feat: splitting create_authorization_response into two methods

aliev · Feb 3, 2025 · d9377ac · d9377ac
1 parent 9a37286
commit d9377ac
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 16 deletions.
diff --git a/aioauth/server.py b/aioauth/server.py
@@ -344,16 +344,9 @@ async def token(request: fastapi.Request) -> fastapi.Response:
             content=content, status_code=HTTPStatus.OK, headers=default_headers
         )
 
-    @catch_errors_and_unavailability(
-        skip_redirect_on_exc=(
-            MethodNotAllowedError,
-            InvalidClientError,
-            InvalidRedirectURIError,
-        )
-    )
     async def validate_authorization_request(
         self, request: Request
-    ) -> Union[Response, AuthorizationState]:
+    ) -> AuthorizationState:
         """
         Endpoint to interact with the resource owner and obtain an
         authoriation grant.
@@ -412,15 +405,15 @@ async def authorize(request: fastapi.Request) -> fastapi.Response:
             raise UnsupportedResponseTypeError(request=request, state=state)
 
         auth_state = AuthorizationState(request, response_type_list, grants=[])
+
         for ResponseTypeClass in response_type_classes:
             response_type = ResponseTypeClass(storage=self.storage)
             client = await response_type.validate_request(request)
             auth_state.grants.append((response_type, client))
         return auth_state
 
-    async def create_authorization_response(
-        self,
-        auth_state: AuthorizationState,
+    async def _create_authorization_response(
+        self, auth_state: AuthorizationState
     ) -> Response:
         """
         Endpoint to interact with the resource owner and obtain an
@@ -529,6 +522,17 @@ async def authorize(request: fastapi.Request) -> fastapi.Response:
             content=content,
         )
 
+    @catch_errors_and_unavailability(
+        skip_redirect_on_exc=(
+            MethodNotAllowedError,
+            InvalidClientError,
+            InvalidRedirectURIError,
+        )
+    )
+    async def create_authorization_response(self, request: Request) -> Response:
+        auth_state = await self.validate_authorization_request(request)
+        return await self._create_authorization_response(auth_state)
+
     @catch_errors_and_unavailability()
     async def revoke_token(self, request: Request) -> Response:
         """Endpoint to revoke an access token or refresh token.

diff --git a/examples/fastapi_example.py b/examples/fastapi_example.py
@@ -15,7 +15,7 @@
 from sqlmodel.ext.asyncio.session import AsyncSession
 
 from aioauth.collections import HTTPHeaderDict
-from aioauth.errors import AccessDeniedError
+from aioauth.errors import AccessDeniedError, OAuth2Error
 from aioauth.requests import Post, Query
 from aioauth.requests import Request as OAuthRequest
 from aioauth.responses import Response as OAuthResponse
@@ -83,12 +83,16 @@ async def authorize(
     """
     # validate initial request and return error response (if supplied)
     oauthreq = await to_request(request)
-    response = await oauth.validate_authorization_request(oauthreq)
-    if isinstance(response, OAuthResponse):
+
+    try:
+        state = await oauth.validate_authorization_request(oauthreq)
+    except OAuth2Error as exc:
+        response = build_error_response(exc=exc, request=oauthreq)
         return to_response(response)
+
     # redirect to login if user information is missing
     user = request.session.get("user", None)
-    request.session["oauth"] = response
+    request.session["oauth"] = state
     if user is None:
         return RedirectResponse("/login")
     # otherwise redirect to approval
@@ -213,7 +217,7 @@ async def approve_submit(
         response = build_error_response(error, state.request, skip_redirect_on_exc=())
     else:
         # process authorize request
-        response = await oauth.create_authorization_response(state)
+        response = await oauth._create_authorization_response(state)
     return to_response(response)