diff options
author | Ib Lundgren <ib.lundgren@gmail.com> | 2013-06-20 14:53:42 +0100 |
---|---|---|
committer | Ib Lundgren <ib.lundgren@gmail.com> | 2013-06-20 14:53:42 +0100 |
commit | a8fbacf462e0b93388a848ba4b59b9d4bec5a9a2 (patch) | |
tree | 1ff58e27ffcc2b5e23eb2148b369c64012b2d53f /oauthlib/oauth2/rfc6749/grant_types | |
parent | d63df53bdf861088a06b7fbad1a2c65d107af843 (diff) | |
download | oauthlib-a8fbacf462e0b93388a848ba4b59b9d4bec5a9a2.tar.gz |
Fix scope validation on refresh token grant.
Diffstat (limited to 'oauthlib/oauth2/rfc6749/grant_types')
-rw-r--r-- | oauthlib/oauth2/rfc6749/grant_types/refresh_token.py | 16 |
1 files changed, 1 insertions, 15 deletions
diff --git a/oauthlib/oauth2/rfc6749/grant_types/refresh_token.py b/oauthlib/oauth2/rfc6749/grant_types/refresh_token.py index 2a4bd20..9791e62 100644 --- a/oauthlib/oauth2/rfc6749/grant_types/refresh_token.py +++ b/oauthlib/oauth2/rfc6749/grant_types/refresh_token.py @@ -96,18 +96,4 @@ class RefreshTokenGrant(GrantTypeBase): request.refresh_token, request.client) raise errors.InvalidGrantError(request=request) - # OPTIONAL. The scope of the access request as described by - # Section 3.3. The requested scope MUST NOT include any scope - # not originally granted by the resource owner, and if omitted is - # treated as equal to the scope originally granted by the - # resource owner. - if request.scopes: - log.debug('Ensuring refresh token %s has access to scopes %r.', - request.refresh_token, request.scopes) - else: - log.debug('Reusing scopes from previous access token.') - if not self.request_validator.confirm_scopes(request.refresh_token, - request.scopes, request): - log.debug('Refresh token %s lack requested scopes, %r.', - request.refresh_token, request.scopes) - raise errors.InvalidScopeError(state=request.state, request=request) + self.validate_scopes(request) |