Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Normalize handling of request.scopes list #450

Merged
merged 2 commits into from
Nov 23, 2016
Merged

Normalize handling of request.scopes list #450

merged 2 commits into from
Nov 23, 2016

Conversation

joelstevenson
Copy link
Contributor

Use the scope_to_list() util to initalize the request.scopes list from
the request.scope request parameter in two place where it was instead
being set to None.

  • AuthorizationEndpoint.validate_authorization_request()
  • TokenEndpoint.create_token_response()

In both cases the Request should be properly populated before it is
passed to the client's validator.

In the case of the TokenEndpoint - there are OAuth2 workflows that
allow an optional scope parameter so we should have been doing this
for them anyway.

Since scope_to_list() may return None, also update the openid_connect
code to behave properly when this is the case.

Fixes #436 cf. #437 , #441

Normalize handling of request.scopes list
f1a8fc4 
Use the scope_to_list() util to initalize the request.scopes list from
the request.scope request parameter in two place where it was instead
being set to None.

- AuthorizationEndpoint.validate_authorization_request()
- TokenEndpoint.create_token_response()

In both cases the Request should be properly populated before it is
passed to the client's validator.

In the case of the TokenEndpoint - there are OAuth2 workflows that
allow an optional scope parameter so we should have been doing this
for them anyway.

Since scope_to_list() may return None, also update the openid_connect
code to behave properly when this is the case.

Fixes oauthlib#436
@thedrow
Copy link
Collaborator

thedrow commented Nov 22, 2016

Care to fix the test?

@thedrow thedrow merged commit 8008086 into oauthlib:master Nov 23, 2016
@thedrow
Copy link
Collaborator

thedrow commented Nov 23, 2016

Thank you very much!

This was referenced Nov 24, 2016
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@joelstevenson @thedrow