broken and needs cleaning but its a start

5 files changed, 149 insertions, 139 deletions

diff --git a/oauthlib/oauth2/draft25/__init__.py b/oauthlib/oauth2/draft25/__init__.py
index e74c495..9f83231 100644
--- a/oauthlib/oauth2/draft25/__init__.py
+++ b/oauthlib/oauth2/draft25/__init__.py
@@ -6,12 +6,9 @@ This module is an implementation of various logic needed
 for signing and checking OAuth 2.0 draft 25 requests.
 """
 from oauthlib.common import Request
-from errors import OAuth2Error
-from grant_types import AuthorizationCodeGrantTokenHandler
 from parameters import prepare_grant_uri, prepare_token_request
 from parameters import parse_authorization_code_response
 from parameters import parse_implicit_response, parse_token_response
-from response_types import AuthorizationCodeGrantCodeHandler, ImplicitGrantTokenHandler
 from tokens import BearerTokenHandler
 from tokens import prepare_bearer_uri, prepare_bearer_headers
 from tokens import prepare_bearer_body, prepare_mac_header
@@ -555,58 +552,16 @@ class AuthorizationEndpoint(object):
     MUST NOT be included more than once.
     """
 
-    class InvalidRequestError(OAuth2Error):
-        """The request is missing a required parameter, includes an invalid
-        parameter value, includes a parameter more than once, or is
-        otherwise malformed.
-        """
-        error = u'invalid_request'
-
-    class UnauthorizedClientError(OAuth2Error):
-        """The client is not authorized to request an authorization code using
-        this method.
-        """
-        error = u'unauthorized_client'
-
-    class AccessDeniedError(OAuth2Error):
-        """The resource owner or authorization server denied the request."""
-        error = u'access_denied'
-
-    class UnsupportedResponseTypeError(OAuth2Error):
-        """The authorization server does not support obtaining an authorization
-        code using this method.
-        """
-        error = u'unsupported_response_type'
-
-    class InvalidScopeError(OAuth2Error):
-        """The requested scope is invalid, unknown, or malformed."""
-        error = u'invalid_scope'
-
-    class ServerError(OAuth2Error):
-        """The authorization server encountered an unexpected condition that
-        prevented it from fulfilling the request.  (This error code is needed
-        because a 500 Internal Server Error HTTP status code cannot be returned
-        to the client via a HTTP redirect.)
-        """
-        error = u'server_error'
-
-    class TemporarilyUnvailableError(OAuth2Error):
-        """The authorization server is currently unable to handle the request
-        due to a temporary overloading or maintenance of the server.
-        (This error code is needed because a 503 Service Unavailable HTTP
-        status code cannot be returned to the client via a HTTP redirect.)
-        """
-        error = u'temporarily_unavailable'
-
-    def __init__(self, valid_scopes=None):
-        self.valid_scopes = valid_scopes
+    def __init__(self, response_type_handlers=None):
+        self._response_type_handlers = response_type_handlers or {}
 
     @property
     def response_type_handlers(self):
-        return {
-            u'code': AuthorizationCodeGrantCodeHandler(),
-            u'token': ImplicitGrantTokenHandler(),
-        }
+        return self._response_type_handlers
+
+    @response_type_handlers.setter
+    def response_type_handlers(self, handlers):
+        self._response_type_handlers = handlers
 
     @property
     def token_handler(self):
@@ -633,63 +588,21 @@ class AuthorizationEndpoint(object):
 
 class TokenEndpoint(object):
 
-    class InvalidRequestError(OAuth2Error):
-        """The request is missing a required parameter, includes an unsupported
-        parameter value (other than grant type), repeats a parameter, includes
-        multiple credentials, utilizes more than one mechanism for
-        authenticating the client, or is otherwise malformed.
-        """
-        error = u'invalid_request'
-
-    class InvalidClientError(OAuth2Error):
-        """Client authentication failed (e.g. unknown client, no client
-        authentication included, or unsupported authentication method).
-        The authorization server MAY return an HTTP 401 (Unauthorized) status
-        code to indicate which HTTP authentication schemes are supported.
-        If the client attempted to authenticate via the "Authorization" request
-        header field, the authorization server MUST respond with an
-        HTTP 401 (Unauthorized) status code, and include the "WWW-Authenticate"
-        response header field matching the authentication scheme used by the
-        client.
-        """
-        error = u'invalid_client'
-
-    class InvalidGrantError(OAuth2Error):
-        """The provided authorization grant (e.g. authorization code, resource
-        owner credentials) or refresh token is invalid, expired, revoked, does
-        not match the redirection URI used in the authorization request, or was
-        issued to another client.
-        """
-        error = u'invalid_grant'
+    def __init__(self, grant_type_handlers=None):
+        self._grant_type_handlers = grant_type_handlers or {}
 
