2019-07-07 00:44:47 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
py-oauthlib: updated to 3.0.2
3.0.2:
* Fixed space encoding in base string URI used in the signature base string.
* Fixed OIDC /token response which wrongly returned "&state=None"
* Doc: The value `state` must not be stored by the AS, only returned in \
/authorize response.
* Fixed OIDC "nonce" checks: raise errors when it's mandatory
|
2019-01-25 13:28:32 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
py-oauthlib: updated to 3.0.1
3.0.1:
Fixed Revocation & Introspection Endpoints when using Client Authentication \
with HTTP Basic Auth.
|
2019-01-16 10:36:21 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message:
py-oauthlib: updated to 3.0.0
3.0.0 (2019-01-01)
OAuth2.0 Provider - outstanding Features
OpenID Connect Core support
RFC7662 Introspect support
RFC8414 OAuth2.0 Authorization Server Metadata support
RFC7636 PKCE support
OAuth2.0 Provider - API/Breaking Changes
Add "request" to confirm_redirect_uri
confirm_redirect_uri/get_default_redirect_uri has a bit changed
invalid_client is now a FatalError
Changed errors status code from 401 to 400:
invalid_grant:
invalid_scope:
access_denied/unauthorized_client/consent_required/login_required
401 must have WWW-Authenticate HTTP Header set
OAuth2.0 Provider - Bugfixes
empty scopes no longer raise exceptions for implicit and authorization_code
OAuth2.0 Client - Bugfixes / Changes:
expires_in in Implicit flow is now an integer
expires is no longer overriding expires_in
parse_request_uri_response is now required
Unknown error=xxx raised by OAuth2 providers was not understood
OAuth2's prepare_token_request supports sending an empty string for client_id
OAuth2's WebApplicationClient.prepare_request_body was refactored to better \
support sending or omitting the client_id via a new include_client_id kwarg. By \
default this is included. The method will also emit a DeprecationWarning if a \
client_id parameter is submitted; the already configured self.client_id is the \
preferred option.
OAuth1.0 Client:
Support for HMAC-SHA256
General fixes:
$ and ' are allowed to be unencoded in query strings
Request attributes are no longer overriden by HTTP Headers
Removed unnecessary code for handling python2.6
Add support of python3.7
Several minors updates to setup.py and tox
Set pytest as the default unittest framework
|
2018-05-27 14:24:56 by Thomas Klausner | Files touched by this commit (2) | |
Log message:
py-oauthlib: update to 2.1.0.
2.1.0 (2018-05-21)
------------------
* Fixed some copy and paste typos (#535)
* Use secrets module in Python 3.6 and later (#533)
* Add request argument to confirm_redirect_uri (#504)
* Avoid populating spurious token credentials (#542)
* Make populate attributes API public (#546)
|
2018-04-03 13:00:16 by Adam Ciarcinski | Files touched by this commit (1) |
Log message:
py-oauthlib: changed LICENSE to modified-bsd
|
2018-04-03 12:02:50 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
py-oauthlib: updated to 2.0.7
2.0.7:
Moved oauthlib into new organization on GitHub.
Include license file in the generated wheel package.
When deploying a release to PyPI, include the wheel distribution.
Check access token in self.token dict.
Added bottle-oauthlib to docs.
Update repository location in Travis.
Updated docs for organization change.
Replace G+ with Gitter.
Update requirements.
Add shields for Python versions, license and RTD.
Fix ReadTheDocs build
Fixed "make" command to test upstream with local oauthlib.
Replace IRC notification with Gitter Hook.
Added Github Releases deploy provider.
|
2017-10-22 22:29:56 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
py-oauthlib: update to 2.0.6
2.0.6:
* 2.0.5 contains breaking changes.
|
2017-10-19 08:28:40 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
py-oauthlib: update to 2.0.5
2.0.5:
* Fix OAuth2Error.response_mode
* Documentation improvement
|
2017-10-03 14:46:52 by Thomas Klausner | Files touched by this commit (2) | |
Log message:
py-oauthlib: update to 2.0.4.
2.0.4 (2017-09-17)
------------------
* Fixed typo that caused OAuthlib to crash because of the fix in
"Address missing OIDC errors and fix a typo in the AccountSelectionRequired
exception".
|
2017-09-08 08:58:35 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
2.0.3:
* Address missing OIDC errors and fix a typo in the AccountSelectionRequired \
exception.
* Update proxy keys on CaseInsensitiveDict.update().
* Redirect errors according to OIDC's response_mode.
* Added universal wheel support.
* Added log statements to except clauses.
* According to RC7009 Section 2.1, a client should include authentication \
credentials when revoking its tokens.
As discussed in 339, this is not make sense for public clients.
However, in that case, the public client should still be checked that is \
infact a public client (authenticate_client_id).
* Improved prompt parameter validation.
* Added two error codes from RFC 6750.
* Hybrid response types are now be fragment-encoded.
* Added Python 3.6 to Travis CI testing and trove classifiers.
* Fixed BytesWarning issued when using a string placeholder for bytes object.
* Documented PyJWT dependency and improved logging and exception messages.
* Documentation improvements and fixes.
|