Skip to content

Errors

Errors used throughout the project. 

from aioauth import errors

AccessDeniedError

Bases: OAuth2Error

The resource owner or authorization server denied the request

Source code in aioauth/errors.py 
215
216
217
218
219
220
class AccessDeniedError(OAuth2Error):
    """
    The resource owner or authorization server denied the request
    """

    error: ErrorType = "access_denied"

InsecureTransportError

Bases: OAuth2Error

An exception will be thrown if the current request is not secure.

Source code in aioauth/errors.py 
108
109
110
111
112
class InsecureTransportError(OAuth2Error):
    """An exception will be thrown if the current request is not secure."""

    description = "OAuth 2 MUST utilize https."
    error: ErrorType = "insecure_transport"

InvalidClientError

Bases: OAuth2Error

Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server may return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server must respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client.

Source code in aioauth/errors.py 
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
class InvalidClientError(OAuth2Error):
    """
    Client authentication failed (e.g. unknown client, no client
    authentication included, or unsupported authentication method).
    The authorization server **may** return an `HTTP 401` (Unauthorized) status
    code to indicate which HTTP authentication schemes are supported.
    If the client attempted to authenticate via the ``Authorization`` request
    header field, the authorization server **must** respond with an
    `HTTP 401` (Unauthorized) status code, and include the `WWW-Authenticate`
    response header field matching the authentication scheme used by the
    client.
    """

    error: ErrorType = "invalid_client"
    status_code: HTTPStatus = HTTPStatus.UNAUTHORIZED

    def __init__(
        self,
        request: Request,
        description: Optional[str] = None,
        headers: Optional[HTTPHeaderDict] = None,
        state: Optional[str] = None,
    ):
        super().__init__(
            request, description, headers or HTTPHeaderDict(default_headers), state
        )

        auth_values = [f"error={self.error}"]
        if self.description:
            auth_values.append(f"error_description={self.description}")
        if self.error_uri:
            auth_values.append(f"error_uri={self.error_uri}")
        self.headers["WWW-Authenticate"] = "Basic " + ", ".join(auth_values)

InvalidGrantError

Bases: OAuth2Error

The provided authorization grant (e.g. authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.

See RFC6749 section 5.2.

Source code in aioauth/errors.py 
133
134
135
136
137
138
139
140
141
142
143
class InvalidGrantError(OAuth2Error):
    """
    The provided authorization grant (e.g. authorization code, resource
    owner credentials) or refresh token is invalid, expired, revoked, does
    not match the redirection URI used in the authorization request, or was
    issued to another client.

    See [RFC6749 section 5.2](https://tools.ietf.org/html/rfc6749#section-5.2).
    """

    error: ErrorType = "invalid_grant"

InvalidRedirectURIError

Bases: OAuth2Error

The requested redirect URI is missing or not allowed.

Source code in aioauth/errors.py 
197
198
199
200
201
202
class InvalidRedirectURIError(OAuth2Error):
    """
    The requested redirect URI is missing or not allowed.
    """

    error: ErrorType = "invalid_request"

InvalidRequestError

Bases: OAuth2Error

The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.

Source code in aioauth/errors.py 
63
64
65
66
67
68
69
70
class InvalidRequestError(OAuth2Error):
    """
    The request is missing a required parameter, includes an invalid
    parameter value, includes a parameter more than once, or is
    otherwise malformed.
    """

    error: ErrorType = "invalid_request"

InvalidScopeError

Bases: OAuth2Error

The requested scope is invalid, unknown, or malformed, or exceeds the scope granted by the resource owner.

See RFC6749 section 5.2.

Source code in aioauth/errors.py 
162
163
164
165
166
167
168
169
170
class InvalidScopeError(OAuth2Error):
    """
    The requested scope is invalid, unknown, or malformed, or
    exceeds the scope granted by the resource owner.

    See [RFC6749 section 5.2](https://tools.ietf.org/html/rfc6749#section-5.2).
    """

    error: ErrorType = "invalid_scope"

MethodNotAllowedError

Bases: OAuth2Error

The request is valid, but the method trying to be accessed is not available to the resource owner.

Source code in aioauth/errors.py 
52
53
54
55
56
57
58
59
60
class MethodNotAllowedError(OAuth2Error):
    """
    The request is valid, but the method trying to be accessed is not
    available to the resource owner.
    """

    description = "HTTP method is not allowed."
    status_code: HTTPStatus = HTTPStatus.METHOD_NOT_ALLOWED
    error: ErrorType = "method_is_not_allowed"

MismatchingStateError

Bases: OAuth2Error

Unable to securely verify the integrity of the request and response.

