I have introduced a RefreshTokenGrant in grant_types.py. I am using this as a replacement for the AuthorisationCodeGrant when the consumer sends a refresh token request. If you are handling this a different way server side could you point that out as it is not obvious.
added RefreshTokenGrant to grant_types.py.
Awesome! I was planning on creating a grant for this but forgot to document it anywhere. Well spotted and great initiative. Can't look over it now but will try and find some time this week.
No worries, it's a basic version of the AuthorisationCodeGrant :)
changed RefreshTokenGrant error for failing validate_refresh_token to…
… InvalidRequestError as per the Oauth2 spec 5.2
added validate_redirect_uri method call to RefreshTokenGrant in grant…
ammeded comment for validate_redirect_uri
moved redirect token check to validate_token_request in Authorization…
fixed sleepy mistake for checking redirect uri
changed self.request to request in create_token_response
changed request.scopes to singlular which seems to be the normal tens…
…e for scope parameter.
Just an update, you are not forgotten and I'll patch your PR in at some point this week =)
I broke a fair bit off your PR with my recent update so I copied it in manually and adjusted a few things to match my updates. I like that you started to break out redirect validation from the request validator and hope to get around to doing that for both auth code and implicit tomorrow.
I added you to authors, let me know if you'd rather not be listed.