kwargs to ``BrowserIDBackend.authenticate`` get passed as ``extra_params``

mozilla / django-browserid

Django application for adding BrowserID support.

Mozilla Public License 2.0

179 stars 80 forks source link

kwargs to ``BrowserIDBackend.authenticate`` get passed as ``extra_params`` #110

Closed Osmose closed 11 years ago

Osmose commented 11 years ago

Any keyword arguments to BrowserIDBackend.authenticate are passed to verify as extra parameters. This might expose data that shouldn't be exposed, though. Instead, it'd be better to add an optional browserid_extra kwarg to authenticate that is passed to verify instead.

Osmose commented 11 years ago

To clarify, we want to add the browserid_extra kwarg to authenticate and we want to stop passing the keyword arguments from authenticate to verify and use the browserid_extra kwarg instead.

Osmose commented 11 years ago

Fixed in bc284f7502fcd91cd9b102deb2b0c7407997b8f4.