- Cherry-pick upstream patch to make UtilsTests.test_filter_params Python 3.13+ compatible
* Make-UtilsTests.test_filter_params-Python-3.13-compatible.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-oauthlib?expand=0&rev=65
This commit is contained in:
commit
68b4bf95ba
23
.gitattributes
vendored
Normal file
23
.gitattributes
vendored
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
## Default LFS
|
||||||
|
*.7z filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.bsp filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.bz2 filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.gem filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.gz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.jar filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.lz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.lzma filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.obscpio filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.oxt filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.pdf filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.png filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.rpm filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.tbz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.tbz2 filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.tgz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.ttf filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.txz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.whl filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.xz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.zip filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.zst filter=lfs diff=lfs merge=lfs -text
|
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
.osc
|
@ -0,0 +1,37 @@
|
|||||||
|
From 6cbbd16bf7ac0ee6af68dc900cbaa734c52343c8 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= <miro@hroncok.cz>
|
||||||
|
Date: Tue, 24 Oct 2023 15:08:10 +0200
|
||||||
|
Subject: [PATCH] Make UtilsTests.test_filter_params Python 3.13+ compatible
|
||||||
|
|
||||||
|
Since Python 3.13.0a1, docstrings are automatically dedented.
|
||||||
|
See https://github.com/python/cpython/issues/81283
|
||||||
|
and https://docs.python.org/3.13/whatsnew/3.13.html#other-language-changes
|
||||||
|
|
||||||
|
As a result, using a docstring with leading space as a test case
|
||||||
|
breaks the test assumption.
|
||||||
|
|
||||||
|
The initial commit which introduced this test a decade ago
|
||||||
|
(6c0c7914f3a57823834b1be492b307992f943629)
|
||||||
|
does not specify why testing the spaces is important.
|
||||||
|
---
|
||||||
|
tests/oauth1/rfc5849/test_utils.py | 4 ++--
|
||||||
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/tests/oauth1/rfc5849/test_utils.py b/tests/oauth1/rfc5849/test_utils.py
|
||||||
|
index 013c71a9..22128908 100644
|
||||||
|
--- a/tests/oauth1/rfc5849/test_utils.py
|
||||||
|
+++ b/tests/oauth1/rfc5849/test_utils.py
|
||||||
|
@@ -53,11 +53,11 @@ def test_filter_params(self):
|
||||||
|
# The following is an isolated test function used to test the filter_params decorator.
|
||||||
|
@filter_params
|
||||||
|
def special_test_function(params, realm=None):
|
||||||
|
- """ I am a special test function """
|
||||||
|
+ """I am a special test function"""
|
||||||
|
return 'OAuth ' + ','.join(['='.join([k, v]) for k, v in params])
|
||||||
|
|
||||||
|
# check that the docstring got through
|
||||||
|
- self.assertEqual(special_test_function.__doc__, " I am a special test function ")
|
||||||
|
+ self.assertEqual(special_test_function.__doc__, "I am a special test function")
|
||||||
|
|
||||||
|
# Check that the decorator filtering works as per design.
|
||||||
|
# Any param that does not start with 'oauth'
|
BIN
oauthlib-3.2.2.tar.gz
(Stored with Git LFS)
Normal file
BIN
oauthlib-3.2.2.tar.gz
(Stored with Git LFS)
Normal file
Binary file not shown.