Source code in aioauth/errors.py 
146
147
148
149
150
class MismatchingStateError(OAuth2Error):
    """Unable to securely verify the integrity of the request and response."""

    description = "CSRF Warning! State not equal in request and response."
    error: ErrorType = "mismatching_state"

OAuth2Error

Bases: Exception

Base exception that all other exceptions inherit from.

Source code in aioauth/errors.py 
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
class OAuth2Error(Exception):
    """Base exception that all other exceptions inherit from."""

    error: ErrorType
    description: str = ""
    status_code: HTTPStatus = HTTPStatus.BAD_REQUEST
    error_uri: str = ""
    headers: HTTPHeaderDict = default_headers
    state: str = ""

    def __init__(
        self,
        request: Request,
        description: Optional[str] = None,
        headers: Optional[HTTPHeaderDict] = None,
        state: Optional[str] = None,
    ):
        self.request = request

        if description is not None:
            self.description = description

        if headers is not None:
            self.headers = headers

        if state is not None:
            self.state = state

        if request.settings.ERROR_URI:
            self.error_uri = urljoin(request.settings.ERROR_URI, self.error)

        super().__init__(f"({self.error}) {self.description}")

ServerError

Bases: OAuth2Error

The authorization server encountered an unexpected condition that prevented it from fulfilling the request. (This error code is needed because a HTTP 500 (Internal Server Error) status code cannot be returned to the client via a HTTP redirect.)

Source code in aioauth/errors.py 
173
174
175
176
177
178
179
180
181
182
183
class ServerError(OAuth2Error):
    """
    The authorization server encountered an unexpected condition that
    prevented it from fulfilling the request.  (This error code is needed
    because a ``HTTP 500`` (Internal Server Error) status code cannot be returned
    to the client via a HTTP redirect.)
    """

    error: ErrorType = "server_error"
    status_code: HTTPStatus = HTTPStatus.BAD_REQUEST
    description: str = "Internal Server Error"

TemporarilyUnavailableError

Bases: OAuth2Error

The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server. (This error code is needed because a HTTP 503 (Service Unavailable) status code cannot be returned to the client via a HTTP redirect.)

Source code in aioauth/errors.py 
186
187
188
189
190
191
192
193
194
class TemporarilyUnavailableError(OAuth2Error):
    """
    The authorization server is currently unable to handle the request
    due to a temporary overloading or maintenance of the server.
    (This error code is needed because a ``HTTP 503`` (Service Unavailable)
    status code cannot be returned to the client via a HTTP redirect.)
    """

    error: ErrorType = "temporarily_unavailable"

UnauthorizedClientError

Bases: OAuth2Error

The authenticated client is not authorized to use this authorization grant type.

Source code in aioauth/errors.py 
153
154
155
156
157
158
159
class UnauthorizedClientError(OAuth2Error):
    """
    The authenticated client is not authorized to use this authorization
    grant type.
    """

    error: ErrorType = "unauthorized_client"

UnsupportedGrantTypeError

Bases: OAuth2Error

The authorization grant type is not supported by the authorization server.

Source code in aioauth/errors.py 
115
116
117
118
119
120
121
class UnsupportedGrantTypeError(OAuth2Error):
    """
    The authorization grant type is not supported by the authorization
    server.
    """

    error: ErrorType = "unsupported_grant_type"

UnsupportedResponseTypeError

Bases: OAuth2Error

The authorization server does not support obtaining an authorization code using this method.

Source code in aioauth/errors.py 
124
125
126
127
128
129
130
class UnsupportedResponseTypeError(OAuth2Error):
    """
    The authorization server does not support obtaining an authorization
    code using this method.
    """

    error: ErrorType = "unsupported_response_type"

UnsupportedTokenTypeError

Bases: OAuth2Error

The authorization server does not support the revocation of the presented token type. That is, the client tried to revoke an access token on a server not supporting this feature.

Source code in aioauth/errors.py 
205
206
207
208
209
210
211
212
class UnsupportedTokenTypeError(OAuth2Error):
    """
    The authorization server does not support the revocation of the presented
    token type. That is, the client tried to revoke an access token on a server
    not supporting this feature.
    """

    error: ErrorType = "unsupported_token_type"