Custom Validators¶
-
class
oauthlib.oauth2.rfc6749.grant_types.base.
ValidatorsContainer
(post_auth, post_token, pre_auth, pre_token)[source]¶ Container object for holding custom validator callables to be invoked as part of the grant type validate_authorization_request() or validate_authorization_request() methods on the various grant types.
Authorization validators must be callables that take a request object and return a dict, which may contain items to be added to the request_info returned from the grant_type after validation.
Token validators must be callables that take a request object and return None.
Both authorization validators and token validators may raise OAuth2 exceptions if validation conditions fail.
Authorization validators added to pre_auth will be run BEFORE the standard validations (but after the critical ones that raise fatal errors) as part of validate_authorization_request()
Authorization validators added to post_auth will be run AFTER the standard validations as part of validate_authorization_request()
Token validators added to pre_token will be run BEFORE the standard validations as part of validate_token_request()
Token validators added to post_token will be run AFTER the standard validations as part of validate_token_request()
For example:
>>> def my_auth_validator(request): ... return {'myval': True} >>> auth_code_grant = AuthorizationCodeGrant(request_validator) >>> auth_code_grant.custom_validators.pre_auth.append(my_auth_validator) >>> def my_token_validator(request): ... if not request.everything_okay: ... raise errors.OAuth2Error("uh-oh") >>> auth_code_grant.custom_validators.post_token.append(my_token_validator)