diff options
author | Joel Stevenson <jstevenson@bepress.com> | 2016-05-02 11:21:11 -0700 |
---|---|---|
committer | Joel Stevenson <jstevenson@bepress.com> | 2016-05-02 11:21:11 -0700 |
commit | 071ecaf8221fdc8cc2793238f067c78a26e2763d (patch) | |
tree | adf38c9c3dad69d84b43a845011ac4a84aaf9f6f | |
parent | c9393ce3fb370af303afe741ce61ee1f73a17833 (diff) | |
download | oauthlib-071ecaf8221fdc8cc2793238f067c78a26e2763d.tar.gz |
Pairing with the previous commit, revert the change related to response_type in AuthorizationEndpoint so that they must appear in the order specified in the spec. Just keeps the code clean and simple this way.
-rw-r--r-- | oauthlib/oauth2/rfc6749/endpoints/authorization.py | 22 | ||||
-rw-r--r-- | oauthlib/oauth2/rfc6749/request_validator.py | 3 |
2 files changed, 8 insertions, 17 deletions
diff --git a/oauthlib/oauth2/rfc6749/endpoints/authorization.py b/oauthlib/oauth2/rfc6749/endpoints/authorization.py index af36db9..6e8bb4a 100644 --- a/oauthlib/oauth2/rfc6749/endpoints/authorization.py +++ b/oauthlib/oauth2/rfc6749/endpoints/authorization.py @@ -64,11 +64,7 @@ class AuthorizationEndpoint(BaseEndpoint): def __init__(self, default_response_type, default_token_type, response_types): BaseEndpoint.__init__(self) - self._response_types = {} - # response_types are sorted internally so ordered comparison is faster/easier later - - for k, v in response_types.iteritems() if sys.version_info[0] == 2 else iter(response_types.items()): - self._response_types[",".join(sorted(k.split()))] = v + self._response_types = response_types self._default_response_type = default_response_type self._default_token_type = default_token_type @@ -89,16 +85,6 @@ class AuthorizationEndpoint(BaseEndpoint): def default_token_type(self): return self._default_token_type - def get_response_types_handler(self, request): - - if request.response_type is None: - response_type_handler = self.default_response_type_handler - else: - response_type_handler = self.response_types.get( - ",".join(sorted(request.response_type.split())), self.default_response_type_handler) - - return response_type_handler - @catch_errors_and_unavailability def create_authorization_response(self, uri, http_method='GET', body=None, headers=None, scopes=None, credentials=None): @@ -110,7 +96,8 @@ class AuthorizationEndpoint(BaseEndpoint): request.user = None # TODO: explain this in docs for k, v in (credentials or {}).items(): setattr(request, k, v) - response_type_handler = self.get_response_types_handler(request) + response_type_handler = self.response_types.get( + request.response_type, self.default_response_type_handler) log.debug('Dispatching response_type %s request to %r.', request.response_type, response_type_handler) return response_type_handler.create_authorization_response( @@ -123,5 +110,6 @@ class AuthorizationEndpoint(BaseEndpoint): request = Request( uri, http_method=http_method, body=body, headers=headers) request.scopes = None - response_type_handler = self.get_response_types_handler(request) + response_type_handler = self.response_types.get( + request.response_type, self.default_response_type_handler) return response_type_handler.validate_authorization_request(request) diff --git a/oauthlib/oauth2/rfc6749/request_validator.py b/oauthlib/oauth2/rfc6749/request_validator.py index 935744f..99a846e 100644 --- a/oauthlib/oauth2/rfc6749/request_validator.py +++ b/oauthlib/oauth2/rfc6749/request_validator.py @@ -283,6 +283,9 @@ class RequestValidator(object): Subclasses should implement the construction, signing and optional encryption of the ID Token as described in the OpenID Connect spec. + For implicit and hybrid workflows your subclass can find the nonce on the + request. + :param token: A Bearer token dict :param token_handler: the token handler (BearerToken class) :param request: the HTTP Request (oauthlib.common.Request) |