450
python-oauthlib.changes
Normal file
450
python-oauthlib.changes
Normal file
@ -0,0 +1,450 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Sep 9 10:18:06 UTC 2024 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
|
||||||
|
|
||||||
|
- Cherry-pick upstream patch to make UtilsTests.test_filter_params Python 3.13+ compatible
|
||||||
|
* Make-UtilsTests.test_filter_params-Python-3.13-compatible.patch
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Aug 12 08:42:35 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
|
||||||
|
|
||||||
|
- Skip failing test with jwt 2.9.0
|
||||||
|
gh#oauthlib/oauthlib#877
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Apr 21 12:28:37 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
||||||
|
|
||||||
|
- add sle15_python_module_pythons (jsc#PED-68)
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Apr 13 22:42:44 UTC 2023 - Matej Cepl <mcepl@suse.com>
|
||||||
|
|
||||||
|
- Make calling of %{sle15modernpython} optional.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Sat Oct 22 16:22:08 UTC 2022 - Arun Persaud <arun@gmx.de>
|
||||||
|
|
||||||
|
- update to version 3.2.2:
|
||||||
|
* OAuth2.0 Provider: * CVE-2022-36087
|
||||||
|
- Also remove the conditional definition of python_module.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Sep 12 14:39:20 UTC 2022 - Arun Persaud <arun@gmx.de>
|
||||||
|
|
||||||
|
- specfile:
|
||||||
|
* update requirements
|
||||||
|
|
||||||
|
- update to version 3.2.1:
|
||||||
|
* OAuth2.0 Provider: * #803: Metadata endpoint support of non-HTTPS
|
||||||
|
* CVE-2022-36087, bugzilla # 1203333
|
||||||
|
* OAuth1.0: * #818: Allow IPv6 being parsed by signature
|
||||||
|
* General: * Improved and fixed documentation warnings. * Cosmetic
|
||||||
|
changes based on isort
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Feb 3 20:02:09 UTC 2022 - Arun Persaud <arun@gmx.de>
|
||||||
|
|
||||||
|
- specfile:
|
||||||
|
* update copyright year
|
||||||
|
|
||||||
|
- update to version 3.2.0:
|
||||||
|
* OAuth2.0 Client: * #795: Add Device Authorization Flow for Web
|
||||||
|
Application * #786: Add PKCE support for Client * #783: Fallback
|
||||||
|
to none in case of wrong expires_at format.
|
||||||
|
* OAuth2.0 Provider: * #790: Add support for CORS to metadata
|
||||||
|
endpoint. * #791: Add support for CORS to token endpoint. * #787:
|
||||||
|
Remove comma after Bearer in WWW-Authenticate
|
||||||
|
* OAuth2.0 Provider - OIDC:
|
||||||
|
+ #755: Call save_token in Hybrid code flow
|
||||||
|
+ #751: OIDC add support of refreshing ID Tokens with
|
||||||
|
refresh_id_token
|
||||||
|
+ #751: The RefreshTokenGrant modifiers now take the same
|
||||||
|
arguments as the AuthorizationCodeGrant modifiers (token,
|
||||||
|
token_handler, request).
|
||||||
|
* General:
|
||||||
|
+ Added Python 3.9, 3.10, 3.11
|
||||||
|
+ Improve Travis & Coverage
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Sun Jun 6 12:48:39 UTC 2021 - Dirk Müller <dmueller@suse.com>
|
||||||
|
|
||||||
|
- update to 3.1.1:
|
||||||
|
* #753: Fix acceptance of valid IPv6 addresses in URI validation
|
||||||
|
* #730: Base OAuth2 Client now has a consistent way of managing the `scope`: it consistently
|
||||||
|
relies on the `scope` provided in the constructor if any, except if overridden temporarily
|
||||||
|
in a method call. Note that in particular providing a non-None `scope` in
|
||||||
|
`prepare_authorization_request` or `prepare_refresh_token` does not override anymore
|
||||||
|
`self.scope` forever, it is just used temporarily.
|
||||||
|
* #726: MobileApplicationClient.prepare_request_uri and MobileApplicationClient.parse_request_uri_response,
|
||||||
|
ServiceApplicationClient.prepare_request_body,
|
||||||
|
and WebApplicationClient.prepare_request_uri now correctly use the default `scope` provided in
|
||||||
|
constructor.
