Extract raising error on client auth failure.

author: Omer Katz <omer.drow@gmail.com> 2018-12-17 15:16:44 +0200
committer: Omer Katz <omer.drow@gmail.com> 2018-12-17 15:16:44 +0200
commit: cfd6af0168c27e74eb8fd300d42b3145cdea8a78 (patch)
tree: 989368b14a015c75c37eade874cb53dcc877cdf7 /oauthlib/oauth2/rfc6749
parent: 06912287b170aa7255b7120403943ba9e99e649e (diff)
download: oauthlib-cfd6af0168c27e74eb8fd300d42b3145cdea8a78.tar.gz
3 files changed, 15 insertions, 21 deletions
diff --git a/oauthlib/oauth2/rfc6749/endpoints/base.py b/oauthlib/oauth2/rfc6749/endpoints/base.py
index 7a121fa..638311d 100644
--- a/oauthlib/oauth2/rfc6749/endpoints/base.py
+++ b/oauthlib/oauth2/rfc6749/endpoints/base.py
@@ -12,7 +12,8 @@ import functools
 import logging
 
 from ..errors import (FatalClientError, OAuth2Error, ServerError,
-                      TemporarilyUnavailableError, InvalidRequestError)
+                      TemporarilyUnavailableError, InvalidRequestError,
+                      InvalidClientError)
 
 log = logging.getLogger(__name__)
 
@@ -44,6 +45,15 @@ class BaseEndpoint(object):
         if not request.token:
             raise InvalidRequestError(request=request,
                                       description='Missing token parameter.')
+    def _raise_on_invalid_client(self, request):
+        """Raise on failed client authentication."""
+        if self.request_validator.client_authentication_required(request):
+            if not self.request_validator.authenticate_client(request):
+                log.debug('Client authentication failed, %r.', request)
+                raise InvalidClientError(request=request)
+        elif not self.request_validator.authenticate_client_id(request.client_id, request):
+            log.debug('Client authentication failed, %r.', request)
+            raise InvalidClientError(request=request)
 
 
 def catch_errors_and_unavailability(f):
diff --git a/oauthlib/oauth2/rfc6749/endpoints/introspect.py b/oauthlib/oauth2/rfc6749/endpoints/introspect.py
index 58b9a88..5f24ff3 100644
--- a/oauthlib/oauth2/rfc6749/endpoints/introspect.py
+++ b/oauthlib/oauth2/rfc6749/endpoints/introspect.py
@@ -14,8 +14,7 @@ import logging
 
 from oauthlib.common import Request
 
-from ..errors import (InvalidClientError, InvalidRequestError, OAuth2Error,
-                      UnsupportedTokenTypeError)
+from ..errors import OAuth2Error, UnsupportedTokenTypeError
 from .base import BaseEndpoint, catch_errors_and_unavailability
 
 log = logging.getLogger(__name__)
@@ -118,14 +117,7 @@ class IntrospectEndpoint(BaseEndpoint):
         .. _`RFC6749`: http://tools.ietf.org/html/rfc6749
         """
         self._raise_on_missing_token(request)
-        
-        if self.request_validator.client_authentication_required(request):
-            if not self.request_validator.authenticate_client(request):
-                log.debug('Client authentication failed, %r.', request)
-                raise InvalidClientError(request=request)
-        elif not self.request_validator.authenticate_client_id(request.client_id, request):
-            log.debug('Client authentication failed, %r.', request)
-            raise InvalidClientError(request=request)
+        self._raise_on_invalid_client(request)
 
         if (request.token_type_hint and
                 request.token_type_hint in self.valid_token_types and
diff --git a/oauthlib/oauth2/rfc6749/endpoints/revocation.py b/oauthlib/oauth2/rfc6749/endpoints/revocation.py
index 6f0081b..8ec9512 100644
--- a/oauthlib/oauth2/rfc6749/endpoints/revocation.py
+++ b/oauthlib/oauth2/rfc6749/endpoints/revocation.py
@@ -13,8 +13,7 @@ import logging
 
 from oauthlib.common import Request
 
-from ..errors import (InvalidClientError, InvalidRequestError, OAuth2Error,
-                      UnsupportedTokenTypeError)
+from ..errors import OAuth2Error, UnsupportedTokenTypeError
 from .base import BaseEndpoint, catch_errors_and_unavailability
 
 log = logging.getLogger(__name__)
@@ -117,14 +116,7 @@ class RevocationEndpoint(BaseEndpoint):
         .. _`RFC6749`: https://tools.ietf.org/html/rfc6749
         """
         self._raise_on_missing_token(request)
-
-        if self.request_validator.client_authentication_required(request):
-            if not self.request_validator.authenticate_client(request):
-                log.debug('Client authentication failed, %r.', request)
-                raise InvalidClientError(request=request)
-        elif not self.request_validator.authenticate_client_id(request.client_id, request):
-            log.debug('Client authentication failed, %r.', request)
-            raise InvalidClientError(request=request)
+        self._raise_on_invalid_client(request)
 
         if (request.token_type_hint and
                 request.token_type_hint in self.valid_token_types and
author	Omer Katz <omer.drow@gmail.com>	2018-12-17 15:16:44 +0200
committer	Omer Katz <omer.drow@gmail.com>	2018-12-17 15:16:44 +0200
commit	cfd6af0168c27e74eb8fd300d42b3145cdea8a78 (patch)
tree	989368b14a015c75c37eade874cb53dcc877cdf7 /oauthlib/oauth2/rfc6749
parent	06912287b170aa7255b7120403943ba9e99e649e (diff)
download	oauthlib-cfd6af0168c27e74eb8fd300d42b3145cdea8a78.tar.gz