Skip to content

Redirect URL is not being processed in Django 4.2 when using oauth2 implicit flow #858

New issue
New issue
Open
Open
Redirect URL is not being processed in Django 4.2 when using oauth2 implicit flow#858
Labels
1.21.xRelease target in 1.21.xbugBug reporthelp wantedHelp wanted
@den4uk

Description

@den4uk
den4uk
opened on Jun 28, 2023

Bug Report

Description

drf-yasg does not work with Django 4.2 when redirect url is called during authorization.

Reproduction steps:

  • Using oauth2 implicit flow
  • Click Authorize
  • Authorization happens

Side effects:

  • A redirect url is fired in a new tab (that is expected to auto-close)
  • The tab remains open
  • No traceback, no errors
  • Swagger fails to authenticate

Is this a regression?

No

Minimal Reproduction

# requirements.txt
Django==4.2.2
djangorestframework==3.14.0
drf-yasg==1.21.6

# settings.py
SWAGGER_SETTINGS = {
    "USE_SESSION_AUTH": False,
    "OAUTH2_REDIRECT_URL": "/static/drf-yasg/swagger-ui-dist/oauth2-redirect.html",
    "SECURITY_DEFINITIONS": {
        "oauth2": {
            "type": "oauth2",
            "flow": "implicit",
            "authorizationUrl": "https://some-url/auth"),
            "scopes": {"some-scope": "", },
        },
    },
}

However, this same setup works fine with the following requirements:

Django==3.2.19
djangorestframework==3.14.0
drf-yasg==1.21.6

Note: the behaviour is only affecting when using Django 4.2, but not Django 3.x.

Stack trace / Error message

no stack trace or an error message is raised

Metadata

Metadata

Assignees

No one assigned

    Labels

    1.21.xRelease target in 1.21.xbugBug reporthelp wantedHelp wanted

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions