diff options
author | Joel Stevenson <jstevenson@bepress.com> | 2016-05-02 10:10:52 -0700 |
---|---|---|
committer | Joel Stevenson <jstevenson@bepress.com> | 2016-05-02 10:10:52 -0700 |
commit | c9393ce3fb370af303afe741ce61ee1f73a17833 (patch) | |
tree | 2ffa8a289b7613e5649f313d0e14db23b3105ec8 /oauthlib/oauth2/rfc6749/grant_types/base.py | |
parent | 9e6de5cc1ebd3d257d8fe7931924736ca731b301 (diff) | |
download | oauthlib-c9393ce3fb370af303afe741ce61ee1f73a17833.tar.gz |
Check the response type against exact response_type registry formats in GrantTypeBase.add_token()
Diffstat (limited to 'oauthlib/oauth2/rfc6749/grant_types/base.py')
-rw-r--r-- | oauthlib/oauth2/rfc6749/grant_types/base.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/oauthlib/oauth2/rfc6749/grant_types/base.py b/oauthlib/oauth2/rfc6749/grant_types/base.py index 44a220c..6813472 100644 --- a/oauthlib/oauth2/rfc6749/grant_types/base.py +++ b/oauthlib/oauth2/rfc6749/grant_types/base.py @@ -26,7 +26,7 @@ class GrantTypeBase(object): def add_token(self, token, token_handler, request): # Only add a hybrid access token on auth step if asked for - if not 'token' in request.response_type.split(): + if not request.response_type in ["token", "code token", "id_token token", "code id_token token"]: return token token.update(token_handler.create_token(request, refresh_token=False)) |