Extract redirect handling to a common method.

3 files changed, 59 insertions, 70 deletions

diff --git a/oauthlib/oauth2/rfc6749/grant_types/authorization_code.py b/oauthlib/oauth2/rfc6749/grant_types/authorization_code.py
index 355ea1b..0cbcb8c 100644
--- a/oauthlib/oauth2/rfc6749/grant_types/authorization_code.py
+++ b/oauthlib/oauth2/rfc6749/grant_types/authorization_code.py
@@ -9,7 +9,6 @@ import json
 import logging
 
 from oauthlib import common
-from oauthlib.uri_validate import is_absolute_uri
 
 from .. import errors
 from .base import GrantTypeBase
@@ -295,24 +294,10 @@ class AuthorizationCodeGrant(GrantTypeBase):
         # https://tools.ietf.org/html/rfc6749#section-3.1.2
         log.debug('Validating redirection uri %s for client %s.',
                   request.redirect_uri, request.client_id)
-        if request.redirect_uri is not None:
-            request.using_default_redirect_uri = False
-            log.debug('Using provided redirect_uri %s', request.redirect_uri)
-            if not is_absolute_uri(request.redirect_uri):
-                raise errors.InvalidRedirectURIError(request=request)
 
-            if not self.request_validator.validate_redirect_uri(
-                    request.client_id, request.redirect_uri, request):
-                raise errors.MismatchingRedirectURIError(request=request)
-        else:
-            request.redirect_uri = self.request_validator.get_default_redirect_uri(
-                request.client_id, request)
-            request.using_default_redirect_uri = True
-            log.debug('Using default redirect_uri %s.', request.redirect_uri)
-            if not request.redirect_uri:
-                raise errors.MissingRedirectURIError(request=request)
-            if not is_absolute_uri(request.redirect_uri):
-                raise errors.InvalidRedirectURIError(request=request)
+        # OPTIONAL. As described in Section 3.1.2.
+        # https://tools.ietf.org/html/rfc6749#section-3.1.2
+        self._handle_redirects(request)
 
         # Then check for normal errors.
 
diff --git a/oauthlib/oauth2/rfc6749/grant_types/base.py b/oauthlib/oauth2/rfc6749/grant_types/base.py
index 6ca8f65..f0772e2 100644
--- a/oauthlib/oauth2/rfc6749/grant_types/base.py
+++ b/oauthlib/oauth2/rfc6749/grant_types/base.py
@@ -9,51 +9,53 @@ import logging
 from itertools import chain
 
 from oauthlib.common import add_params_to_uri
+from oauthlib.uri_validate import is_absolute_uri
 from oauthlib.oauth2.rfc6749 import errors, utils
 
 from ..request_validator import RequestValidator
 
 log = logging.getLogger(__name__)
 
+
 class ValidatorsContainer(object):
     """
-        Container object for holding custom validator callables to be invoked
-        as part of the grant type `validate_authorization_request()` or
-        `validate_authorization_request()` methods on the various grant types.
+    Container object for holding custom validator callables to be invoked
+    as part of the grant type `validate_authorization_request()` or
+    `validate_authorization_request()` methods on the various grant types.
 
-        Authorization validators must be callables that take a request object and
-        return a dict, which may contain items to be added to the `request_info`
-        returned from the grant_type after validation.
+    Authorization validators must be callables that take a request object and
+    return a dict, which may contain items to be added to the `request_info`
+    returned from the grant_type after validation.
 
-        Token validators must be callables that take a request object and
-        return None.
+    Token validators must be callables that take a request object and
+    return None.
 
-        Both authorization validators and token validators may raise OAuth2
-        exceptions if validation conditions fail.
+    Both authorization validators and token validators may raise OAuth2
+    exceptions if validation conditions fail.
 
-        Authorization validators added to `pre_auth` will be run BEFORE
-        the standard validations (but after the critical ones that raise
-        fatal errors) as part of `validate_authorization_request()`
+    Authorization validators added to `pre_auth` will be run BEFORE
+    the standard validations (but after the critical ones that raise
+    fatal errors) as part of `validate_authorization_request()`
 
-        Authorization validators added to `post_auth` will be run AFTER
-        the standard validations as part of `validate_authorization_request()`
+    Authorization validators added to `post_auth` will be run AFTER
+    the standard validations as part of `validate_authorization_request()`
 
-        Token validators added to `pre_token` will be run BEFORE
-        the standard validations as part of `validate_token_request()`
+    Token validators added to `pre_token` will be run BEFORE
+    the standard validations as part of `validate_token_request()`
 
