Fix #114 redirect errors on fragment for implicit grant

authlib/oauth2/rfc6749/authorization_server.py

@@ -167,10 +167,8 @@ def create_authorization_response(self, request=None, grant_user=None):
 
         except OAuth2Error as error:
             if grant.redirect_uri:
-                params = error.get_body()
-                loc = add_params_to_uri(grant.redirect_uri, params)
-                headers = [('Location', loc)]
-                return self.handle_response(302, '', headers)
+                data = grant.create_authorization_error_response(error)
+                return self.handle_response(*data)
             return self.handle_error_response(request, error)
 
     def create_token_response(self, request=None):

authlib/oauth2/rfc6749/grants/base.py

@@ -1,3 +1,4 @@
+from authlib.common.urls import add_params_to_uri
 from ..errors import (
     InvalidRequestError,
     InvalidScopeError,
@@ -102,6 +103,8 @@ def execute_hook(self, hook_type, *args, **kwargs):
 
 
 class RedirectAuthGrant(BaseGrant):
+    ERROR_RESPONSE_FRAGMENT = False
+
     @classmethod
     def check_authorization_endpoint(cls, request):
         return request.response_type == cls.RESPONSE_TYPE
@@ -128,3 +131,8 @@ def validate_authorization_redirect_uri(self, client):
                     'Missing "redirect_uri" in request.'
                 )
             self.redirect_uri = redirect_uri
+
+    def create_authorization_error_response(self, error):
+        params = error.get_body()
+        loc = add_params_to_uri(self.redirect_uri, params, self.ERROR_RESPONSE_FRAGMENT)
+        return 302, '', [('Location', loc)]

authlib/oauth2/rfc6749/grants/implicit.py

@@ -72,6 +72,7 @@ class ImplicitGrant(RedirectAuthGrant):
 
     RESPONSE_TYPE = 'token'
     GRANT_TYPE = 'implicit'
+    ERROR_RESPONSE_FRAGMENT = True
 
     def validate_authorization_request(self):
         """The client constructs the request URI by adding the following