-    class Unauthorized_clientError(OAuth2Error):
-        """The authenticated client is not authorized to use this authorization
-        grant type.
-        """
-        error = u'unauthorized_client'
-
-    class UnsupportedGrantTypeError(OAuth2Error):
-        """The authorization grant type is not supported by the authorization
-        server.
-        """
-        error = u'unsupported_grant_type'
+    @property
+    def grant_type_handlers(self):
+        return self._grant_type_handlers
 
-    class InvalidScopeError(OAuth2Error):
-        """The requested scope is invalid, unknown, malformed, or exceeds the
-        scope granted by the resource owner.
-        """
-        error = u'invalid_scope'
+    @grant_type_handlers.setter
+    def grant_type_handlers(self, handlers):
+        self._grant_type_handlers = handlers
 
     @property
     def token_handler(self):
         return BearerTokenHandler()
 
-    @property
-    def grant_type_handlers(self):
-        return {
-            u'authorization_code': AuthorizationCodeGrantTokenHandler(),
-        }
-
     def create_token_response(self, body, http_method=u'GET', uri=None, headers=None):
         """Validate client, code etc, return body + headers"""
         request = Request(uri, http_method, body, headers)
diff --git a/oauthlib/oauth2/draft25/errors.py b/oauthlib/oauth2/draft25/errors.py
index 0dcd646..e499b88 100644
--- a/oauthlib/oauth2/draft25/errors.py
+++ b/oauthlib/oauth2/draft25/errors.py
@@ -48,3 +48,97 @@ class OAuth2Error(Exception):
     @property
     def json(self):
         return json.dumps(self.twotuples)
+
+
+class InvalidRequestError(OAuth2Error):
+    """The request is missing a required parameter, includes an invalid
+    parameter value, includes a parameter more than once, or is
+    otherwise malformed.
+    """
+    error = u'invalid_request'
+
+
+class UnauthorizedClientError(OAuth2Error):
+    """The client is not authorized to request an authorization code using
+    this method.
+    """
+error = u'unauthorized_client'
+
+
+class AccessDeniedError(OAuth2Error):
+    """The resource owner or authorization server denied the request."""
+    error = u'access_denied'
+
+
+class UnsupportedResponseTypeError(OAuth2Error):
+    """The authorization server does not support obtaining an authorization
+    code using this method.
+    """
+    error = u'unsupported_response_type'
+
+
+class InvalidScopeError(OAuth2Error):
+    """The requested scope is invalid, unknown, or malformed."""
+    error = u'invalid_scope'
+
+
+class ServerError(OAuth2Error):
+    """The authorization server encountered an unexpected condition that
+    prevented it from fulfilling the request.  (This error code is needed
+    because a 500 Internal Server Error HTTP status code cannot be returned
+    to the client via a HTTP redirect.)
+    """
+    error = u'server_error'
+
+
+class TemporarilyUnvailableError(OAuth2Error):
+    """The authorization server is currently unable to handle the request
+    due to a temporary overloading or maintenance of the server.
+    (This error code is needed because a 503 Service Unavailable HTTP
+    status code cannot be returned to the client via a HTTP redirect.)
+    """
+    error = u'temporarily_unavailable'
+
+
+class InvalidClientError(OAuth2Error):
+    """Client authentication failed (e.g. unknown client, no client
+    authentication included, or unsupported authentication method).
+    The authorization server MAY return an HTTP 401 (Unauthorized) status
+    code to indicate which HTTP authentication schemes are supported.
+    If the client attempted to authenticate via the "Authorization" request
+    header field, the authorization server MUST respond with an
+    HTTP 401 (Unauthorized) status code, and include the "WWW-Authenticate"
+    response header field matching the authentication scheme used by the
+    client.
+    """
+    error = u'invalid_client'
+
+
+class InvalidGrantError(OAuth2Error):
+    """The provided authorization grant (e.g. authorization code, resource
+    owner credentials) or refresh token is invalid, expired, revoked, does
+    not match the redirection URI used in the authorization request, or was
+    issued to another client.
+    """
+    error = u'invalid_grant'
+
+
+class UnauthorizedClientError(OAuth2Error):
+    """The authenticated client is not authorized to use this authorization
+    grant type.
+    """
+    error = u'unauthorized_client'
+
+
+class UnsupportedGrantTypeError(OAuth2Error):
+    """The authorization grant type is not supported by the authorization
+    server.
+    """
+    error = u'unsupported_grant_type'
+
+
+class InvalidScopeError(OAuth2Error):
+    """The requested scope is invalid, unknown, malformed, or exceeds the
+    scope granted by the resource owner.
+    """
+    error = u'invalid_scope'
diff --git a/oauthlib/oauth2/draft25/grant_types.py b/oauthlib/oauth2/draft25/grant_types.py
index d47fac7..ec2f012 100644
--- a/oauthlib/oauth2/draft25/grant_types.py
+++ b/oauthlib/oauth2/draft25/grant_types.py
@@ -3,10 +3,9 @@ oauthlib.oauth2.draft_25.errors
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 """
 from oauthlib.common import generate_token, add_params_to_uri
-from oauthlib.url_validate import is_absolute_uri
-from oauthlib.oauth2.draft25 import AuthorizationEndpoint, TokenEndpoint
-from errors import OAuth2Error
+from oauthlib.uri_validate import is_absolute_uri
 import json
+import errors
 