-        Token validators added to `post_token` will be run AFTER
-        the standard validations as part of `validate_token_request()`
+    Token validators added to `post_token` will be run AFTER
+    the standard validations as part of `validate_token_request()`
 
-        For example:
+    For example:
 
-        >>> def my_auth_validator(request):
-        ...    return {'myval': True}
-        >>> auth_code_grant = AuthorizationCodeGrant(request_validator)
-        >>> auth_code_grant.custom_validators.pre_auth.append(my_auth_validator)
-        >>> def my_token_validator(request):
-        ...     if not request.everything_okay:
-        ...         raise errors.OAuth2Error("uh-oh")
-        >>> auth_code_grant.custom_validators.post_token.append(my_token_validator)
+    >>> def my_auth_validator(request):
+    ...    return {'myval': True}
+    >>> auth_code_grant = AuthorizationCodeGrant(request_validator)
+    >>> auth_code_grant.custom_validators.pre_auth.append(my_auth_validator)
+    >>> def my_token_validator(request):
+    ...     if not request.everything_okay:
+    ...         raise errors.OAuth2Error("uh-oh")
+    >>> auth_code_grant.custom_validators.post_token.append(my_token_validator)
     """
 
     def __init__(self, post_auth, post_token,
@@ -224,3 +226,28 @@ class GrantTypeBase(object):
             'Cache-Control': 'no-store',
             'Pragma': 'no-cache',
         }
+
+    def _handle_redirects(self, request):
+        if request.redirect_uri is not None:
+            request.using_default_redirect_uri = False
+            log.debug('Using provided redirect_uri %s', request.redirect_uri)
+            if not is_absolute_uri(request.redirect_uri):
+                raise errors.InvalidRedirectURIError(request=request)
+
+            # The authorization server MUST verify that the redirection URI
+            # to which it will redirect the access token matches a
+            # redirection URI registered by the client as described in
+            # Section 3.1.2.
+            # https://tools.ietf.org/html/rfc6749#section-3.1.2
+            if not self.request_validator.validate_redirect_uri(
+                    request.client_id, request.redirect_uri, request):
+                raise errors.MismatchingRedirectURIError(request=request)
+        else:
+            request.redirect_uri = self.request_validator.get_default_redirect_uri(
+                request.client_id, request)
+            request.using_default_redirect_uri = True
+            log.debug('Using default redirect_uri %s.', request.redirect_uri)
+            if not request.redirect_uri:
+                raise errors.MissingRedirectURIError(request=request)
+            if not is_absolute_uri(request.redirect_uri):
+                raise errors.InvalidRedirectURIError(request=request)
diff --git a/oauthlib/oauth2/rfc6749/grant_types/implicit.py b/oauthlib/oauth2/rfc6749/grant_types/implicit.py
index b29953b..d6de906 100644
--- a/oauthlib/oauth2/rfc6749/grant_types/implicit.py
+++ b/oauthlib/oauth2/rfc6749/grant_types/implicit.py
@@ -8,7 +8,6 @@ from __future__ import absolute_import, unicode_literals
 import logging
 
 from oauthlib import common
-from oauthlib.uri_validate import is_absolute_uri
 
 from .. import errors
 from .base import GrantTypeBase
@@ -307,29 +306,7 @@ class ImplicitGrant(GrantTypeBase):
 
         # OPTIONAL. As described in Section 3.1.2.
         # https://tools.ietf.org/html/rfc6749#section-3.1.2
-        if request.redirect_uri is not None:
-            request.using_default_redirect_uri = False
-            log.debug('Using provided redirect_uri %s', request.redirect_uri)
-            if not is_absolute_uri(request.redirect_uri):
-                raise errors.InvalidRedirectURIError(request=request)
-
-            # The authorization server MUST verify that the redirection URI
-            # to which it will redirect the access token matches a
-            # redirection URI registered by the client as described in
-            # Section 3.1.2.
-            # https://tools.ietf.org/html/rfc6749#section-3.1.2
-            if not self.request_validator.validate_redirect_uri(
-                    request.client_id, request.redirect_uri, request):
-                raise errors.MismatchingRedirectURIError(request=request)
-        else:
-            request.redirect_uri = self.request_validator.get_default_redirect_uri(
-                request.client_id, request)
-            request.using_default_redirect_uri = True
-            log.debug('Using default redirect_uri %s.', request.redirect_uri)
-            if not request.redirect_uri:
-                raise errors.MissingRedirectURIError(request=request)
-            if not is_absolute_uri(request.redirect_uri):
-                raise errors.InvalidRedirectURIError(request=request)
+        self._handle_redirects(request)
 
         # Then check for normal errors.