|
||||||
|
* #725: LegacyApplicationClient.prepare_request_body now correctly uses the default `scope` provided in constructor
|
||||||
|
* #711: client_credentials grant: fix log message
|
||||||
|
* #746: OpenID Connect Hybrid - fix nonce not passed to add_id_token
|
||||||
|
* #756: Different prompt values are now handled according to spec (e.g. prompt=none)
|
||||||
|
* #759: OpenID Connect - fix Authorization: Basic parsing
|
||||||
|
* #716: improved skeleton validator for public vs private client
|
||||||
|
* #720: replace mock library with standard unittest.mock
|
||||||
|
* #727: build isort integration
|
||||||
|
* #734: python2 code removal
|
||||||
|
* #735, #750: add python3.8 support
|
||||||
|
* #749: bump minimum versions of pyjwt and cryptography
|
||||||
|
- drop o_switch_to_unitest_mock.patch (upstream)
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue May 25 11:02:47 UTC 2021 - pgajdos@suse.com
|
||||||
|
|
||||||
|
- %check: use %pyunittest rpm macro
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Sep 24 11:18:07 UTC 2020 - Hans-Peter Jansen <hpj@urpla.net>
|
||||||
|
|
||||||
|
- Fix patch numbering
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Apr 29 12:15:23 UTC 2020 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
|
||||||
|
|
||||||
|
- Add patch to switch from external mock to unittest.mock
|
||||||
|
+ o_switch_to_unitest_mock.patch
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Sep 11 11:02:36 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
|
||||||
|
|
||||||
|
- Update to 3.1.0:
|
||||||
|
* OAuth2.0 Provider - Features * #660: OIDC add support of nonce, c_hash, at_hash fields
|
||||||
|
* #677: OIDC add UserInfo endpoint - New RequestValidator.get_userinfo_claims method
|
||||||
|
* #666: Disabling query parameters for POST requests
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Sun Jul 21 16:58:02 UTC 2019 - Arun Persaud <arun@gmx.de>
|
||||||
|
|
||||||
|
- specfile:
|
||||||
|
* be more specific in %files section
|
||||||
|
|
||||||
|
- update to version 3.0.2:
|
||||||
|
* #650: Fixed space encoding in base string URI used in the
|
||||||
|
signature base string.
|
||||||
|
* #652: Fixed OIDC /token response which wrongly returned
|
||||||
|
"&state=None"
|
||||||
|
* #654: Doc: The value state must not be stored by the AS, only
|
||||||
|
returned in /authorize response.
|
||||||
|
* #656: Fixed OIDC "nonce" checks: raise errors when it's mandatory
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Sun Feb 17 00:40:20 UTC 2019 - John Vandenberg <jayvdb@gmail.com>
|
||||||
|
|
||||||
|
- Update to version 3.0.1
|
||||||
|
* Fixed regression introduced in 3.0.0
|
||||||
|
+ Fixed Revocation & Introspection Endpoints when using Client
|
||||||
|
Authentication with HTTP Basic Auth.
|
||||||
|
- from 3.0.0
|
||||||
|
* General fixes:
|
||||||
|
+ Add support of python3.7
|
||||||
|
+ $ and ' are allowed to be unencoded in query strings
|
||||||
|
+ Request attributes are no longer overriden by HTTP Headers
|
||||||
|
+ Removed unnecessary code for handling python2.6
|
||||||
|
+ Several minors updates to setup.py and tox
|
||||||
|
+ Set pytest as the default unittest framework
|
||||||
|
* OAuth2.0 Provider - outstanding Features
|
||||||
|
+ OpenID Connect Core support
|
||||||
|
+ RFC7662 Introspect support
|
||||||
|
+ RFC8414 OAuth2.0 Authorization Server Metadata support
|
||||||
|
+ RFC7636 PKCE support
|
||||||
|
* OAuth2.0 Provider - API/Breaking Changes
|
||||||
|
+ Add "request" to confirm_redirect_uri
|
||||||
|
+ confirm_redirect_uri/get_default_redirect_uri has a bit changed
|
||||||
|
+ invalid_client is now a FatalError
|
||||||
|
+ Changed errors status code from 401 to 400:
|
||||||
|
- invalid_grant:
|
||||||
|
- invalid_scope:
|
||||||
|
- access_denied/unauthorized_client/consent_required/login_required
|
||||||
|
- 401 must have WWW-Authenticate HTTP Header set.