 
 class AuthorizationBase(object):
@@ -14,56 +13,56 @@ class AuthorizationBase(object):
     def validate_request(self, request):
 
         if not request.client_id:
-            raise AuthorizationEndpoint.InvalidRequestError(state=request.state,
+            raise errors.InvalidRequestError(state=request.state,
                     description=u'Missing client_id parameter.')
 
         if not request.response_type:
-            raise AuthorizationEndpoint.InvalidRequestError(state=request.state,
+            raise errors.InvalidRequestError(state=request.state,
                     description=u'Missing response_type parameter.')
 
         if not self.validate_client(request.client_id):
-            raise AuthorizationEndpoint.UnauthorizedClientError(state=request.state)
+            raise errors.UnauthorizedClientError(state=request.state)
 
         if not request.response_type in self.response_type_handlers:
-            raise AuthorizationEndpoint.UnsupportedResponseTypeError(state=request.state)
+            raise errors.UnsupportedResponseTypeError(state=request.state)
 
         if request.scopes:
             if not self.validate_scopes(request.client_id, request.scopes):
-                raise AuthorizationEndpoint.InvalidScopeError(state=request.state)
+                raise errors.InvalidScopeError(state=request.state)
         else:
             request.scopes = self.get_default_scopes(request.client_id)
 
         if request.redirect_uri:
             if not is_absolute_uri(request.redirect_uri):
-                raise AuthorizationEndpoint.InvalidRequestError(state=request.state,
+                raise errors.InvalidRequestError(state=request.state,
                         description=u'Non absolute redirect URI. See RFC3986')
 
             if not self.validate_redirect_uri(request.client_id, request.redirect_uri):
-                raise AuthorizationEndpoint.AccessDeniedError(state=request.state)
+                raise errors.AccessDeniedError(state=request.state)
         else:
             request.redirect_uri = self.get_default_redirect_uri(request.client_id)
             if not request.redirect_uri:
-                raise AuthorizationEndpoint.AccessDeniedError(state=request.state)
+                raise errors.AccessDeniedError(state=request.state)
 
         return True
 
-    def validate_client(self, client_id):
+    def validate_client(self, client, *args, **kwargs):
         raise NotImplementedError('Subclasses must implement this method.')
 
-    def validate_scopes(self, client_id, scopes):
+    def validate_scopes(self, client, scopes):
         raise NotImplementedError('Subclasses must implement this method.')
 
-    def validate_redirect_uri(self, client_id, redirect_uri):
+    def validate_redirect_uri(self, client, redirect_uri):
         raise NotImplementedError('Subclasses must implement this method.')
 
-    def get_default_redirect_uri(self, client_id):
+    def get_default_redirect_uri(self, client):
         raise NotImplementedError('Subclasses must implement this method.')
 
-    def get_default_scopes(self, client_id):
+    def get_default_scopes(self, client):
         raise NotImplementedError('Subclasses must implement this method.')
 
