kumi/django-oidc-provider
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Fix bug with id_token without openid scope.

Browse source
This commit is contained in:
Ignacio Fiorentino 2016-10-31 16:37:51 -03:00
parent 9bdec5da7c
commit ecba16ed36
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
oidc_provider/lib/endpoints/authorize.py
View file

@ -101,6 +101,11 @@ class AuthorizeEndpoint(object):
logger.debug('[Authorize] Invalid response type: %s', self.params['response_type'])
raise AuthorizeError(self.params['redirect_uri'], 'unsupported_response_type', self.grant_type)
if not self.is_authentication and \
(self.grant_type == 'hybrid' or self.params['response_type'] in ['id_token', 'id_token token']):
logger.debug('[Authorize] Missing openid scope.')
raise AuthorizeError(self.params['redirect_uri'], 'invalid_scope', self.grant_type)
# Nonce parameter validation.
if self.is_authentication and self.grant_type == 'implicit' and not self.params['nonce']:
raise AuthorizeError(self.params['redirect_uri'], 'invalid_request', self.grant_type)