blegoauth2_draft25_server

2 files changed, 88 insertions, 5 deletions

diff --git a/oauthlib/oauth2/draft25/__init__.py b/oauthlib/oauth2/draft25/__init__.py
index 04f847c..b5a1d22 100644
--- a/oauthlib/oauth2/draft25/__init__.py
+++ b/oauthlib/oauth2/draft25/__init__.py
@@ -521,10 +521,83 @@ class PasswordCredentialsClient(Client):
         self._populate_attributes(response)
         return response
 
-class AuthorizationServer(object):
-    def client_redirect_uris(self, client_identifier):
-        raise NotImplementedError("Must be implemented by inheriting classes.")
 
-    def redirect_uri(client_identifier, redirect_uri=None):
-        raise NotImplementedError("TODO")
+class AuthorizationEndpoint(object):
+    """Authorization endpoint - used by the client to obtain authorization
+    from the resource owner via user-agent redirection.
+
+    The authorization endpoint is used to interact with the resource
+    owner and obtain an authorization grant.  The authorization server
+    MUST first verify the identity of the resource owner.  The way in
+    which the authorization server authenticates the resource owner (e.g.
+    username and password login, session cookies) is beyond the scope of
+    this specification.
+
+    The endpoint URI MAY include an "application/x-www-form-urlencoded"
+    formatted (per Appendix B) query component ([RFC3986] section 3.4),
+    which MUST be retained when adding additional query parameters.  The
+    endpoint URI MUST NOT include a fragment component.
+
+    Since requests to the authorization endpoint result in user
+    authentication and the transmission of clear-text credentials (in the
+    HTTP response), the authorization server MUST require the use of TLS
+    as described in Section 1.6 when sending requests to the
+    authorization endpoint.
+
+    The authorization server MUST support the use of the HTTP "GET"
+    method [RFC2616] for the authorization endpoint, and MAY support the
+    use of the "POST" method as well.
+
+    Parameters sent without a value MUST be treated as if they were
+    omitted from the request.  The authorization server MUST ignore
+    unrecognized request parameters.  Request and response parameters
+    MUST NOT be included more than once.
+    """
+
+    def __init__(self, response_type_handlers=None):
+        self._response_type_handlers = response_type_handlers or {}
+
+    @property
+    def response_type_handlers(self):
+        return self._response_type_handlers
+
+    @response_type_handlers.setter
+    def response_type_handlers(self, handlers):
+        self._response_type_handlers = handlers
+
+    @property
+    def token_handler(self):
+        return BearerTokenHandler()
+
+    def create_authorization_response(self, uri, authorized_scopes,
+            http_method=u'GET', body=None, headers=None):
+        request = Request(uri, http_method=http_method, body=body, headers=headers)
+        request.params = params_from_uri(self.request.uri)
+        request.client_id = self.request.params.get(u'client_id', None)
+        request.scopes = self.request.params.get(u'scope', None)
+        request.redirect_uri = self.request.params.get(u'redirect_uri', None)
+        request.response_type = self.request.params.get(u'response_type')
+        request.state = self.request.params.get(u'state')
+        request.scopes = authorized_scopes
+
+        if not request.response_type in self.response_type_handlers:
+            raise AuthorizationEndpoint.UnsupportedResponseTypeError(
+                    state=request.state, description=u'Invalid response type')
+
+        return self.response_type_handlers.get(
+                request.response_type)(request, self.token_handler)
+
+
+class TokenEndpoint(object):
+
+    def __init__(self, grant_type_handlers=None):
+        self._grant_type_handlers = grant_type_handlers or {}
+
+    @property
+    def grant_type_handlers(self):
+        return self._grant_type_handlers
+
+    @grant_type_handlers.setter
+    def grant_type_handlers(self, handlers):
+        self._grant_type_handlers = handlers
 
diff --git a/oauthlib/oauth2/draft25/tokens.py b/oauthlib/oauth2/draft25/tokens.py
index 74491fb..79fe7a2 100644
--- a/oauthlib/oauth2/draft25/tokens.py
+++ b/oauthlib/oauth2/draft25/tokens.py
@@ -130,3 +130,13 @@ def prepare_bearer_body(token, body=u''):
     .. _`Bearer Token`: http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-18
     """
     return add_params_to_qs(body, [((u'access_token', token))])
+
+
+class BearerTokenHandler(object):
+
+    def __call__(self, endpoint, grant):
+        grant[u'token_type'] = u'Bearer'
+        return grant
+
+    def validate(self, parameters):
+        pass