Configurable authorization page in AuthorizationView

oauth2_provider/tests/test_implicit.py

@@ -1,12 +1,14 @@
 from __future__ import unicode_literals
 
+import mock
+
 from django.test import TestCase, RequestFactory
 from django.core.urlresolvers import reverse
 
 from ..compat import urlparse, parse_qs, urlencode, get_user_model
 from ..models import get_application_model
 from ..settings import oauth2_settings
-from ..views import ProtectedResourceView
+from ..views import ProtectedResourceView, AuthorizationView
 
 
 Application = get_application_model()
@@ -140,6 +142,29 @@ def test_post_auth_allow(self):
         self.assertIn('access_token=', response['Location'])
         self.assertIn('state=random_state_string', response['Location'])
 
+    @mock.patch('oauth2_provider.views.base.AuthorizationView.skip_authorization_completely', True)
+    def test_skip_authorization_completely(self):
+        """
+        If skip_authorization_completely = True, should skip the authorization page.
+        """
+        self.client.login(username="test_user", password="123456")
+
+        query_string = urlencode({
+            'client_id': self.application.client_id,
+            'response_type': 'token',
+            'state': 'random_state_string',
+            'scope': 'read write',
+            'redirect_uri': 'http://example.it',
+        })
+
+        url = "{url}?{qs}".format(url=reverse('oauth2_provider:authorize'), qs=query_string)
+
+        response = self.client.get(url)
+        self.assertEqual(response.status_code, 302)
+        self.assertIn('http://example.it#', response['Location'])
+        self.assertIn('access_token=', response['Location'])
+        self.assertIn('state=random_state_string', response['Location'])
+
     def test_token_post_auth_deny(self):
         """
         Test error when resource owner deny access

oauth2_provider/views/base.py

@@ -73,6 +73,8 @@ class AuthorizationView(BaseAuthorizationView, FormView):
     server_class = Server
     validator_class = oauth2_settings.OAUTH2_VALIDATOR_CLASS
 
+    skip_authorization_completely = False
+
     def get_initial(self):
         # TODO: move this scopes conversion from and to string into a utils function
         scopes = self.oauth2_data.get('scope', self.oauth2_data.get('scopes', []))
@@ -121,7 +123,17 @@ def get(self, request, *args, **kwargs):
             # Check to see if the user has already granted access and return
             # a successful response depending on 'approval_prompt' url parameter
             require_approval = request.GET.get('approval_prompt', oauth2_settings.REQUEST_APPROVAL_PROMPT)
-            if require_approval == 'auto':
+
+            # if skip_authorization_completely is True, skip the authorization screen even
+            # if this is the first use of the application and there was no previous authorization
+            # useful for in-house applications-> assume an in-house applications are already approved.
+            if self.skip_authorization_completely:
+                uri, headers, body, status = self.create_authorization_response(
+                    request=self.request, scopes=" ".join(scopes),
+                    credentials=credentials, allow=True)
+                return HttpResponseRedirect(uri)
+
+            elif require_approval == 'auto':
                 tokens = request.user.accesstoken_set.filter(application=kwargs['application'],
                                                              expires__gt=timezone.now()).all()
                 # check past authorizations regarded the same scopes as the current one