|
||||||
|
* OAuth2.0 Provider - Bugfixes
|
||||||
|
+ empty scopes no longer raise exceptions for implicit and authorization_code
|
||||||
|
* OAuth2.0 Client - Bugfixes / Changes:
|
||||||
|
+ expires_in in Implicit flow is now an integer
|
||||||
|
+ expires is no longer overriding expires_in
|
||||||
|
+ parse_request_uri_response is now required
|
||||||
|
+ Unknown error=xxx raised by OAuth2 providers was not understood
|
||||||
|
+ OAuth2's `prepare_token_request` supports sending an empty string for `client_id`
|
||||||
|
+ OAuth2's `WebApplicationClient.prepare_request_body` was refactored to better
|
||||||
|
support sending or omitting the `client_id` via a new `include_client_id` kwarg.
|
||||||
|
By default this is included. The method will also emit a DeprecationWarning if
|
||||||
|
a `client_id` parameter is submitted; the already configured `self.client_id`
|
||||||
|
is the preferred option.
|
||||||
|
* OAuth1.0 Client:
|
||||||
|
+ Support for HMAC-SHA256
|
||||||
|
- Removed remove_unittest2.patch made redundant by v3.0.1
|
||||||
|
- Set minumum version of python-PyJWT >= 1.0.0
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Dec 4 12:50:57 UTC 2018 - Matej Cepl <mcepl@suse.com>
|
||||||
|
|
||||||
|
- Remove superfluous devel dependency for noarch package
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Aug 13 13:01:36 UTC 2018 - mcepl@suse.com
|
||||||
|
|
||||||
|
Remove dependency on unittest2
|
||||||
|
Add remove_unittest2.patch to facilitate that
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed May 23 02:49:49 UTC 2018 - arun@gmx.de
|
||||||
|
|
||||||
|
- specfile:
|
||||||
|
* fix fdupes call for single-spec
|
||||||
|
|
||||||
|
- update to version 2.1.0:
|
||||||
|
* Fixed some copy and paste typos (#535)
|
||||||
|
* Use secrets module in Python 3.6 and later (#533)
|
||||||
|
* Add request argument to confirm_redirect_uri (#504)
|
||||||
|
* Avoid populating spurious token credentials (#542)
|
||||||
|
* Make populate attributes API public (#546)
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Mar 26 16:17:21 UTC 2018 - arun@gmx.de
|
||||||
|
|
||||||
|
- specfile:
|
||||||
|
* ran spec-cleaner
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Sat Mar 24 18:50:04 UTC 2018 - arun@gmx.de
|
||||||
|
|
||||||
|
- specfile:
|
||||||
|
* update copyright year
|
||||||
|
* updated url
|
||||||
|
|
||||||
|
- update to version 2.0.7:
|
||||||
|
* Moved oauthlib into new organization on GitHub.
|
||||||
|
* Include license file in the generated wheel package. (#494)
|
||||||
|
* When deploying a release to PyPI, include the wheel
|
||||||
|
distribution. (#496)
|
||||||
|
* Check access token in self.token dict. (#500)
|
||||||
|
* Added bottle-oauthlib to docs. (#509)
|
||||||
|
* Update repository location in Travis. (#514)
|
||||||
|
* Updated docs for organization change. (#515)
|
||||||
|
* Replace G+ with Gitter. (#517)
|
||||||
|
* Update requirements. (#518)
|
||||||
|
* Add shields for Python versions, license and RTD. (#520)
|
||||||
|
* Fix ReadTheDocs build (#521).
|
||||||
|
* Fixed "make" command to test upstream with local oauthlib. (#522)
|
||||||
|
* Replace IRC notification with Gitter Hook. (#523)
|
||||||
|
* Added Github Releases deploy provider. (#523)
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Sat Oct 21 03:14:43 UTC 2017 - arun@gmx.de
|
||||||
|
|
||||||
|
- update to version 2.0.6:
|
||||||
|
* 2.0.5 contains breaking changes.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Oct 20 01:43:25 UTC 2017 - arun@gmx.de
|
||||||
|
|
||||||
|
- update to version 2.0.5:
|
||||||
|
* Fix OAuth2Error.response_mode for #463.
|
||||||
|
* Documentation improvement.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Sep 25 16:14:07 UTC 2017 - arun@gmx.de
|
||||||
|
|
||||||
|
- update to version 2.0.4:
|
||||||
|
* Fixed typo that caused OAuthlib to crash because of the fix in
|
||||||
|
"Address missing OIDC errors and fix a typo in the
|
||||||
|
AccountSelectionRequired exception".
