# error and MUST NOT automatically redirect the user-agent to the
# invalid redirection URI.
+ # First check duplicate parameters
+ for param in ('client_id', 'response_type', 'redirect_uri', 'scope', 'state'):
+ try:
+ duplicate_params = request.duplicate_params
+ except ValueError:
+ raise errors.InvalidRequestFatalError(description='Unable to parse query string', request=request)
+ if param in duplicate_params:
+ raise errors.InvalidRequestFatalError(description='Duplicate %s parameter.' % param, request=request)
+
# REQUIRED. The client identifier as described in Section 2.2.
# http://tools.ietf.org/html/rfc6749#section-2.2
if not request.client_id:
# Note that the correct parameters to be added are automatically
# populated through the use of specific exceptions.
- if request.response_type is None:
- raise errors.InvalidRequestError(description='Missing response_type parameter.', request=request)
- for param in ('client_id', 'response_type', 'redirect_uri', 'scope', 'state'):
- if param in request.duplicate_params:
- raise errors.InvalidRequestError(description='Duplicate %s parameter.' % param, request=request)
+ # REQUIRED.
+ if request.response_type is None:
+ raise errors.MissingResponseTypeError(request=request)
+ # Value MUST be set to "code".
+ elif request.response_type != 'code':
+ raise errors.UnsupportedResponseTypeError(request=request)
if not self.request_validator.validate_response_type(request.client_id,
- request.response_type, request.client, request):
+ request.response_type,
+ request.client, request):
+
log.debug('Client %s is not authorized to use response_type %s.',
request.client_id, request.response_type)
raise errors.UnauthorizedClientError(request=request)
- # REQUIRED. Value MUST be set to "code".
- if request.response_type != 'code':
- raise errors.UnsupportedResponseTypeError(request=request)
-
# OPTIONAL. The scope of the access request as described by Section 3.3
# http://tools.ietf.org/html/rfc6749#section-3.3
self.validate_scopes(request)
request.client_id, request.client, request.scopes)
raise errors.InvalidGrantError(request=request)
- for attr in ('user', 'state', 'scopes'):
- if getattr(request, attr) is None:
+ for attr in ('user', 'scopes'):
+ if getattr(request, attr, None) is None:
log.debug('request.%s was not set on code validation.', attr)
# REQUIRED, if the "redirect_uri" parameter was included in the