Authenticate public clients before revocation

author: Andy Kipp <andy@rstudio.com> 2016-12-06 20:55:39 -0800
committer: Andy Kipp <andy@rstudio.com> 2016-12-06 20:55:39 -0800
commit: bf2f9dbff3e04addd16ad825e6dae30537677afc (patch)
tree: 34331dceca06a08c8f65796b94fce7968390ff08 /oauthlib/oauth2/rfc6749/endpoints
parent: f0bbc526065ff88eaa431163d8d7c1f72694221b (diff)
download: oauthlib-bf2f9dbff3e04addd16ad825e6dae30537677afc.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/oauthlib/oauth2/rfc6749/endpoints/revocation.py b/oauthlib/oauth2/rfc6749/endpoints/revocation.py
index 662c793..6a5c408 100644
--- a/oauthlib/oauth2/rfc6749/endpoints/revocation.py
+++ b/oauthlib/oauth2/rfc6749/endpoints/revocation.py
@@ -122,7 +122,11 @@ class RevocationEndpoint(BaseEndpoint):
 
         if self.request_validator.client_authentication_required(request):
             if not self.request_validator.authenticate_client(request):
+                log.debug('Client authentication failed, %r.', request)
                 raise InvalidClientError(request=request)
+        elif not self.request_validator.authenticate_client_id(request.client_id, request):
+            log.debug('Client authentication failed, %r.', request)
+            raise InvalidClientError(request=request) 
 
         if (request.token_type_hint and
                 request.token_type_hint in self.valid_token_types and
author	Andy Kipp <andy@rstudio.com>	2016-12-06 20:55:39 -0800
committer	Andy Kipp <andy@rstudio.com>	2016-12-06 20:55:39 -0800
commit	bf2f9dbff3e04addd16ad825e6dae30537677afc (patch)
tree	34331dceca06a08c8f65796b94fce7968390ff08 /oauthlib/oauth2/rfc6749/endpoints
parent	f0bbc526065ff88eaa431163d8d7c1f72694221b (diff)
download	oauthlib-bf2f9dbff3e04addd16ad825e6dae30537677afc.tar.gz