Skip csrf protection on introspection endpoint
This commit is contained in:
parent
180aad9a36
commit
00f3efa158
1 changed files with 6 additions and 0 deletions
|
@ -1,5 +1,7 @@
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
|
from django.views.decorators.csrf import csrf_exempt
|
||||||
|
|
||||||
from oidc_provider.lib.endpoints.introspection import TokenIntrospectionEndpoint
|
from oidc_provider.lib.endpoints.introspection import TokenIntrospectionEndpoint
|
||||||
try:
|
try:
|
||||||
from urllib import urlencode
|
from urllib import urlencode
|
||||||
|
@ -381,6 +383,10 @@ class CheckSessionIframeView(View):
|
||||||
|
|
||||||
|
|
||||||
class TokenIntrospectionView(View):
|
class TokenIntrospectionView(View):
|
||||||
|
@method_decorator(csrf_exempt)
|
||||||
|
def dispatch(self, request, *args, **kwargs):
|
||||||
|
return super(TokenIntrospectionView, self).dispatch(request, *args, **kwargs)
|
||||||
|
|
||||||
def post(self, request, *args, **kwargs):
|
def post(self, request, *args, **kwargs):
|
||||||
introspection = TokenIntrospectionEndpoint(request)
|
introspection = TokenIntrospectionEndpoint(request)
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue