diff options
| author | Jonathan Huot <JonathanHuot@users.noreply.github.com> | 2018-12-13 16:32:45 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-12-13 16:32:45 +0100 |
| commit | e69486499cadcda3f4fdf6dfaf8ec72b04f02128 (patch) | |
| tree | fa8743c649fca6a8ff1c3b948307da196b78ca30 /oauthlib/oauth2/rfc6749/errors.py | |
| parent | 6dcde73a81d6cbc718ca9ca7f9170a28fc1b5e34 (diff) | |
| parent | 5d9a9c90ba04f85477c7859a3cc7b13577fc24f9 (diff) | |
| download | oauthlib-e69486499cadcda3f4fdf6dfaf8ec72b04f02128.tar.gz | |
Merge branch 'master' into 601-pkce-support
Diffstat (limited to 'oauthlib/oauth2/rfc6749/errors.py')
| -rw-r--r-- | oauthlib/oauth2/rfc6749/errors.py | 29 |
1 files changed, 23 insertions, 6 deletions
diff --git a/oauthlib/oauth2/rfc6749/errors.py b/oauthlib/oauth2/rfc6749/errors.py index bee9e77..d2a1402 100644 --- a/oauthlib/oauth2/rfc6749/errors.py +++ b/oauthlib/oauth2/rfc6749/errors.py @@ -96,6 +96,27 @@ class OAuth2Error(Exception): def json(self): return json.dumps(dict(self.twotuples)) + @property + def headers(self): + if self.status_code == 401: + """ + https://tools.ietf.org/html/rfc6750#section-3 + + All challenges defined by this specification MUST use the auth-scheme + value "Bearer". This scheme MUST be followed by one or more + auth-param values. + """ + authvalues = [ + "Bearer", + 'error="{}"'.format(self.error) + ] + if self.description: + authvalues.append('error_description="{}"'.format(self.description)) + if self.uri: + authvalues.append('error_uri="{}"'.format(self.uri)) + return {"WWW-Authenticate": ", ".join(authvalues)} + return {} + class TokenExpiredError(OAuth2Error): error = 'token_expired' @@ -205,7 +226,6 @@ class AccessDeniedError(OAuth2Error): The resource owner or authorization server denied the request. """ error = 'access_denied' - status_code = 401 class UnsupportedResponseTypeError(OAuth2Error): @@ -230,12 +250,12 @@ class UnsupportedCodeChallengeMethodError(InvalidRequestError): class InvalidScopeError(OAuth2Error): """ - The requested scope is invalid, unknown, or malformed. + The requested scope is invalid, unknown, or malformed, or + exceeds the scope granted by the resource owner. https://tools.ietf.org/html/rfc6749#section-5.2 """ error = 'invalid_scope' - status_code = 400 class ServerError(OAuth2Error): @@ -293,7 +313,6 @@ class UnauthorizedClientError(OAuth2Error): grant type. """ error = 'unauthorized_client' - status_code = 401 class UnsupportedGrantTypeError(OAuth2Error): @@ -350,7 +369,6 @@ class ConsentRequired(OAuth2Error): completed without displaying a user interface for End-User consent. """ error = 'consent_required' - status_code = 401 class LoginRequired(OAuth2Error): @@ -362,7 +380,6 @@ class LoginRequired(OAuth2Error): completed without displaying a user interface for End-User authentication. """ error = 'login_required' - status_code = 401 class CustomOAuth2Error(OAuth2Error): |