def validate_redirect_uri(self, client, redirect_uri): if not client.get_redirect_uri(): return client.get_type() is ClientType.CONFIDENTIAL try: authorized_url = utils.normalize_url(client.get_redirect_uri()) if '?' in authorized_url: authorized_url = authorized_url.split('?', 1)[0] redirect_uri = utils.normalize_url(redirect_uri) if '?' in redirect_uri: redirect_uri = authorized_url.split('?', 1)[0] except ValueError as why: raise InvalidRequest() from why else: return redirect_uri.startswith(authorized_url)
def test_normalize_url_invalid_port(): normalize_url('https://example.com:1bb/#foo')
def test_normalize_url_fragment(): normalize_url('http://example.com/#foo')
def test_normalize_url_unknown_scheme(): normalize_url('example://example.com/')
def test_normalize_url(): eq_(normalize_url('http://a/b/c/%7Bfoo%7D'), normalize_url('hTTP://a/./b/../b/%63/%7bfoo%7d'))