|
||||||
|
|
||||||
|
- changes from version 2.0.3:
|
||||||
|
* Address missing OIDC errors and fix a typo in the
|
||||||
|
AccountSelectionRequired exception.
|
||||||
|
* Update proxy keys on CaseInsensitiveDict.update().
|
||||||
|
* Redirect errors according to OIDC's response_mode.
|
||||||
|
* Added universal wheel support.
|
||||||
|
* Added log statements to except clauses.
|
||||||
|
* According to RC7009 Section 2.1, a client should include
|
||||||
|
authentication credentials when revoking its tokens. As discussed
|
||||||
|
in #339, this is not make sense for public clients. However, in
|
||||||
|
that case, the public client should still be checked that is
|
||||||
|
infact a public client (authenticate_client_id).
|
||||||
|
* Improved prompt parameter validation.
|
||||||
|
* Added two error codes from RFC 6750.
|
||||||
|
* Hybrid response types are now be fragment-encoded.
|
||||||
|
* Added Python 3.6 to Travis CI testing and trove classifiers.
|
||||||
|
* Fixed BytesWarning issued when using a string placeholder for
|
||||||
|
bytes object.
|
||||||
|
* Documented PyJWT dependency and improved logging and exception
|
||||||
|
messages.
|
||||||
|
* Documentation improvements and fixes.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Aug 21 14:03:34 UTC 2017 - tbechtold@suse.com
|
||||||
|
|
||||||
|
- update to 2.0.2:
|
||||||
|
* Dropped support for Python 2.6, 3.2 & 3.3.
|
||||||
|
* (FIX) `OpenIDConnector` will no longer raise an AttributeError when calling
|
||||||
|
`openid_authorization_validator()` twice.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Sun May 7 15:22:56 UTC 2017 - pousaduarte@gmail.com
|
||||||
|
|
||||||
|
- Convert to singlespec
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Jan 2 08:13:27 UTC 2017 - tbechtold@suse.com
|
||||||
|
|
||||||
|
- Use pypi.io and htttps as Source
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Sun Jan 1 16:43:13 UTC 2017 - michael@stroeder.com
|
||||||
|
|
||||||
|
- update to 2.0.1:
|
||||||
|
too many changes to be listed herein
|
||||||
|
(see /usr/share/doc/packages/python-oauthlib/CHANGELOG.rst)
|
||||||
|
- removed obsolete pycrypto.patch because changes were made upstream
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Sep 15 13:53:29 UTC 2016 - rjschwei@suse.com
|
||||||
|
|
||||||
|
- Include in SLES 12 (FATE#321371, bsc#998103)
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Apr 22 09:38:29 UTC 2015 - mcihar@suse.cz
|
||||||
|
|
||||||
|
- Update to 0.7.2:
|
||||||
|
* (Quick fix) Unpushed locally modified files got included in the PyPI 0.7.1
|
||||||
|
release. Doing a new clean release to address this. Please upgrade quickly
|
||||||
|
and report any issues you are running into.
|
||||||
|
* (Quick fix) Add oauthlib.common.log object back in for libraries using it.
|
||||||
|
* (Change) OAuth2 clients will not raise a Warning on scope change if
|
||||||
|
the environment variable ``OAUTHLIB_RELAX_TOKEN_SCOPE`` is set. The token
|
||||||
|
will now be available as an attribute on the error, ``error.token``.
|
||||||
|
Token changes will now also be announced using blinker.
|
||||||
|
* (Fix/Feature) Automatic fixes of non-compliant OAuth2 provider responses (e.g. Facebook).
|
||||||
|
* (Fix) Logging is now tiered (per file) as opposed to logging all under ``oauthlib``.
|
||||||
|
* (Fix) Error messages should now include a description in their message.
|
||||||
|
* (Fix/Feature) Optional support for jsonp callbacks after token revocation.
|
||||||
|
* (Feature) Client side preparation of OAuth 2 token revocation requests.
