Add support for direct granting of OAuth tokens and add tests

This allows a client (when authorized in a whitelist) to send direct credentials via a Basic auth header and therefore bypass the OAuth approval UI for that user.

data/model/oauth.py

@@ -168,22 +168,23 @@ class DatabaseAuthorizationProvider(AuthorizationProvider):
       err = 'unsupported_response_type'
       return self._make_redirect_error_response(redirect_uri, err)
 
-    # Check redirect URI
+    # Check for a valid client ID.
+    is_valid_client_id = self.validate_client_id(client_id)
+    if not is_valid_client_id:
+      err = 'unauthorized_client'
+      return self._make_redirect_error_response(redirect_uri, err)
+
+    # Check for a valid redirect URI.
     is_valid_redirect_uri = self.validate_redirect_uri(client_id, redirect_uri)
     if not is_valid_redirect_uri:
       return self._invalid_redirect_uri_response()
 
     # Check conditions
-    is_valid_client_id = self.validate_client_id(client_id)
     is_valid_access = self.validate_access()
     scope = params.get('scope', '')
     are_valid_scopes = self.validate_scope(client_id, scope)
 
     # Return proper error responses on invalid conditions
-    if not is_valid_client_id:
-      err = 'unauthorized_client'
-      return self._make_redirect_error_response(redirect_uri, err)
-
     if not is_valid_access:
       err = 'access_denied'
       return self._make_redirect_error_response(redirect_uri, err)