diff options
Diffstat (limited to 'oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.py')
-rw-r--r-- | oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.py b/oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.py index f765d91..12c74f1 100644 --- a/oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.py +++ b/oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.py @@ -178,6 +178,9 @@ class ResourceOwnerPasswordCredentialsGrant(GrantTypeBase): if not request.grant_type == 'password': raise errors.UnsupportedGrantTypeError(request=request) + # Ensure client is authorized use of this grant type + self.validate_grant_type(request) + log.debug('Validating username %s.', request.username) if not self.request_validator.validate_user(request.username, request.password, request.client, request): @@ -191,9 +194,6 @@ class ResourceOwnerPasswordCredentialsGrant(GrantTypeBase): 'in authenticate_client.') log.debug('Authorizing access to user %r.', request.user) - # Ensure client is authorized use of this grant type - self.validate_grant_type(request) - if request.client: request.client_id = request.client_id or request.client.client_id self.validate_scopes(request) |