|
||||||
|
* (Feature) New OAuth2 client API methods for preparing full requests.
|
||||||
|
* (Feature) OAuth1 SignatureOnlyEndpoint that only verifies signatures and client IDs.
|
||||||
|
* (Fix/Feature) Refresh token grant now allow optional refresh tokens.
|
||||||
|
* (Fix) add missing state param to OAuth2 errors.
|
||||||
|
* (Fix) add_params_to_uri now properly parse fragment.
|
||||||
|
* (Fix/Feature) All OAuth1 errors can now be imported from oauthlib.oauth1.
|
||||||
|
* (Fix/Security) OAuth2 logs will now strip client provided password, if present.
|
||||||
|
* Allow unescaped @ in urlencoded parameters.
|
||||||
|
- New dependency on python-blinker
|
||||||
|
- Add pycrypto.patch to be compatible with latest PyJWT
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Jul 23 13:29:30 UTC 2014 - mcihar@suse.cz
|
||||||
|
|
||||||
|
- Update to version 0.6.3:
|
||||||
|
+ 0.6.3:
|
||||||
|
* Quick fix. OAuth 1 client repr in 0.6.2 overwrote secrets when
|
||||||
|
scrubbing for print.
|
||||||
|
+ 0.6.2:
|
||||||
|
* Numerous OAuth2 provider errors now suggest a status code of 401 instead
|
||||||
|
of 400 (#247.
|
||||||
|
* Added support for JSON web tokens with oauthlib.common.generate_signed_token.
|
||||||
|
Install extra dependency with oauthlib[signedtoken] (#237).
|
||||||
|
* OAuth2 scopes can be arbitrary objects with __str__ defined (#240).
|
||||||
|
* OAuth 1 Clients can now register custom signature methods (#239).
|
||||||
|
* Exposed new method oauthlib.oauth2.is_secure_transport that checks whether
|
||||||
|
the given URL is HTTPS. Checks using this method can be disabled by setting
|
||||||
|
the environment variable OAUTHLIB_INSECURE_TRANSPORT (#249).
|
||||||
|
* OAuth1 clients now has __repr__ and will be printed with secrets scrubbed.
|
||||||
|
* OAuth1 Client.get_oauth_params now takes an oauthlib.Request as an argument.
|
||||||
|
* urldecode will now raise a much more informative error message on
|
||||||
|
incorrectly encoded strings.
|
||||||
|
* Plenty of typo and other doc fixes.
|
||||||
|
- new dependency on PyJWT
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Sun Apr 13 17:25:38 UTC 2014 - p.drouand@gmail.com
|
||||||
|
|
||||||
|
- Update to version 0.6.1
|
||||||
|
+ (OAuth 2 Provider) is_within_original_scope to check whether a
|
||||||
|
refresh token is trying to aquire a new set of scopes that are
|
||||||
|
a subset of the original scope.
|
||||||
|
+ (OAuth 2 Provider) expires_in token lifetime can be set per request.
|
||||||
|
+ (OAuth 2 Provider) client_authentication_required method added to
|
||||||
|
differentiate between public and confidential clients.
|
||||||
|
+ (OAuth 2 Provider) rotate_refresh_token now indicates whether a
|
||||||
|
new refresh token should be generated during token refresh or
|
||||||
|
if old should be kept.
|
||||||
|
+ (OAuth 2 Provider) returned JSON headers no longer include charset.
|
||||||
|
+ (OAuth 2 Provider) validate_authorizatoin_request now also includes
|
||||||
|
the internal request object in the returned dictionary. Note that
|
||||||
|
this is not meant to be relied upon heavily and its interface might
|
||||||
|
change.
|
||||||
|
+ many style and typo fixes.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Jan 21 08:47:36 UTC 2014 - dmueller@suse.com
|
||||||
|
|
||||||
|
- use pycrypto, not python-rsa
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Jan 20 10:22:53 UTC 2014 - speilicke@suse.com
|
||||||
|
|
||||||
|
- Add pycrypto requirement for "rsa" submodule
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Nov 1 11:22:43 UTC 2013 - p.drouand@gmail.com
|
||||||
|
|
||||||
|
- Update to version 0.6.0
|
||||||
|
+ All endpoint methods change contract to return 3 values instead
|
||||||
|
of 4. The new signature is `headers`, `body`, `status code` where
|
||||||
|
the initial `redirect_uri` has been relocated to its rightful place
|
||||||
|
inside headers as `Location`.
