diff options
author | Jonathan Huot <JonathanHuot@users.noreply.github.com> | 2018-09-07 16:30:13 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-09-07 16:30:13 +0200 |
commit | 439e2fe6acd7d045acfe996b544ae5afe388f61f (patch) | |
tree | b5915b302680a80891c04e7d42380e4999824dd6 /oauthlib/oauth2/rfc6749 | |
parent | 329c619a39471243fbe02d82559e646adabda232 (diff) | |
parent | 92b686f975e5e3b66371228ba4160cfb3cefd465 (diff) | |
download | oauthlib-439e2fe6acd7d045acfe996b544ae5afe388f61f.tar.gz |
Merge branch 'master' into master
Diffstat (limited to 'oauthlib/oauth2/rfc6749')
-rw-r--r-- | oauthlib/oauth2/rfc6749/grant_types/authorization_code.py | 23 | ||||
-rw-r--r-- | oauthlib/oauth2/rfc6749/request_validator.py | 1 |
2 files changed, 11 insertions, 13 deletions
diff --git a/oauthlib/oauth2/rfc6749/grant_types/authorization_code.py b/oauthlib/oauth2/rfc6749/grant_types/authorization_code.py index 3d08871..ab4c184 100644 --- a/oauthlib/oauth2/rfc6749/grant_types/authorization_code.py +++ b/oauthlib/oauth2/rfc6749/grant_types/authorization_code.py @@ -140,7 +140,6 @@ class AuthorizationCodeGrant(GrantTypeBase): oauthlib.oauth2.BearerToken. :returns: headers, body, status :raises: FatalClientError on invalid redirect URI or client id. - ValueError if scopes are not set on the request object. A few examples:: @@ -151,12 +150,6 @@ class AuthorizationCodeGrant(GrantTypeBase): >>> from oauthlib.oauth2 import AuthorizationCodeGrant, BearerToken >>> token = BearerToken(your_validator) >>> grant = AuthorizationCodeGrant(your_validator) - >>> grant.create_authorization_response(request, token) - Traceback (most recent call last): - File "<stdin>", line 1, in <module> - File "oauthlib/oauth2/rfc6749/grant_types.py", line 513, in create_authorization_response - raise ValueError('Scopes must be set on post auth.') - ValueError: Scopes must be set on post auth. >>> request.scopes = ['authorized', 'in', 'some', 'form'] >>> grant.create_authorization_response(request, token) (u'http://client.com/?error=invalid_request&error_description=Missing+response_type+parameter.', None, None, 400) @@ -182,11 +175,6 @@ class AuthorizationCodeGrant(GrantTypeBase): .. _`Section 10.12`: https://tools.ietf.org/html/rfc6749#section-10.12 """ try: - # request.scopes is only mandated in post auth and both pre and - # post auth use validate_authorization_request - if not request.scopes: - raise ValueError('Scopes must be set on post auth.') - self.validate_authorization_request(request) log.debug('Pre resource owner authorization validation ok for %r.', request) @@ -422,6 +410,17 @@ class AuthorizationCodeGrant(GrantTypeBase): # REQUIRED, if the "redirect_uri" parameter was included in the # authorization request as described in Section 4.1.1, and their # values MUST be identical. + if request.redirect_uri is None: + request.using_default_redirect_uri = True + request.redirect_uri = self.request_validator.get_default_redirect_uri( + request.client_id, request) + log.debug('Using default redirect_uri %s.', request.redirect_uri) + if not request.redirect_uri: + raise errors.MissingRedirectURIError(request=request) + else: + request.using_default_redirect_uri = False + log.debug('Using provided redirect_uri %s', request.redirect_uri) + if not self.request_validator.confirm_redirect_uri(request.client_id, request.code, request.redirect_uri, request.client, request): diff --git a/oauthlib/oauth2/rfc6749/request_validator.py b/oauthlib/oauth2/rfc6749/request_validator.py index bf1515d..ff3bbd6 100644 --- a/oauthlib/oauth2/rfc6749/request_validator.py +++ b/oauthlib/oauth2/rfc6749/request_validator.py @@ -346,7 +346,6 @@ class RequestValidator(object): the claims dict, which should be saved for later use when generating the id_token and/or UserInfo response content. - :param client_id: Unicode client identifier :param token: A Bearer token dict :param request: The HTTP Request (oauthlib.common.Request) :rtype: The default redirect URI for the client |