2017-04-05 17:55:38 by Thomas Klausner | Files touched by this commit (2) |
Log message:
Updated py-oauthlib to 2.0.2.
2.0.2 (2017-03-19)
------------------
* Dropped support for Python 2.6, 3.2 & 3.3.
* (FIX) `OpenIDConnector` will no longer raise an AttributeError when calling \
`openid_authorization_validator()` twice.
|
2016-11-28 14:35:47 by Thomas Klausner | Files touched by this commit (2) |
Log message:
Updated py-oauthlib to 2.0.1.
2.0.1 (2016-11-23)
------------------
* (FIX) Normalize handling of request.scopes list
|
2016-09-04 11:33:28 by Thomas Klausner | Files touched by this commit (3) |
Log message:
Updated py-oauthlib to 2.0.0.
2.0.0 (2016-09-03)
------------------
* (New Feature) **OpenID** support.
* Documentation improvements and fixes.
|
2016-06-06 14:03:26 by Thomas Klausner | Files touched by this commit (2) |
Log message:
Updated py-oauthlib to 1.1.2.
1.1.2 (2016-06-01)
------------------
* (Fix) Query strings should be able to include colons.
* (Fix) Cast body to a string to ensure that we can perform a regex substitution \
on it.
|
2016-05-05 13:43:06 by Thomas Klausner | Files touched by this commit (3) |
Log message:
Updated py35-oauthlib to 1.1.1.
1.1.1 (2016-05-01)
(Enhancement) Better sanitisation of Request objects __repr__.
|
2015-11-06 11:50:30 by Thomas Klausner | Files touched by this commit (3) |
Log message:
Update to 1.0.3. Add missing dependencies.
1.0.3 (2015-08-16)
(Fix) Changed the documented return type of the `invalidate_request_token()` \
method from the RSA key to None since nobody is using the return type.
(Enhancement) Added a validator log that will store what the endpoint has \
computed for debugging and logging purposes (OAuth 1 only for now).
1.0.2 (2015-08-10)
(Fix) Allow client secret to be null for public applications that do not \
mandate it's specification in the query parameters.
(Fix) Encode request body before hashing in order to prevent encoding errors \
in Python 3.
1.0.1 (2015-07-27)
(Fix) Added token_type_hint to the list of default Request parameters.
1.0.0 (2015-07-19)
(Breaking Change) Replace pycrypto with cryptography from https://cryptography.io
(Breaking Change) Update jwt to 1.0.0 (which is backwards incompatible) no \
oauthlib api changes were made.
(Breaking Change) Raise attribute error for non-existing attributes in the \
Request object.
(Fix) Strip whitespace off of scope string.
(Change) Don't require to return the state in the access token response.
(Change) Hide password in logs.
(Fix) Fix incorrect invocation of prepare_refresh_body in the OAuth2 client.
(Fix) Handle empty/non-parsable query strings.
(Fix) Check if an RSA key is actually needed before requiring it.
(Change) Allow tuples for list_to_scope as well as sets and lists.
(Change) Add code to determine if client authentication is required for OAuth2.
(Fix) Fix error message on invalid Content-Type header for OAtuh1 signing.
(Fix) Allow ! character in query strings.
(Fix) OAuth1 now includes the body hash for requests that specify any \
content-type that isn't x-www-form-urlencoded.
(Fix) Fixed error description in oauth1 endpoint.
(Fix) Revocation endpoint for oauth2 will now return an empty string in the \
response body instead of 'None'.
Increased test coverage.
Performance improvements.
Documentation improvements and fixes.
0.7.2 (2014-11-13)
(Quick fix) Unpushed locally modified files got included in the PyPI 0.7.1 \
release. Doing a new clean release to address this. Please upgrade quickly and \
report any issues you are running into.
0.7.1 (2014-10-27)
(Quick fix) Add oauthlib.common.log object back in for libraries using it.
0.7.0 (2014-10-27)
(Change) OAuth2 clients will not raise a Warning on scope change if the \
environment variable OAUTHLIB_RELAX_TOKEN_SCOPE is set. The token will now be \
available as an attribute on the error, error.token. Token changes will now also \
be announced using blinker.
(Fix/Feature) Automatic fixes of non-compliant OAuth2 provider responses \
(e.g. Facebook).
(Fix) Logging is now tiered (per file) as opposed to logging all under oauthlib.
(Fix) Error messages should now include a description in their message.
(Fix/Feature) Optional support for jsonp callbacks after token revocation.
(Feature) Client side preparation of OAuth 2 token revocation requests.
(Feature) New OAuth2 client API methods for preparing full requests.
(Feature) OAuth1 SignatureOnlyEndpoint that only verifies signatures and \
client IDs.
(Fix/Feature) Refresh token grant now allow optional refresh tokens.
(Fix) add missing state param to OAuth2 errors.
(Fix) add_params_to_uri now properly parse fragment.
(Fix/Feature) All OAuth1 errors can now be imported from oauthlib.oauth1.
(Fix/Security) OAuth2 logs will now strip client provided password, if present.
Allow unescaped @ in urlencoded parameters.
0.6.3 (2014-06-10)
Quick fix. OAuth 1 client repr in 0.6.2 overwrote secrets when scrubbing for print.
0.6.2 (2014-06-06)
Numerous OAuth2 provider errors now suggest a status code of 401 instead of \
400 (#247.
Added support for JSON web tokens with \
oauthlib.common.generate_signed_token. Install extra dependency with \
oauthlib[signedtoken] (#237).
OAuth2 scopes can be arbitrary objects with __str__ defined (#240).
OAuth 1 Clients can now register custom signature methods (#239).
Exposed new method oauthlib.oauth2.is_secure_transport that checks whether \
the given URL is HTTPS. Checks using this method can be disabled by setting the \
environment variable OAUTHLIB_INSECURE_TRANSPORT (#249).
OAuth1 clients now has __repr__ and will be printed with secrets scrubbed.
OAuth1 Client.get_oauth_params now takes an oauthlib.Request as an argument.
urldecode will now raise a much more informative error message on \
incorrectly encoded strings.
Plenty of typo and other doc fixes.
|
2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434) |
Log message:
Add SHA512 digests for distfiles for security category
Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
|
2014-05-13 19:08:45 by Joerg Sonnenberger | Files touched by this commit (14) |
Log message:
Correctly build as Python Egg.
|
2014-05-08 17:18:10 by Emile iMil Heitor | Files touched by this commit (4) |
Log message:
Initial import of py-oauthlib, version 0.6.1, into the NetBSD Packages
Collection.
OAuth often seems complicated and difficult-to-implement. There are several
prominent libraries for handling OAuth requests, but they all suffer from one
or both of the following:
* They predate the OAuth 1.0 spec, AKA RFC 5849.
* They predate the OAuth 2.0 spec, AKA RFC 6749.
* They assume the usage of a specific HTTP request library.
OAuthLib is a generic utility which implements the logic of OAuth without
assuming a specific HTTP request object or web framework. Use it to graft OAuth
client support onto your favorite HTTP library, or provider support onto your
favourite web framework. If you're a maintainer of such a library, write a thin
veneer on top of OAuthLib and get OAuth support for very little effort.
|