diff --git a/oauth2client/client.py b/oauth2client/client.py index f492563..c88b358 100644 --- a/oauth2client/client.py +++ b/oauth2client/client.py @@ -55,6 +55,9 @@ EXPIRY_FORMAT = '%Y-%m-%dT%H:%M:%SZ' # Which certs to use to validate id_tokens received. ID_TOKEN_VERIFICATON_CERTS = 'https://www.googleapis.com/oauth2/v1/certs' +# Constant to use for the out of band OAuth 2.0 flow. +OOB_CALLBACK_URN = 'urn:ietf:wg:oauth:2.0:oob' + class Error(Exception): """Base error for this module.""" @@ -843,15 +846,15 @@ class OAuth2WebServerFlow(Flow): self.params.update(kwargs) self.redirect_uri = None - def step1_get_authorize_url(self, redirect_uri='oob'): + def step1_get_authorize_url(self, redirect_uri=OOB_CALLBACK_URN): """Returns a URI to redirect to the provider. Args: - redirect_uri: string, Either the string 'oob' for a non-web-based - application, or a URI that handles the callback from - the authorization server. + redirect_uri: string, Either the string 'urn:ietf:wg:oauth:2.0:oob' for + a non-web-based application, or a URI that handles the callback from + the authorization server. - If redirect_uri is 'oob' then pass in the + If redirect_uri is 'urn:ietf:wg:oauth:2.0:oob' then pass in the generated verification code to step2_exchange, otherwise pass in the query parameters received at the callback uri to step2_exchange. diff --git a/oauth2client/tools.py b/oauth2client/tools.py index 236c859..eeb9031 100644 --- a/oauth2client/tools.py +++ b/oauth2client/tools.py @@ -30,6 +30,7 @@ import sys import webbrowser from client import FlowExchangeError +from client import OOB_CALLBACK_URN try: from urlparse import parse_qsl @@ -120,7 +121,7 @@ def run(flow, storage, http=None): if FLAGS.auth_local_webserver: oauth_callback = 'http://%s:%s/' % (FLAGS.auth_host_name, port_number) else: - oauth_callback = 'oob' + oauth_callback = OOB_CALLBACK_URN authorize_url = flow.step1_get_authorize_url(oauth_callback) if FLAGS.auth_local_webserver: diff --git a/tests/test_oauth2client.py b/tests/test_oauth2client.py index dfcbf72..d50d6a0 100644 --- a/tests/test_oauth2client.py +++ b/tests/test_oauth2client.py @@ -42,6 +42,7 @@ from oauth2client.client import AssertionCredentials from oauth2client.client import FlowExchangeError from oauth2client.client import OAuth2Credentials from oauth2client.client import OAuth2WebServerFlow +from oauth2client.client import OOB_CALLBACK_URN from oauth2client.client import VerifyJwtTokenError from oauth2client.client import _extract_id_token @@ -196,14 +197,14 @@ class OAuth2WebServerFlowTest(unittest.TestCase): ) def test_construct_authorize_url(self): - authorize_url = self.flow.step1_get_authorize_url('oob') + authorize_url = self.flow.step1_get_authorize_url('OOB_CALLBACK_URN') parsed = urlparse.urlparse(authorize_url) q = parse_qs(parsed[4]) self.assertEqual(q['client_id'][0], 'client_id+1') self.assertEqual(q['response_type'][0], 'code') self.assertEqual(q['scope'][0], 'foo') - self.assertEqual(q['redirect_uri'][0], 'oob') + self.assertEqual(q['redirect_uri'][0], 'OOB_CALLBACK_URN') self.assertEqual(q['access_type'][0], 'offline') def test_override_flow_access_type(self): @@ -215,14 +216,14 @@ class OAuth2WebServerFlowTest(unittest.TestCase): user_agent='unittest-sample/1.0', access_type='online' ) - authorize_url = flow.step1_get_authorize_url('oob') + authorize_url = flow.step1_get_authorize_url('OOB_CALLBACK_URN') parsed = urlparse.urlparse(authorize_url) q = parse_qs(parsed[4]) self.assertEqual(q['client_id'][0], 'client_id+1') self.assertEqual(q['response_type'][0], 'code') self.assertEqual(q['scope'][0], 'foo') - self.assertEqual(q['redirect_uri'][0], 'oob') + self.assertEqual(q['redirect_uri'][0], 'OOB_CALLBACK_URN') self.assertEqual(q['access_type'][0], 'online') def test_exchange_failure(self):