diff options
| author | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2018-12-13 16:31:03 +0100 |
|---|---|---|
| committer | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2018-12-13 16:31:03 +0100 |
| commit | 6dcde73a81d6cbc718ca9ca7f9170a28fc1b5e34 (patch) | |
| tree | 2565dda792ca421638a995f3de4e8a89e4f3af55 | |
| parent | 1a7be4eebb11cd5224c3b6eaf1782e8add5bd8d9 (diff) | |
| download | oauthlib-6dcde73a81d6cbc718ca9ca7f9170a28fc1b5e34.tar.gz | |
Add details on grant_type & implicit special case.
| -rw-r--r-- | oauthlib/oauth2/rfc6749/endpoints/metadata.py | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/oauthlib/oauth2/rfc6749/endpoints/metadata.py b/oauthlib/oauth2/rfc6749/endpoints/metadata.py index fe6545f..c2d5918 100644 --- a/oauthlib/oauth2/rfc6749/endpoints/metadata.py +++ b/oauthlib/oauth2/rfc6749/endpoints/metadata.py @@ -89,6 +89,12 @@ class MetadataEndpoint(BaseEndpoint): raise ValueError("array {}: {} must contains only string (not {})".format(key, array[key], elem)) def validate_metadata_token(self, claims, endpoint): + """ + If the token endpoint is used in the grant type, the value of this + parameter MUST be the same as the value of the "grant_type" + parameter passed to the token endpoint defined in the grant type + definition. + """ self._grant_types.extend(endpoint._grant_types.keys()) claims.setdefault("token_endpoint_auth_methods_supported", ["client_secret_post", "client_secret_basic"]) @@ -100,6 +106,10 @@ class MetadataEndpoint(BaseEndpoint): claims.setdefault("response_types_supported", list(filter(lambda x: x != "none", endpoint._response_types.keys()))) claims.setdefault("response_modes_supported", ["query", "fragment"]) + + # The OAuth2.0 Implicit flow is defined as a "grant type" but it is not + # using the "token" endpoint, at such, we have to add it explicitly to + # the list of "grant_types_supported" when enabled. if "token" in claims["response_types_supported"]: self._grant_types.append("implicit") @@ -196,6 +206,8 @@ class MetadataEndpoint(BaseEndpoint): if isinstance(endpoint, IntrospectEndpoint): self.validate_metadata_introspection(claims, endpoint) + # "grant_types_supported" is a combination of all OAuth2 grant types + # allowed in the current provider implementation. claims.setdefault("grant_types_supported", self._grant_types) self.validate_metadata(claims, "grant_types_supported", is_list=True) return claims |