AccessToken.objects.create(user=self.test_user, token='1234567890',
+                                   application=self.application,
+                                   expires=timezone.now()+datetime.timedelta(days=1),
+                                   scope='read write')
+        self.client.login(username="test_user", password="123456")
+        query_string = urlencode({
+            'client_id': self.application.client_id,
+            'response_type': 'code',
+            'state': 'random_state_string',
+            'scope': 'read write',
+            'redirect_uri': 'http://example.it',
+        })
+        url = "{url}?{qs}".format(url=reverse('oauth2_provider:authorize'), qs=query_string)
+        response = self.client.get(url)
+        self.assertEqual(response.status_code, 302)
+
     def test_pre_auth_default_redirect(self):
         """
         Test for default redirect uri if omitted from query string with response_type: code
diff --git a/oauth2_provider/views/base.py b/oauth2_provider/views/base.py
index f7ba989a5..e56ffa3dc 100644
--- a/oauth2_provider/views/base.py
+++ b/oauth2_provider/views/base.py
@@ -116,7 +116,7 @@ def get(self, request, *args, **kwargs):
 
             # Check to see if the user has already granted access and return
             # a successful response depending on 'approval_prompt' url parameter
-            require_approval = request.GET.get('approval_prompt', 'force')
+            require_approval = request.GET.get('approval_prompt', oauth2_settings.REQUEST_APPROVAL_PROMPT)
             if require_approval == 'auto':
                 tokens = request.user.accesstoken_set.filter(application=kwargs['application'],
                                                              expires__gt=timezone.now()).all()
diff --git a/requirements/testing.txt b/requirements/testing.txt
index 2a68431b8..4e9c86a7f 100644
--- a/requirements/testing.txt
+++ b/requirements/testing.txt
@@ -1,3 +1,4 @@
 -r optional.txt
 coverage==3.6
-mock
\ No newline at end of file
+mock
+ipdb
\ No newline at end of file

From 9ba6347cd5f11ab9f415f5675a21462986607b96 Mon Sep 17 00:00:00 2001
From: aaronromeo <aaron.romeo@gmail.com>
Date: Tue, 25 Feb 2014 16:17:06 -0500
Subject: [PATCH 2/2] Shouldn't have committed this.

---
 requirements/testing.txt | 1 -
 1 file changed, 1 deletion(-)

diff --git a/requirements/testing.txt b/requirements/testing.txt
index 4e9c86a7f..680cc2d8a 100644
--- a/requirements/testing.txt
+++ b/requirements/testing.txt
@@ -1,4 +1,3 @@
 -r optional.txt
 coverage==3.6
 mock
-ipdb
\ No newline at end of file