{#- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. -#} {% set hide_left_bar = True %} {% extends "allura:templates/user_account_base.html" %} {% block title %}{{c.user.username}} / Applications {% endblock %} {% block header %}OAuth applications registered for {{c.user.username}}{% endblock %} {% block extra_css %} {% endblock %} {% block extra_js %} {% endblock %} {% block content %} {{ super() }}
For direct API use, create an application client and generate a bearer token

Authorized Applications

These are applications you have authorized to act on your behalf. They potentially have full access to your account, so if you are no longer using an application listed here, you should revoke its access.

{% for access_token in access_tokens %}{# both oauth1 & oauth2 #} {% if access_token.is_bearer %} {% endif %}
Name:{{access_token.app.name}}
Description:{{access_token.app.description_html }}
Bearer Token:{{access_token.api_key}}
Last Access:{% if access_token.last_access %} {{ access_token.last_access.strftime('%a %b %d, %Y %I:%M %p UTC') }} {% endif %}
{{lib.csrf_token()}}
{% else %} No applications have been authorized to access your account. {% endfor %} {% if oauth2_client_apps %}

My OAuth2 Applications

These are the client applications you have registered. They can request authorization for a user using the Client ID and Client Secret via OAuth negotiation. See the API documentation for more information.

{% for client in oauth2_client_apps %}
Type:OAuth2
Name:{{client.name}}
Description:{{client.description_html }}
Client ID:{{client.client_id}}
Client Secret:{{client.client_secret}}
Redirect URL: {% for uri in client.redirect_uris %} {{ uri }}
{% else %} None! {% endfor %}
{{lib.csrf_token()}}
{{lib.csrf_token()}}
{{lib.csrf_token()}}
{% endfor %} {% endif %} {% if consumer_tokens %}

My OAuth1 Applications

These are the applications you have registered. They can request authorization for a user using the Consumer Key and Consumer Secret via OAuth negotiation. Alternatively, you can generate a bearer token to give your application access to your account without having to perform the OAuth negotiation. Note, however, that you must be careful with bearer tokens, since anyone who has the token can access your account as that application.

{% for consumer_token in consumer_tokens %}
Type:OAuth1
Name:{{consumer_token.name}}
Description:{{consumer_token.description_html }}
Consumer Key:{{consumer_token.api_key}}
Consumer Secret:{{consumer_token.secret_key}}
{{lib.csrf_token()}}
{{lib.csrf_token()}}
{% endfor %} {% endif %} {% if h.asbool(config.get('auth.oauth2.enabled', False)) %}

Register New OAuth2 Application

{{ c.form2.display() }}
{% endif %}

Register New OAuth1 Application

{{ c.form.display() }} {% endblock %}