8000 445 confirm redirect by JonathanHuot · Pull Request #566 · oauthlib/oauthlib · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

445 confirm redirect #566

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Aug 20, 2018
Merged

445 confirm redirect #566

merged 9 commits into from
Aug 20, 2018

Conversation

JonathanHuot
Copy link
Member

See #445 for discussion

@JonathanHuot JonathanHuot changed the title WIP: 445 confirm redirect 445 confirm redirect Aug 12, 2018
@JonathanHuot JonathanHuot requested a review from skion August 12, 2018 21:25
skion
skion reviewed Aug 13, 2018
View reviewed changes
tests/oauth2/rfc6749/endpoints/test_error_responses.py Outdated
@@ -237,7 +237,6 @@ def test_unauthorized_client(self):

def test_access_denied(self):
self.validator.authenticate_client.side_effect = self.set_client
self.validator.confirm_redirect_uri.return_value = False
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't fully understand how this test is now passing without this line? Wasn't that line the purpose of the test?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In the new flow, confirm_redirect_uri is not called because no redirect_uri is present in the request and get_default_redirect_uri return None.

But you are right that I replaced an initial intent with another use-case which didn't exist initially.

Let me fix that

oauthlib/oauth2/rfc6749/grant_types/authorization_code.py
@@ -420,6 +420,17 @@ def validate_token_request(self, request):
# REQUIRED, if the "redirect_uri" parameter was included in the
# authorization request as described in Section 4.1.1, and their
# values MUST be identical.
if request.redirect_uri is None:
request.using_default_redirect_uri = True
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this variable used somewhere?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't know. I was wondering it could be used in the Validator implementation. However, since it's not documented, maybe nobody care !

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see, looks good then 👍

@JonathanHuot
Copy link
Member Author

@skion : I have updated the changes, please feel free to review again and tell me :-)

@JonathanHuot JonathanHuot merged commit 63760cd into master Aug 20, 2018
@JonathanHuot JonathanHuot deleted the 445_confirm_redirect branch August 20, 2018 22:13
@JonathanHuot JonathanHuot added this to the 3.0.0 milestone Dec 3, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@skion skion skion approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
3.0.0
Development

Successfully merging this pull request may close these issues.
2 participants
@JonathanHuot @skion
0