Merge pull request #82 from PeterBolha/optional-resource-attribute

Optional resource attribute enforcement
IdentityPython · Dec 18, 2023 · 55a83be · 55a83be
2 parents 536b8d1 + 9cdf4ae
commit 55a83be
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 6 deletions.
diff --git a/src/idpyoidc/server/oauth2/authorization.py b/src/idpyoidc/server/oauth2/authorization.py
@@ -292,10 +292,7 @@ def check_unknown_scopes_policy(request_info, client_id, context):
 
 def validate_resource_indicators_policy(request, context, **kwargs):
     if "resource" not in request:
-        return oauth2.AuthorizationErrorResponse(
-            error="invalid_target",
-            error_description="Missing resource parameter",
-        )
+        return request
 
     resource_servers_per_client = kwargs["resource_servers_per_client"]
     client_id = request["client_id"]

diff --git a/tests/test_server_24_oauth2_resource_indicators.py b/tests/test_server_24_oauth2_resource_indicators.py
@@ -522,8 +522,11 @@ def test_authorization_code_req_no_resource(self, create_endpoint_ri_enabled):
         )
 
         msg = self.endpoint._post_parse_request(request, "client_1", endpoint_context)
-        assert "error" in msg
-        assert msg["error_description"] == "Missing resource parameter"
+
+        assert "error" not in msg
+        assert isinstance(msg, AuthorizationRequest)
+        for key, _ in request.items():
+            assert msg[key] == request[key]
 
     def test_authorization_code_req_no_resource_indicators_disabled(
         self, create_endpoint_ri_disabled