diff options
author | Brendan McCollam <bmccollam@uchicago.edu> | 2016-12-20 14:55:04 +0000 |
---|---|---|
committer | Brendan McCollam <bmccollam@uchicago.edu> | 2016-12-22 15:00:32 +0000 |
commit | c6d84da649789151a274e091df3f23e99e92dd0c (patch) | |
tree | 93f9c299c7f1c8aee06d1fd3039cff9af06f3b08 /oauthlib/oauth2/rfc6749/grant_types/implicit.py | |
parent | a33c82e7be21429b5c376f2912a6a553cf87018b (diff) | |
download | oauthlib-c6d84da649789151a274e091df3f23e99e92dd0c.tar.gz |
Per code review, _run_custom_validators() doesn't mutate request_info
Diffstat (limited to 'oauthlib/oauth2/rfc6749/grant_types/implicit.py')
-rw-r--r-- | oauthlib/oauth2/rfc6749/grant_types/implicit.py | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/oauthlib/oauth2/rfc6749/grant_types/implicit.py b/oauthlib/oauth2/rfc6749/grant_types/implicit.py index 59f02bd..5d72367 100644 --- a/oauthlib/oauth2/rfc6749/grant_types/implicit.py +++ b/oauthlib/oauth2/rfc6749/grant_types/implicit.py @@ -317,9 +317,7 @@ class ImplicitGrant(GrantTypeBase): # Then check for normal errors. - request_info = {} - - self._run_custom_validators(request, request_info, + request_info = self._run_custom_validators(request, self._auth_validators_run_before_standard_ones, self._token_validators_run_before_standard_ones) @@ -363,18 +361,21 @@ class ImplicitGrant(GrantTypeBase): 'request': request, }) - self._run_custom_validators(request, request_info, + request_info = self._run_custom_validators(request, self._auth_validators_run_after_standard_ones, - self._token_validators_run_after_standard_ones) + self._token_validators_run_after_standard_ones, + request_info) return request.scopes, request_info def _run_custom_validators(self, request, - request_info, auth_validators, - token_validators): + token_validators, + request_info=None): + # Make a copy so we don't modify the existing request_info dict + request_info = {} if request_info is None else request_info.copy() # For implicit grant, auth_validators and token_validators are # basically equivalent since the token is returned from the # authorization endpoint. |