diff options
author | Omer Katz <omer.drow@gmail.com> | 2018-12-17 15:16:44 +0200 |
---|---|---|
committer | Omer Katz <omer.drow@gmail.com> | 2018-12-17 15:16:44 +0200 |
commit | cfd6af0168c27e74eb8fd300d42b3145cdea8a78 (patch) | |
tree | 989368b14a015c75c37eade874cb53dcc877cdf7 | |
parent | 06912287b170aa7255b7120403943ba9e99e649e (diff) | |
download | oauthlib-cfd6af0168c27e74eb8fd300d42b3145cdea8a78.tar.gz |
Extract raising error on client auth failure.
-rw-r--r-- | oauthlib/oauth2/rfc6749/endpoints/base.py | 12 | ||||
-rw-r--r-- | oauthlib/oauth2/rfc6749/endpoints/introspect.py | 12 | ||||
-rw-r--r-- | oauthlib/oauth2/rfc6749/endpoints/revocation.py | 12 |
3 files changed, 15 insertions, 21 deletions
diff --git a/oauthlib/oauth2/rfc6749/endpoints/base.py b/oauthlib/oauth2/rfc6749/endpoints/base.py index 7a121fa..638311d 100644 --- a/oauthlib/oauth2/rfc6749/endpoints/base.py +++ b/oauthlib/oauth2/rfc6749/endpoints/base.py @@ -12,7 +12,8 @@ import functools import logging from ..errors import (FatalClientError, OAuth2Error, ServerError, - TemporarilyUnavailableError, InvalidRequestError) + TemporarilyUnavailableError, InvalidRequestError, + InvalidClientError) log = logging.getLogger(__name__) @@ -44,6 +45,15 @@ class BaseEndpoint(object): if not request.token: raise InvalidRequestError(request=request, description='Missing token parameter.') + def _raise_on_invalid_client(self, request): + """Raise on failed client authentication.""" + if self.request_validator.client_authentication_required(request): + if not self.request_validator.authenticate_client(request): + log.debug('Client authentication failed, %r.', request) + raise InvalidClientError(request=request) + elif not self.request_validator.authenticate_client_id(request.client_id, request): + log.debug('Client authentication failed, %r.', request) + raise InvalidClientError(request=request) def catch_errors_and_unavailability(f): diff --git a/oauthlib/oauth2/rfc6749/endpoints/introspect.py b/oauthlib/oauth2/rfc6749/endpoints/introspect.py index 58b9a88..5f24ff3 100644 --- a/oauthlib/oauth2/rfc6749/endpoints/introspect.py +++ b/oauthlib/oauth2/rfc6749/endpoints/introspect.py @@ -14,8 +14,7 @@ import logging from oauthlib.common import Request -from ..errors import (InvalidClientError, InvalidRequestError, OAuth2Error, - UnsupportedTokenTypeError) +from ..errors import OAuth2Error, UnsupportedTokenTypeError from .base import BaseEndpoint, catch_errors_and_unavailability log = logging.getLogger(__name__) @@ -118,14 +117,7 @@ class IntrospectEndpoint(BaseEndpoint): .. _`RFC6749`: http://tools.ietf.org/html/rfc6749 """ self._raise_on_missing_token(request) - - if self.request_validator.client_authentication_required(request): - if not self.request_validator.authenticate_client(request): - log.debug('Client authentication failed, %r.', request) - raise InvalidClientError(request=request) - elif not self.request_validator.authenticate_client_id(request.client_id, request): - log.debug('Client authentication failed, %r.', request) - raise InvalidClientError(request=request) + self._raise_on_invalid_client(request) if (request.token_type_hint and request.token_type_hint in self.valid_token_types and diff --git a/oauthlib/oauth2/rfc6749/endpoints/revocation.py b/oauthlib/oauth2/rfc6749/endpoints/revocation.py index 6f0081b..8ec9512 100644 --- a/oauthlib/oauth2/rfc6749/endpoints/revocation.py +++ b/oauthlib/oauth2/rfc6749/endpoints/revocation.py @@ -13,8 +13,7 @@ import logging from oauthlib.common import Request -from ..errors import (InvalidClientError, InvalidRequestError, OAuth2Error, - UnsupportedTokenTypeError) +from ..errors import OAuth2Error, UnsupportedTokenTypeError from .base import BaseEndpoint, catch_errors_and_unavailability log = logging.getLogger(__name__) @@ -117,14 +116,7 @@ class RevocationEndpoint(BaseEndpoint): .. _`RFC6749`: https://tools.ietf.org/html/rfc6749 """ self._raise_on_missing_token(request) - - if self.request_validator.client_authentication_required(request): - if not self.request_validator.authenticate_client(request): - log.debug('Client authentication failed, %r.', request) - raise InvalidClientError(request=request) - elif not self.request_validator.authenticate_client_id(request.client_id, request): - log.debug('Client authentication failed, %r.', request) - raise InvalidClientError(request=request) + self._raise_on_invalid_client(request) if (request.token_type_hint and request.token_type_hint in self.valid_token_types and |