Navigation:
Browse pkgsrc
(this page) 2022-10-25 09:26:58 by Adam Ciarcinski | Files touched by this commit (2) |  |
Log message: py-oauthlib: updated to 3.2.2 3.2.2 (2022-10-17) ------------------ OAuth2.0 Provider: * CVE-2022-36087 |
| 2022-10-19 15:56:34 by Nia Alarie | Files touched by this commit (26) |
Log message: fighting a losing battle against py-cryptography rustification, part 2 Switch users to versioned_dependencies.mk. |
| 2022-09-13 14:32:55 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: py-oauthlib: updated to 3.2.1 3.2.1 (2022-09-09) ------------------ OAuth2.0 Provider: * Metadata endpoint support of non-HTTPS * CVE-2022-36087 OAuth1.0: * Allow IPv6 being parsed by signature General: * Improved and fixed documentation warnings. * Cosmetic changes based on isort |
| 2022-02-06 20:00:51 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message:
py-oauthlib: updated to 3.2.0
3.2.0 (2022-01-29)
------------------
OAuth2.0 Client:
* Add Device Authorization Flow for Web Application
* Add PKCE support for Client
* Fallback to none in case of wrong expires_at format.
OAuth2.0 Provider:
* Add support for CORS to metadata endpoint.
* Add support for CORS to token endpoint.
* Remove comma after Bearer in WWW-Authenticate
OAuth2.0 Provider - OIDC:
* Call save_token in Hybrid code flow
* OIDC add support of refreshing ID Tokens with `refresh_id_token`
* The RefreshTokenGrant modifiers now take the same arguments as the
AuthorizationCodeGrant modifiers (`token`, `token_handler`, `request`).
General:
* Added Python 3.9, 3.10, 3.11
* Improve Travis & Coverage
|
| 2022-01-04 21:55:40 by Thomas Klausner | Files touched by this commit (1595) |
Log message: *: bump PKGREVISION for egg.mk users They now have a tool dependency on py-setuptools instead of a DEPENDS |
| 2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605) |
Log message: security: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Unfetchable distfiles (fetched conditionally?): ./security/cyrus-sasl/distinfo \ cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2 |
| 2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606) |
Log message: security: Remove SHA1 hashes for distfiles |
| 2021-06-25 23:00:13 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message:
py-oauthlib: updated to 3.1.1
3.1.1 (2021-05-31)
------------------
OAuth2.0 Provider - Bugfixes
* Fix acceptance of valid IPv6 addresses in URI validation
OAuth2.0 Client - Bugfixes
* Base OAuth2 Client now has a consistent way of managing the `scope`: it \
consistently
relies on the `scope` provided in the constructor if any, except if \
overridden temporarily
in a method call. Note that in particular providing a non-None `scope` in
`prepare_authorization_request` or `prepare_refresh_token` does not override \
anymore
`self.scope` forever, it is just used temporarily.
* MobileApplicationClient.prepare_request_uri and \
MobileApplicationClient.parse_request_uri_response,
ServiceApplicationClient.prepare_request_body,
and WebApplicationClient.prepare_request_uri now correctly use the default \
`scope` provided in
constructor.
* LegacyApplicationClient.prepare_request_body now correctly uses the default \
`scope` provided in constructor
OAuth2.0 Provider - Bugfixes
* client_credentials grant: fix log message
* OpenID Connect Hybrid - fix nonce not passed to add_id_token
* Different prompt values are now handled according to spec (e.g. prompt=none)
* OpenID Connect - fix Authorization: Basic parsing
General
* improved skeleton validator for public vs private client
* replace mock library with standard unittest.mock
* build isort integration
* python2 code removal
* add python3.8 support
* bump minimum versions of pyjwt and cryptography
|
| 2021-03-07 18:16:19 by Adam Ciarcinski | Files touched by this commit (1) |
Log message: py-oauthlib: mark as incompatible with Python 2.7 |
| 2019-08-12 09:45:23 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message: py-oauthlib: updated to 3.1.0 3.1.0: OAuth2.0 Provider - Features OIDC add support of nonce, c_hash, at_hash fields New RequestValidator.fill_id_token method Deprecated RequestValidator.get_id_token method OIDC add UserInfo endpoint New RequestValidator.get_userinfo_claims method OAuth2.0 Provider - Security Enhance data leak to logs New default to not expose request content in logs New function oauthlib.set_debug(True) Disabling query parameters for POST requests OAuth2.0 Provider - Bugfixes Fix validate_authorization_request to return the new PKCE fields Fix token_type to be case-insensitive (bearer and Bearer) OAuth2.0 Client - Bugfixes Fix Authorization Code's errors processing BackendApplication.Client.prepare_request_body use the "scope" \ argument as intended. Fix edge case when expires_in=Null OAuth1.0 Client Add case-insensitive headers to oauth1 BaseEndpoint |
New packages: