From 10adf8c66af71caf2286a625776a4008ccb18051 Mon Sep 17 00:00:00 2001 From: Evan Culver Date: Thu, 21 Nov 2013 15:05:05 -0600 Subject: [PATCH] Fixes #55 - Handle non-list/non-tuple form field values for scope introduced in Django 1.6 --- provider/oauth2/forms.py | 7 ++++++- provider/oauth2/tests.py | 4 ++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/provider/oauth2/forms.py b/provider/oauth2/forms.py index b5d04c3..bb4dcb8 100644 --- a/provider/oauth2/forms.py +++ b/provider/oauth2/forms.py @@ -56,8 +56,13 @@ class ScopeChoiceField(forms.ChoiceField): if not value: return [] + # New in Django 1.6: value may come in as a string. + # Instead of raising an `OAuthValidationError`, try to parse and + # ultimately return an empty list if nothing remains -- this will + # eventually raise an `OAuthValidationError` in `validate` where + # it should be anyways. if not isinstance(value, (list, tuple)): - raise OAuthValidationError({'error': 'invalid_request'}) + value = value.split(' ') # Split values into list return u' '.join([smart_unicode(val) for val in value]).split(u' ') diff --git a/provider/oauth2/tests.py b/provider/oauth2/tests.py index 1b396fe..4a2a764 100644 --- a/provider/oauth2/tests.py +++ b/provider/oauth2/tests.py @@ -147,8 +147,8 @@ class AuthorizationTest(BaseOAuth2TestCase): response = self.client.get(self.auth_url() + '?client_id=%s&response_type=code&scope=invalid+invalid2' % self.get_client().client_id) response = self.client.get(self.auth_url2()) - # self.assertEqual(400, response.status_code) - # self.assertTrue(escape(u"'invalid' is not a valid scope.") in response.content) + self.assertEqual(400, response.status_code) + self.assertTrue(escape(u"'invalid' is not a valid scope.") in response.content) response = self.client.get(self.auth_url() + '?client_id=%s&response_type=code&scope=%s' % ( self.get_client().client_id,