diff options
author | Andy Kipp <andy@rstudio.com> | 2016-12-06 20:55:39 -0800 |
---|---|---|
committer | Andy Kipp <andy@rstudio.com> | 2016-12-06 20:55:39 -0800 |
commit | bf2f9dbff3e04addd16ad825e6dae30537677afc (patch) | |
tree | 34331dceca06a08c8f65796b94fce7968390ff08 /oauthlib/oauth2/rfc6749/endpoints | |
parent | f0bbc526065ff88eaa431163d8d7c1f72694221b (diff) | |
download | oauthlib-bf2f9dbff3e04addd16ad825e6dae30537677afc.tar.gz |
Authenticate public clients before revocation
Diffstat (limited to 'oauthlib/oauth2/rfc6749/endpoints')
-rw-r--r-- | oauthlib/oauth2/rfc6749/endpoints/revocation.py | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/oauthlib/oauth2/rfc6749/endpoints/revocation.py b/oauthlib/oauth2/rfc6749/endpoints/revocation.py index 662c793..6a5c408 100644 --- a/oauthlib/oauth2/rfc6749/endpoints/revocation.py +++ b/oauthlib/oauth2/rfc6749/endpoints/revocation.py @@ -122,7 +122,11 @@ class RevocationEndpoint(BaseEndpoint): if self.request_validator.client_authentication_required(request): if not self.request_validator.authenticate_client(request): + log.debug('Client authentication failed, %r.', request) raise InvalidClientError(request=request) + elif not self.request_validator.authenticate_client_id(request.client_id, request): + log.debug('Client authentication failed, %r.', request) + raise InvalidClientError(request=request) if (request.token_type_hint and request.token_type_hint in self.valid_token_types and |