|
||||||
|
+ OAuth 1 Access Token Endpoint has a new required validator method
|
||||||
|
`invalidate_request_token`.
|
||||||
|
+ OAuth 1 Authorization Endpoint now returns a 200 response instead
|
||||||
|
of 302 on `oob` callbacks.
|
||||||
|
- Changes from version 0.5.1
|
||||||
|
+ OAuth 1 provider fix for incorrect token param in nonce validation.
|
||||||
|
- Changes from version 0.5.0
|
||||||
|
+ OAuth 1 provider refactor. OAuth 2 refresh token validation fix.
|
||||||
|
- Changes from version 0.4.2
|
||||||
|
+ OAuth 2 draft to RFC. Removed OAuth 2 framework decorators.
|
||||||
|
- Changes from version 0.4.1
|
||||||
|
+ Documentation corrections and various small code fixes.
|
||||||
|
- Changes from version 0.4.0
|
||||||
|
+ OAuth 2 Provider support (experimental).
|
||||||
|
- Changes from version 0.3.8
|
||||||
|
+ OAuth 2 Client now uses custom errors and raise on expire
|
||||||
|
- Changes from version 0.3.7
|
||||||
|
+ OAuth 1 optional encoding of Client.sign return values
|
||||||
|
- Changes from version 0.3.6
|
||||||
|
+ Revert default urlencoding.
|
||||||
|
- Changes from version 0.3.5
|
||||||
|
+ Default unicode conversion (utf-8) and urlencoding of input.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Oct 24 11:09:35 UTC 2013 - speilicke@suse.com
|
||||||
|
|
||||||
|
- Require python-setuptools instead of distribute (upstreams merged)
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Nov 23 11:19:03 UTC 2012 - saschpe@suse.de
|
||||||
|
|
||||||
|
- Update to version 0.3.4:
|
||||||
|
+ A number of small features and bug fixes.
|
||||||
|
- Changes from version 0.3.3:
|
||||||
|
+ OAuth 1 Provider verify now return useful params
|
||||||
|
- Changes from version 0.3.2:
|
||||||
|
+ Fixed #62, all Python 3 tests pass.
|
||||||
|
- Changes from version 0.3.1:
|
||||||
|
+ Python 3.1, 3.2, 3.3 support (experimental)
|
||||||
|
- Changes from version 0.3.0:
|
||||||
|
+ Initial OAuth 2 client support
|
||||||
|
- Changes from version 0.2.1:
|
||||||
|
+ Exclude non urlencoded bodies during request verification
|
||||||
|
- Changes from version 0.2.0:
|
||||||
|
+ OAuth provider support
|
||||||
|
- Changes from version 0.1.4:
|
||||||
|
+ soft dependency on PyCrypto
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri May 18 00:49:08 UTC 2012 - jfunk@funktronics.ca
|
||||||
|
|
||||||
|
- Initial release
|
||||||
|
|
86
python-oauthlib.spec
Normal file
86
python-oauthlib.spec
Normal file
@ -0,0 +1,86 @@
|
|||||||
|
#
|
||||||
|
# spec file for package python-oauthlib
|
||||||
|
#
|
||||||
|
# Copyright (c) 2024 SUSE LLC
|
||||||
|
#
|
||||||
|
# All modifications and additions to the file contributed by third parties
|
||||||
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
|
# upon. The license for this file, and modifications and additions to the
|
||||||
|
# file, is the same license as for the pristine package itself (unless the
|
||||||
|
# license for the pristine package is not an Open Source License, in which
|
||||||
|
# case the license is the MIT License). An "Open Source License" is a
|
||||||
|
# license that conforms to the Open Source Definition (Version 1.9)
|
||||||
|
# published by the Open Source Initiative.
|
||||||
|
|
||||||
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||||
|
#
|
||||||
|
|
||||||
|
|
||||||
|
%define skip_python2 1
|
||||||
|
%{?sle15_python_module_pythons}
|
||||||
|
Name: python-oauthlib
|
||||||
|
Version: 3.2.2
|
||||||
|
Release: 0
|
||||||
|
Summary: A Generic Implementation of the OAuth Request-Signing Logic
|
||||||
|
License: BSD-3-Clause
|
||||||
|
Group: Development/Languages/Python
|
||||||
|
URL: https://github.com/oauthlib/oauthlib
|
||||||
|
Source: https://files.pythonhosted.org/packages/source/o/oauthlib/oauthlib-%{version}.tar.gz
|
||||||
|
# PATCH-FIX-UPSTREAM gh/oauthlib/oauthlib#866 - Make UtilsTests.test_filter_params Python 3.13+ compatible
|
||||||
|
Patch: https://github.com/oauthlib/oauthlib/pull/866.patch#/Make-UtilsTests.test_filter_params-Python-3.13-compatible.patch
|
||||||
|
BuildRequires: %{python_module PyJWT >= 2.0.0}
|
||||||
|
BuildRequires: %{python_module blinker >= 1.4}
|
||||||
|
BuildRequires: %{python_module cryptography >= 3.0.0 }
|
||||||
|
BuildRequires: %{python_module pyasn1}
|
||||||
|
BuildRequires: %{python_module pytest}
|
||||||
|
BuildRequires: %{python_module setuptools}
|
||||||
|
BuildRequires: fdupes
|
||||||
|
BuildRequires: python-rpm-macros
|
||||||
|
Requires: python-PyJWT >= 2.0.0
|
||||||
|
Requires: python-blinker >= 1.4
|
||||||
|
Requires: python-cryptography >= 3.0.0
|
||||||
|
BuildArch: noarch
|
||||||
|
%python_subpackages
|
||||||
|
|
||||||
|
%description
|
||||||
|
A generic, spec-compliant, thorough implementation of the OAuth request-signing
|
||||||
|
logic.
|
||||||
|
|
||||||
|
OAuth often seems complicated and difficult-to-implement. There are several
|
||||||
|
prominent libraries for signing OAuth requests, but they all suffer from one or
|
||||||
|
both of the following:
|
||||||
|
|
||||||
|
1. They predate the OAuth 1.0 spec, AKA RFC 5849.
|
||||||
|
2. They predate the OAuth 2.0 spec, AKA RFC 6749.
|
||||||
|
3. They assume the usage of a specific HTTP request library.
|
||||||
|
|
||||||
|
OAuthLib is a generic utility which implements the logic of OAuth without
|
||||||
|
assuming a specific HTTP request object. Use it to graft OAuth support onto your
|
||||||
|
favorite HTTP library. If you're a maintainer of such a library, write a thin
|
||||||
|
veneer on top of OAuthLib and get OAuth support for very little effort.
|
||||||
|
|
||||||
|
%prep
|
||||||
|
%setup -q -n oauthlib-%{version}
|
||||||
|
%patch -P0 -p1
|
||||||
|
|
||||||
|
%build
|
||||||
|
%python_build
|
||||||
|
|
||||||
|
%install
|
||||||
|
%python_install
|
||||||
|
%python_expand %fdupes %{buildroot}%{$python_sitelib}
|
||||||
|
|
||||||
|
%check
|
||||||
|
# Failing test with JWT 2.9.0 gh#oauthlib/oauthlib#877
|
||||||
|
donttest="test_rsa_bad_keys"
|
||||||
|
%pytest -k "not $donttest"
|
||||||
|
|
||||||
|
%files %{python_files}
|
||||||
|
%license LICENSE
|
||||||
|
%doc README.rst CHANGELOG.rst
|
||||||
|
%dir %{python_sitelib}/oauthlib
|
||||||
|
%{python_sitelib}/oauthlib/*
|
||||||
|
%dir %{python_sitelib}/oauthlib-%{version}-py*.egg-info
|
||||||
|
%{python_sitelib}/oauthlib-%{version}-py*.egg-info/*
|
||||||
|
|
||||||
|
%changelog
|
Loading…
Reference in New Issue
Block a user