Update oauthlib-3.1.1

2025-07-06 21:21:15 -07:00 · 2021-10-14 22:34:45 -07:00 · 2021-10-14 22:34:45 -07:00 · d76838a607
commit d76838a607
parent e58aa40099
64 changed files with 4329 additions and 1421 deletions
--- a/lib/oauthlib/oauth2/rfc6749/clients/backend_application.py
+++ b/lib/oauthlib/oauth2/rfc6749/clients/backend_application.py
@ -6,11 +6,8 @@ oauthlib.oauth2.rfc6749
 This module is an implementation of various logic needed
 for consuming and providing OAuth 2.0 RFC6749.
 """
-from __future__ import absolute_import, unicode_literals
-
-from .base import Client
 from ..parameters import prepare_token_request
-from ..parameters import parse_token_response
+from .base import Client


 class BackendApplicationClient(Client):
@ -31,15 +28,28 @@ class BackendApplicationClient(Client):
    no additional authorization request is needed.
    """

-    def prepare_request_body(self, body='', scope=None, **kwargs):
+    grant_type = 'client_credentials'
+
+    def prepare_request_body(self, body='', scope=None,
+                             include_client_id=False, **kwargs):
        """Add the client credentials to the request body.

        The client makes a request to the token endpoint by adding the
        following parameters using the "application/x-www-form-urlencoded"
        format per `Appendix B`_ in the HTTP request entity-body:

+        :param body: Existing request body (URL encoded string) to embed parameters
+                     into. This may contain extra paramters. Default ''.
        :param scope:   The scope of the access request as described by
                        `Section 3.3`_.
+
+        :param include_client_id: `True` to send the `client_id` in the
+                                  body of the upstream request. This is required
+                                  if the client is not authenticating with the
+                                  authorization server as described in
+                                  `Section 3.2.1`_. False otherwise (default).
+        :type include_client_id: Boolean
+
        :param kwargs:  Extra credentials to include in the token request.

        The client MUST authenticate with the authorization server as
@ -53,9 +63,12 @@ class BackendApplicationClient(Client):
            >>> client.prepare_request_body(scope=['hello', 'world'])
            'grant_type=client_credentials&scope=hello+world'

-        .. _`Appendix B`: http://tools.ietf.org/html/rfc6749#appendix-B
-        .. _`Section 3.3`: http://tools.ietf.org/html/rfc6749#section-3.3
-        .. _`Section 3.2.1`: http://tools.ietf.org/html/rfc6749#section-3.2.1
+        .. _`Appendix B`: https://tools.ietf.org/html/rfc6749#appendix-B
+        .. _`Section 3.3`: https://tools.ietf.org/html/rfc6749#section-3.3
+        .. _`Section 3.2.1`: https://tools.ietf.org/html/rfc6749#section-3.2.1
        """
-        return prepare_token_request('client_credentials', body=body,
+        kwargs['client_id'] = self.client_id
+        kwargs['include_client_id'] = include_client_id
+        scope = self.scope if scope is None else scope
+        return prepare_token_request(self.grant_type, body=body,
                                     scope=scope, **kwargs)