diff options
author | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2019-04-29 10:20:39 +0200 |
---|---|---|
committer | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2019-04-29 10:20:39 +0200 |
commit | d4d3f1088dc943a83641c9e86b7a09d98f6adce8 (patch) | |
tree | 4059691f49bdebb1ba5ae72fbf63eb9d70b13482 /oauthlib/openid | |
parent | 247c89e13bdd017b99f22b154e521084df53d2f0 (diff) | |
download | oauthlib-d4d3f1088dc943a83641c9e86b7a09d98f6adce8.tar.gz |
Removed wrong assumption from copy/paste of get_autho.._scopes.
This function should always have a good client_id and redirect_uri, because it is called after validate_token_request()
Diffstat (limited to 'oauthlib/openid')
-rw-r--r-- | oauthlib/openid/connect/core/request_validator.py | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/oauthlib/openid/connect/core/request_validator.py b/oauthlib/openid/connect/core/request_validator.py index 344fd7d..d96c9ef 100644 --- a/oauthlib/openid/connect/core/request_validator.py +++ b/oauthlib/openid/connect/core/request_validator.py @@ -49,9 +49,8 @@ class RequestValidator(OAuth2RequestValidator): case-sensitive string. Only code param should be sufficient to retrieve grant code from - any storage you are using, `client_id` and `redirect_uri` can have a - blank value `""` don't forget to check it before using those values - in a select query if a database is used. + any storage you are using. However, `client_id` and `redirect_uri` + have been validated and can be used also. :param client_id: Unicode client identifier :param code: Unicode authorization code grant |