def _verify_redirect_uri(self, areq): # MUST NOT contain a fragment try: _redirect_uri = areq["redirect_uri"] part = urlparse.urlparse(_redirect_uri) if part.fragment: raise ValueError match = False for registered in self.cdb[areq["client_id"]]["redirect_uris"]: if _redirect_uri == registered: match=True break elif _redirect_uri.startswith(registered): match=True break if not match: raise AssertionError return None except Exception: logger.error("Faulty redirect_uri: %s" % areq["redirect_uri"]) logger.info("Registered redirect_uris: %s" % ( self.cdb[areq["client_id"]]["redirect_uris"],)) response = AuthorizationErrorResponse(error="invalid_request", error_description="Faulty redirect_uri") return Response(response.to_json(), content="application/json", status="400 Bad Request")
def _authz_error(self, error, descr=None): response = AuthorizationErrorResponse(error=error) if descr: response["error_description"] = descr return Response(response.to_json(), content="application/json", status="400 Bad Request")