Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Refactor /api/v1/authorize error handling.

  • Loading branch information...
commit dbe2be5a72f8154963861bd1024fc6f8ac4a3b54 1 parent 8ea72cf
@dpifke dpifke authored committed
Showing with 8 additions and 6 deletions.
  1. +8 −6 r2/r2/controllers/oauth2.py
View
14 r2/r2/controllers/oauth2.py
@@ -68,7 +68,9 @@ def _check_redirect_uri(self, client, redirect_uri):
if not redirect_uri or not client or redirect_uri != client.redirect_uri:
abort(ForbiddenError(errors.OAUTH2_INVALID_REDIRECT_URI))
- def _error_response(self, resp):
+ def _error_response(self, resp, redirect_uri):
+ """Return an error redirect, but only if client_id and redirect_uri are valid."""
+
if (errors.OAUTH2_INVALID_CLIENT, "client_id") in c.errors:
resp["error"] = "unauthorized_client"
elif (errors.OAUTH2_ACCESS_DENIED, "authorize") in c.errors:
@@ -82,6 +84,8 @@ def _error_response(self, resp):
else:
resp["error"] = "invalid_request"
+ return self.redirect(redirect_uri+"?"+urlencode(resp), code=302)
+
@validate(VUser(),
response_type = VOneOf("response_type", ("code",)),
client = VClientID(),
@@ -96,8 +100,7 @@ def GET_authorize(self, response_type, client, redirect_uri, scope, state):
c.deny_frames = True
return OAuth2AuthorizationPage(client, redirect_uri, scope_info[scope], state).render()
else:
- self._error_response(resp)
- return self.redirect(redirect_uri+"?"+urlencode(resp), code=302)
+ return self._error_response(resp, redirect_uri)
@validate(VUser(),
VModhash(fatal=False),
@@ -116,10 +119,9 @@ def POST_authorize(self, authorize, client, redirect_uri, scope, state):
if not c.errors:
code = OAuth2AuthorizationCode._new(client._id, redirect_uri, c.user._id, scope)
resp["code"] = code._id
+ return self.redirect(redirect_uri+"?"+urlencode(resp), code=302)
else:
- self._error_response(resp)
-
- return self.redirect(redirect_uri+"?"+urlencode(resp), code=302)
+ return self._error_response(resp, redirect_uri)
class OAuth2AccessController(MinimalController):
def pre(self):
Please sign in to comment.
Something went wrong with that request. Please try again.