From d53a9fbcb1c589ac37407d156ea5a1415fbbdefe Mon Sep 17 00:00:00 2001
From: Evan Culver <evan@evanculver.com>
Date: Fri, 25 Oct 2013 18:25:27 -0700
Subject: [PATCH] Fixes #32 - Add `token_type` to access token response to
 conform to section 4.2.2 of the OAuth 2.0 specification.

---
 provider/constants.py    |  2 ++
 provider/oauth2/tests.py | 14 +++++++++++++-
 provider/views.py        |  1 +
 3 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/provider/constants.py b/provider/constants.py
index c366ccf..82587ab 100644
--- a/provider/constants.py
+++ b/provider/constants.py
@@ -11,6 +11,8 @@ CLIENT_TYPES = (
 
 RESPONSE_TYPE_CHOICES = getattr(settings, 'OAUTH_RESPONSE_TYPE_CHOICES', ("code", "token"))
 
+TOKEN_TYPE = 'Bearer'
+
 READ = 1 << 1
 WRITE = 1 << 2
 READ_WRITE = READ | WRITE
diff --git a/provider/oauth2/tests.py b/provider/oauth2/tests.py
index e421ae9..6a051bc 100644
--- a/provider/oauth2/tests.py
+++ b/provider/oauth2/tests.py
@@ -234,6 +234,8 @@ class AccessTokenTest(BaseOAuth2TestCase):
         self.assertEqual('invalid_grant', json.loads(response.content)['error'])
 
     def _login_authorize_get_token(self):
+        required_props = ['access_token', 'token_type']
+
         self.login()
         self._login_and_authorize()
 
@@ -249,7 +251,13 @@ class AccessTokenTest(BaseOAuth2TestCase):
 
         self.assertEqual(200, response.status_code, response.content)
 
-        return json.loads(response.content)
+        token = json.loads(response.content)
+
+        for prop in required_props:
+            self.assertIn(prop, token, "Access token response missing "
+                    "required property: %s" % prop)
+
+        return token
 
     def test_fetching_access_token_with_valid_grant(self):
         self._login_authorize_get_token()
@@ -414,6 +422,10 @@ class AccessTokenTest(BaseOAuth2TestCase):
         self.assertEqual(400, response.status_code, response.content)
         self.assertEqual('invalid_grant', json.loads(response.content)['error'])
 
+    def test_access_token_response_valid_token_type(self):
+        token = self._login_authorize_get_token()
+        self.assertEqual(token['token_type'], constants.TOKEN_TYPE, token)
+
 
 class AuthBackendTest(BaseOAuth2TestCase):
     fixtures = ['test_oauth2']
diff --git a/provider/views.py b/provider/views.py
index 780f5fd..7c2a266 100644
--- a/provider/views.py
+++ b/provider/views.py
@@ -451,6 +451,7 @@ class AccessToken(OAuthView, Mixin):
 
         response_data = {
             'access_token': access_token.token,
+            'token_type': constants.TOKEN_TYPE,
             'expires_in': access_token.get_expire_delta(),
             'scope': ' '.join(scope.names(access_token.scope)),
         }