Closed frankie567 closed 6 months ago
Thank you @frankie567. For the record, this is a port of #512 for RFC7592. Can you maybe add some unit tests?
Done! Note that I had to change the setup and an existing assertion to comply with the spec (or, to be fair, my understanding of it 😅)
What kind of change does this PR introduce? (check at least one)
While implementing RFC7592 endpoint in my code base, I noticed a crash could occur when updating the client if
grant_types
orresponse_types
were not provided:In RFC7591 endpoint, there is a fail-safe fallback to avoid this:
https://github.com/lepture/authlib/blob/5ac468051098d544dd5bfad24f692ec1a6bc7ec1/authlib/oauth2/rfc7591/endpoint.py#L110-L114
https://github.com/lepture/authlib/blob/5ac468051098d544dd5bfad24f692ec1a6bc7ec1/authlib/oauth2/rfc7591/endpoint.py#L121-L125
This PR just backports this behavior to RFC7592. The effect is that, if not provided,
grant_types
andresponse_types
will be set to the default value. From my understanding, this behavior is compliant with the specification: