diff options
author | Ib Lundgren <ib.lundgren@gmail.com> | 2012-11-17 12:43:38 +0100 |
---|---|---|
committer | Ib Lundgren <ib.lundgren@gmail.com> | 2012-11-17 12:43:38 +0100 |
commit | 03f93bd968b2e664c4e1ccd79e48fc3e5d359465 (patch) | |
tree | 506d1b5b469681299d6b73d4d3114732a65db42b | |
parent | b6a8701001d79454d4183c05eb4cbbcf4130d072 (diff) | |
download | oauthlib-03f93bd968b2e664c4e1ccd79e48fc3e5d359465.tar.gz |
OAuth2 error types
-rw-r--r-- | oauthlib/oauth2/draft25/errors.py | 144 |
1 files changed, 144 insertions, 0 deletions
diff --git a/oauthlib/oauth2/draft25/errors.py b/oauthlib/oauth2/draft25/errors.py new file mode 100644 index 0000000..e499b88 --- /dev/null +++ b/oauthlib/oauth2/draft25/errors.py @@ -0,0 +1,144 @@ +""" +oauthlib.oauth2.draft_25.errors +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +""" +from oauthlib.common import urlencode +import json + + +class OAuth2Error(Exception): + + def __init__(self, description=None, uri=None, state=None): + """ + description: A human-readable ASCII [USASCII] text providing + additional information, used to assist the client + developer in understanding the error that occurred. + Values for the "error_description" parameter MUST NOT + include characters outside the set + %x20-21 / %x23-5B / %x5D-7E. + + uri: A URI identifying a human-readable web page with information + about the error, used to provide the client developer with + additional information about the error. Values for the + "error_uri" parameter MUST conform to the URI- Reference + syntax, and thus MUST NOT include characters outside the set + %x21 / %x23-5B / %x5D-7E. + + state: A CSRF protection value received from the client. + """ + self.description = description + self.uri = uri + self.state = state + + @property + def twotuples(self): + error = [(u'error', self.error)] + if self.description: + error.append((u'error_description', self.description)) + if self.uri: + error.append((u'error_uri', self.uri)) + if self.state: + error.append((u'state', self.state)) + return error + + @property + def urlencoded(self): + return urlencode(self.twotuples) + + @property + def json(self): + return json.dumps(self.twotuples) + + +class InvalidRequestError(OAuth2Error): + """The request is missing a required parameter, includes an invalid + parameter value, includes a parameter more than once, or is + otherwise malformed. + """ + error = u'invalid_request' + + +class UnauthorizedClientError(OAuth2Error): + """The client is not authorized to request an authorization code using + this method. + """ +error = u'unauthorized_client' + + +class AccessDeniedError(OAuth2Error): + """The resource owner or authorization server denied the request.""" + error = u'access_denied' + + +class UnsupportedResponseTypeError(OAuth2Error): + """The authorization server does not support obtaining an authorization + code using this method. + """ + error = u'unsupported_response_type' + + +class InvalidScopeError(OAuth2Error): + """The requested scope is invalid, unknown, or malformed.""" + error = u'invalid_scope' + + +class ServerError(OAuth2Error): + """The authorization server encountered an unexpected condition that + prevented it from fulfilling the request. (This error code is needed + because a 500 Internal Server Error HTTP status code cannot be returned + to the client via a HTTP redirect.) + """ + error = u'server_error' + + +class TemporarilyUnvailableError(OAuth2Error): + """The authorization server is currently unable to handle the request + due to a temporary overloading or maintenance of the server. + (This error code is needed because a 503 Service Unavailable HTTP + status code cannot be returned to the client via a HTTP redirect.) + """ + error = u'temporarily_unavailable' + + +class InvalidClientError(OAuth2Error): + """Client authentication failed (e.g. unknown client, no client + authentication included, or unsupported authentication method). + The authorization server MAY return an HTTP 401 (Unauthorized) status + code to indicate which HTTP authentication schemes are supported. + If the client attempted to authenticate via the "Authorization" request + header field, the authorization server MUST respond with an + HTTP 401 (Unauthorized) status code, and include the "WWW-Authenticate" + response header field matching the authentication scheme used by the + client. + """ + error = u'invalid_client' + + +class InvalidGrantError(OAuth2Error): + """The provided authorization grant (e.g. authorization code, resource + owner credentials) or refresh token is invalid, expired, revoked, does + not match the redirection URI used in the authorization request, or was + issued to another client. + """ + error = u'invalid_grant' + + +class UnauthorizedClientError(OAuth2Error): + """The authenticated client is not authorized to use this authorization + grant type. + """ + error = u'unauthorized_client' + + +class UnsupportedGrantTypeError(OAuth2Error): + """The authorization grant type is not supported by the authorization + server. + """ + error = u'unsupported_grant_type' + + +class InvalidScopeError(OAuth2Error): + """The requested scope is invalid, unknown, malformed, or exceeds the + scope granted by the resource owner. + """ + error = u'invalid_scope' |