Relax token_type checking

author: Chad Whitacre <chad@zetaweb.com> 2014-09-17 12:19:39 -0400
committer: Chad Whitacre <chad@zetaweb.com> 2014-09-17 12:19:39 -0400
commit: 0544857516745f4ba6c9829702253e17c9f77458 (patch)
tree: 175ff3fd6836bb659c9c803d4f247517236d0b68 /oauthlib/oauth2/rfc6749/parameters.py
parent: 3afd5cd84ee21312b0081850f7f4895c95bb121d (diff)
download: oauthlib-0544857516745f4ba6c9829702253e17c9f77458.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/oauthlib/oauth2/rfc6749/parameters.py b/oauthlib/oauth2/rfc6749/parameters.py
index 23176c1..0e33768 100644
--- a/oauthlib/oauth2/rfc6749/parameters.py
+++ b/oauthlib/oauth2/rfc6749/parameters.py
@@ -10,6 +10,7 @@ This module contains methods related to `Section 4`_ of the OAuth 2 RFC.
 from __future__ import absolute_import, unicode_literals
 
 import json
+import os
 import time
 try:
     import urlparse
@@ -327,7 +328,8 @@ def validate_token_parameters(params, scope=None):
         raise MissingTokenError(description="Missing access token parameter.")
 
     if not 'token_type' in params:
-        raise MissingTokenTypeError()
+        if os.environ.get('OAUTHLIB_STRICT_TOKEN_TYPE'):
+            raise MissingTokenTypeError()
 
     # If the issued access token scope is different from the one requested by
     # the client, the authorization server MUST include the "scope" response
author	Chad Whitacre <chad@zetaweb.com>	2014-09-17 12:19:39 -0400
committer	Chad Whitacre <chad@zetaweb.com>	2014-09-17 12:19:39 -0400
commit	0544857516745f4ba6c9829702253e17c9f77458 (patch)
tree	175ff3fd6836bb659c9c803d4f247517236d0b68 /oauthlib/oauth2/rfc6749/parameters.py
parent	3afd5cd84ee21312b0081850f7f4895c95bb121d (diff)
download	oauthlib-0544857516745f4ba6c9829702253e17c9f77458.tar.gz