Fixes #55 - Handle non-list/non-tuple form field values for scope introduced in Django 1.6

2013-11-21 15:05:05 -06:00 · 2013-11-21 15:05:05 -06:00 · 10adf8c66a
parent 8a97e5e2e6
commit 10adf8c66a
2 changed files with 8 additions and 3 deletions
--- a/provider/oauth2/forms.py
+++ b/provider/oauth2/forms.py
@ -56,8 +56,13 @@ class ScopeChoiceField(forms.ChoiceField):
        if not value:
            return []

+        # New in Django 1.6: value may come in as a string.
+        # Instead of raising an `OAuthValidationError`, try to parse and
+        # ultimately return an empty list if nothing remains -- this will
+        # eventually raise an `OAuthValidationError` in `validate` where
+        # it should be anyways.
        if not isinstance(value, (list, tuple)):
-            raise OAuthValidationError({'error': 'invalid_request'})
+            value = value.split(' ')

        # Split values into list
        return u' '.join([smart_unicode(val) for val in value]).split(u' ')
--- a/provider/oauth2/tests.py
+++ b/provider/oauth2/tests.py
@ -147,8 +147,8 @@ class AuthorizationTest(BaseOAuth2TestCase):
        response = self.client.get(self.auth_url() + '?client_id=%s&response_type=code&scope=invalid+invalid2' % self.get_client().client_id)
        response = self.client.get(self.auth_url2())

-        # self.assertEqual(400, response.status_code)
-        # self.assertTrue(escape(u"'invalid' is not a valid scope.") in response.content)
+        self.assertEqual(400, response.status_code)
+        self.assertTrue(escape(u"'invalid' is not a valid scope.") in response.content)

        response = self.client.get(self.auth_url() + '?client_id=%s&response_type=code&scope=%s' % (
            self.get_client().client_id,