Used WWW-Authenticate and auth-param values as RFC6750 described it.

It misses the possibility to add scope= and realm= at the moment, but it should be a step forward into the right direction.
author: Jonathan Huot <jonathan.huot@thomsonreuters.com> 2018-12-12 17:58:45 +0100
committer: Jonathan Huot <jonathan.huot@thomsonreuters.com> 2018-12-12 17:58:45 +0100
commit: 5f629b5dce3fc6aafb5908480ed241c6f5b4cfbb (patch)
tree: 36d31e457d148bb15c9c048409756e2754030a01 /oauthlib/oauth2/rfc6749/grant_types/authorization_code.py
parent: ffa87c7ec828e5c0a7c68a2197030f20b15ec621 (diff)
download: oauthlib-5f629b5dce3fc6aafb5908480ed241c6f5b4cfbb.tar.gz
1 files changed, 1 insertions, 2 deletions
diff --git a/oauthlib/oauth2/rfc6749/grant_types/authorization_code.py b/oauthlib/oauth2/rfc6749/grant_types/authorization_code.py
index 334ed56..850d70a 100644
--- a/oauthlib/oauth2/rfc6749/grant_types/authorization_code.py
+++ b/oauthlib/oauth2/rfc6749/grant_types/authorization_code.py
@@ -243,8 +243,7 @@ class AuthorizationCodeGrant(GrantTypeBase):
             log.debug('Token request validation ok for %r.', request)
         except errors.OAuth2Error as e:
             log.debug('Client error during validation of %r. %r.', request, e)
-            if e.status_code == 401:
-                headers.update({"WWW-Authenticate": "Basic"})
+            headers.update(e.headers)
             return headers, e.json, e.status_code
 
         token = token_handler.create_token(request, refresh_token=self.refresh_token, save_token=False)
author	Jonathan Huot <jonathan.huot@thomsonreuters.com>	2018-12-12 17:58:45 +0100
committer	Jonathan Huot <jonathan.huot@thomsonreuters.com>	2018-12-12 17:58:45 +0100
commit	5f629b5dce3fc6aafb5908480ed241c6f5b4cfbb (patch)
tree	36d31e457d148bb15c9c048409756e2754030a01 /oauthlib/oauth2/rfc6749/grant_types/authorization_code.py
parent	ffa87c7ec828e5c0a7c68a2197030f20b15ec621 (diff)
download	oauthlib-5f629b5dce3fc6aafb5908480ed241c6f5b4cfbb.tar.gz