 
-class AuthorizationCodeGrant(object):
+class AuthorizationCodeGrant(AuthorizationBase):
 
     @property
     def expires_in(self):
@@ -107,7 +106,7 @@ class AuthorizationCodeGrant(object):
         try:
             self.validate_request(request)
 
-        except OAuth2Error as e:
+        except errors.OAuth2Error as e:
             return add_params_to_uri(request.redirect_uri, e.twotuples)
 
         self.grant = self.create_authorization_grant(request)
@@ -130,7 +129,7 @@ class AuthorizationCodeGrant(object):
         try:
             self.validate_request(request)
 
-        except OAuth2Error as e:
+        except errors.OAuth2Error as e:
             return e.json
 
         self.scopes = self.get_scopes(request.client, request.code)
@@ -142,29 +141,23 @@ class AuthorizationCodeGrant(object):
     def validate_token_request(self, request):
 
         if not request.grant_type == u'authorization_code':
-            raise TokenEndpoint.UnsupportedGrantTypeError()
+            raise errors.UnsupportedGrantTypeError()
 
         if not request.code:
-            raise TokenEndpoint.InvalidRequestError(
+            raise errors.InvalidRequestError(
                     description=u'Missing code parameter.')
 
         if not self.validate_client(request.client, request.grant_type):
-            raise TokenEndpoint.UnauthorizedClientError()
+            raise errors.UnauthorizedClientError()
 
         if not self.validate_code(request.client, request.code):
-            raise TokenEndpoint.InvalidGrantError()
-
-    def validate_client(self, client, grant_type=None):
-        raise NotImplementedError('Subclasses must implement this method.')
+            raise errors.InvalidGrantError()
 
     def validate_code(self, client, code):
         raise NotImplementedError('Subclasses must implement this method.')
 
-    def get_scopes(self, client, code):
-        raise NotImplementedError('Subclasses must implement this method.')
-
 
-class ImplicitGrant(object):
+class ImplicitGrant(AuthorizationBase):
 
     @property
     def expires_in(self):
@@ -185,7 +178,7 @@ class ImplicitGrant(object):
         try:
             self.validate_request(request)
 
-        except OAuth2Error as e:
+        except errors.OAuth2Error as e:
             return add_params_to_uri(
                     request.redirect_uri, e.twotuples, fragment=True)
 
diff --git a/tests/oauth2/draft25/test_grant_types.py b/tests/oauth2/draft25/test_grant_types.py
new file mode 100644
index 0000000..f38458c
--- /dev/null
+++ b/tests/oauth2/draft25/test_grant_types.py
@@ -0,0 +1,10 @@
+# -*- coding: utf-8 -*-
+from __future__ import absolute_import
+from ...unittest import TestCase
+
+from oauthlib.oauth2.draft25 import AuthorizationEndpoint, TokenEndpoint
+from oauthlib.oauth2.draft25.grant_types import AuthorizationCodeGrantTokenHandler
+import json
+
+
+
diff --git a/tests/oauth2/draft25/test_server.py b/tests/oauth2/draft25/test_server.py
index db2dd88..c80357b 100644
--- a/tests/oauth2/draft25/test_server.py
+++ b/tests/oauth2/draft25/test_server.py
@@ -86,6 +86,11 @@ class AuthorizationEndpointTest(TestCase):
                  (self.uri_redirect_invalid, AuthorizationEndpoint.InvalidRequestError))
 
         for uri, error in tests:
+                 (self.uri_unsupported, errors.UnsupportedResponseTypeError),
+                 (self.uri_scope_invalid, errors.InvalidScopeError),
+                 (self.uri_redirect_invalid, errors.InvalidRequestError))
+
+        for uri, error in tests:
             ae = self.SimpleAuthorizationEndpoint(valid_scopes=self.scopes_decoded)
             self.assertRaises(error, ae.parse_authorization_parameters, uri)
 
@@ -158,7 +163,7 @@ class TokenEndpointTest(TestCase):
     body_missing_grant_type = u'code=abc'
     body_unsupported_grant_type = u'grant_type=invalid&code=abc'
 
-    class SimpleAuthorizationCodeTokenHandler(AuthorizationCodeGrantTokenHandler):
+    class SimpleAuthorizationCodeTokenHandler(AuthorizationCodeGrant):
 
         def validate_client(self, client, grant_type):
             return True
@@ -167,11 +172,6 @@ class TokenEndpointTest(TestCase):
             return True
 
         def get_scopes(self, client, code):
-            return ['hello', 'world']
-
-    class SimpleTokenEndpoint(TokenEndpoint):
-
-        @property
         def grant_type_handlers(self):
             return {
                 u'authorization_code': TokenEndpointTest.SimpleAuthorizationCodeTokenHandler()