diff options
author | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2018-11-20 10:23:54 +0100 |
---|---|---|
committer | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2018-11-20 10:23:54 +0100 |
commit | 2a2e48a67105d99c8faad804650cf7a5c47a4ec4 (patch) | |
tree | c9553ab5e24601d09069802242ea93d2f1652fc5 | |
parent | 93b47c7fdb531a463ea4a5f43d36d9ffc8e1aec1 (diff) | |
download | oauthlib-2a2e48a67105d99c8faad804650cf7a5c47a4ec4.tar.gz |
Replaced distinct classes by a more unified one.
"default_grant" and "oidc_grant" must be two generic attributes of OpenID Connect Dispatcher. We should not leave each Dispatcher implementation have this own attributes names.
-rw-r--r-- | oauthlib/openid/connect/core/endpoints/pre_configured.py | 6 | ||||
-rw-r--r-- | oauthlib/openid/connect/core/grant_types/dispatchers.py | 49 |
2 files changed, 30 insertions, 25 deletions
diff --git a/oauthlib/openid/connect/core/endpoints/pre_configured.py b/oauthlib/openid/connect/core/endpoints/pre_configured.py index 04bd628..9cf30db 100644 --- a/oauthlib/openid/connect/core/endpoints/pre_configured.py +++ b/oauthlib/openid/connect/core/endpoints/pre_configured.py @@ -72,8 +72,8 @@ class Server(AuthorizationEndpoint, TokenEndpoint, ResourceEndpoint, jwt = JWTToken(request_validator, token_generator, token_expires_in, refresh_token_generator) - auth_grant_choice = AuthorizationCodeGrantDispatcher(default_auth_grant=auth_grant, oidc_auth_grant=openid_connect_auth) - implicit_grant_choice = ImplicitTokenGrantDispatcher(default_implicit_grant=implicit_grant, oidc_implicit_grant=openid_connect_implicit) + auth_grant_choice = AuthorizationCodeGrantDispatcher(default_grant=auth_grant, oidc_grant=openid_connect_auth) + implicit_grant_choice = ImplicitTokenGrantDispatcher(default_grant=implicit_grant, oidc_grant=openid_connect_implicit) # See http://openid.net/specs/oauth-v2-multiple-response-types-1_0.html#Combinations for valid combinations # internally our AuthorizationEndpoint will ensure they can appear in any order for any valid combination @@ -90,7 +90,7 @@ class Server(AuthorizationEndpoint, TokenEndpoint, ResourceEndpoint, }, default_token_type=bearer) - token_grant_choice = AuthorizationTokenGrantDispatcher(request_validator, default_token_grant=auth_grant, oidc_token_grant=openid_connect_auth) + token_grant_choice = AuthorizationTokenGrantDispatcher(request_validator, default_grant=auth_grant, oidc_grant=openid_connect_auth) TokenEndpoint.__init__(self, default_grant_type='authorization_code', grant_types={ diff --git a/oauthlib/openid/connect/core/grant_types/dispatchers.py b/oauthlib/openid/connect/core/grant_types/dispatchers.py index 2c33406..be8e2f3 100644 --- a/oauthlib/openid/connect/core/grant_types/dispatchers.py +++ b/oauthlib/openid/connect/core/grant_types/dispatchers.py @@ -2,20 +2,25 @@ import logging log = logging.getLogger(__name__) -class AuthorizationCodeGrantDispatcher(object): +class Dispatcher(object): + default_grant = None + oidc_grant = None + + +class AuthorizationCodeGrantDispatcher(Dispatcher): """ This is an adapter class that will route simple Authorization Code requests, those that have response_type=code and a scope - including 'openid' to either the default_auth_grant or the oidc_auth_grant based on the scopes requested. + including 'openid' to either the default_grant or the oidc_grant based on the scopes requested. """ - def __init__(self, default_auth_grant=None, oidc_auth_grant=None): - self.default_auth_grant = default_auth_grant - self.oidc_auth_grant = oidc_auth_grant + def __init__(self, default_grant=None, oidc_grant=None): + self.default_grant = default_grant + self.oidc_grant = oidc_grant def _handler_for_request(self, request): - handler = self.default_auth_grant + handler = self.default_grant if request.scopes and "openid" in request.scopes: - handler = self.oidc_auth_grant + handler = self.oidc_grant log.debug('Selecting handler for request %r.', handler) return handler @@ -27,20 +32,20 @@ class AuthorizationCodeGrantDispatcher(object): return self._handler_for_request(request).validate_authorization_request(request) -class ImplicitTokenGrantDispatcher(object): +class ImplicitTokenGrantDispatcher(Dispatcher): """ This is an adapter class that will route simple Authorization Code requests, those that have response_type=code and a scope - including 'openid' to either the default_auth_grant or the oidc_auth_grant based on the scopes requested. + including 'openid' to either the default_grant or the oidc_grant based on the scopes requested. """ - def __init__(self, default_implicit_grant=None, oidc_implicit_grant=None): - self.default_implicit_grant = default_implicit_grant - self.oidc_implicit_grant = oidc_implicit_grant + def __init__(self, default_grant=None, oidc_grant=None): + self.default_grant = default_grant + self.oidc_grant = oidc_grant def _handler_for_request(self, request): - handler = self.default_implicit_grant + handler = self.default_grant if request.scopes and "openid" in request.scopes and 'id_token' in request.response_type: - handler = self.oidc_implicit_grant + handler = self.oidc_grant log.debug('Selecting handler for request %r.', handler) return handler @@ -52,31 +57,31 @@ class ImplicitTokenGrantDispatcher(object): return self._handler_for_request(request).validate_authorization_request(request) -class AuthorizationTokenGrantDispatcher(object): +class AuthorizationTokenGrantDispatcher(Dispatcher): """ This is an adapter class that will route simple Token requests, those that authorization_code have a scope - including 'openid' to either the default_token_grant or the oidc_token_grant based on the scopes requested. + including 'openid' to either the default_grant or the oidc_grant based on the scopes requested. """ - def __init__(self, request_validator, default_token_grant=None, oidc_token_grant=None): - self.default_token_grant = default_token_grant - self.oidc_token_grant = oidc_token_grant + def __init__(self, request_validator, default_grant=None, oidc_grant=None): + self.default_grant = default_grant + self.oidc_grant = oidc_grant self.request_validator = request_validator def _handler_for_request(self, request): - handler = self.default_token_grant + handler = self.default_grant scopes = () parameters = dict(request.decoded_body) client_id = parameters.get('client_id', None) code = parameters.get('code', None) redirect_uri = parameters.get('redirect_uri', None) - # If code is not pressent fallback to `default_token_grant` wich will + # If code is not pressent fallback to `default_grant` wich will # raise an error for the missing `code` in `create_token_response` step. if code: scopes = self.request_validator.get_authorization_code_scopes(client_id, code, redirect_uri, request) if 'openid' in scopes: - handler = self.oidc_token_grant + handler = self.oidc_grant log.debug('Selecting handler for request %r.', handler) return handler |