------------------------------------------------------------------- Sun May 7 15:22:56 UTC 2017 - pousaduarte@gmail.com - Convert to singlespec ------------------------------------------------------------------- Mon Jan 2 08:13:27 UTC 2017 - tbechtold@suse.com - Use pypi.io and htttps as Source ------------------------------------------------------------------- Sun Jan 1 16:43:13 UTC 2017 - michael@stroeder.com - update to 2.0.1: too many changes to be listed herein (see /usr/share/doc/packages/python-oauthlib/CHANGELOG.rst) - removed obsolete pycrypto.patch because changes were made upstream ------------------------------------------------------------------- Thu Sep 15 13:53:29 UTC 2016 - rjschwei@suse.com - Include in SLES 12 (FATE#321371, bsc#998103) ------------------------------------------------------------------- Wed Apr 22 09:38:29 UTC 2015 - mcihar@suse.cz - Update to 0.7.2: * (Quick fix) Unpushed locally modified files got included in the PyPI 0.7.1 release. Doing a new clean release to address this. Please upgrade quickly and report any issues you are running into. * (Quick fix) Add oauthlib.common.log object back in for libraries using it. * (Change) OAuth2 clients will not raise a Warning on scope change if the environment variable ``OAUTHLIB_RELAX_TOKEN_SCOPE`` is set. The token will now be available as an attribute on the error, ``error.token``. Token changes will now also be announced using blinker. * (Fix/Feature) Automatic fixes of non-compliant OAuth2 provider responses (e.g. Facebook). * (Fix) Logging is now tiered (per file) as opposed to logging all under ``oauthlib``. * (Fix) Error messages should now include a description in their message. * (Fix/Feature) Optional support for jsonp callbacks after token revocation. * (Feature) Client side preparation of OAuth 2 token revocation requests. * (Feature) New OAuth2 client API methods for preparing full requests. * (Feature) OAuth1 SignatureOnlyEndpoint that only verifies signatures and client IDs. * (Fix/Feature) Refresh token grant now allow optional refresh tokens. * (Fix) add missing state param to OAuth2 errors. * (Fix) add_params_to_uri now properly parse fragment. * (Fix/Feature) All OAuth1 errors can now be imported from oauthlib.oauth1. * (Fix/Security) OAuth2 logs will now strip client provided password, if present. * Allow unescaped @ in urlencoded parameters. - New dependency on python-blinker - Add pycrypto.patch to be compatible with latest PyJWT ------------------------------------------------------------------- Wed Jul 23 13:29:30 UTC 2014 - mcihar@suse.cz - Update to version 0.6.3: + 0.6.3: * Quick fix. OAuth 1 client repr in 0.6.2 overwrote secrets when scrubbing for print. + 0.6.2: * Numerous OAuth2 provider errors now suggest a status code of 401 instead of 400 (#247. * Added support for JSON web tokens with oauthlib.common.generate_signed_token. Install extra dependency with oauthlib[signedtoken] (#237). * OAuth2 scopes can be arbitrary objects with __str__ defined (#240). * OAuth 1 Clients can now register custom signature methods (#239). * Exposed new method oauthlib.oauth2.is_secure_transport that checks whether the given URL is HTTPS. Checks using this method can be disabled by setting the environment variable OAUTHLIB_INSECURE_TRANSPORT (#249). * OAuth1 clients now has __repr__ and will be printed with secrets scrubbed. * OAuth1 Client.get_oauth_params now takes an oauthlib.Request as an argument. * urldecode will now raise a much more informative error message on incorrectly encoded strings. * Plenty of typo and other doc fixes. - new dependency on PyJWT ------------------------------------------------------------------- Sun Apr 13 17:25:38 UTC 2014 - p.drouand@gmail.com - Update to version 0.6.1 + (OAuth 2 Provider) is_within_original_scope to check whether a refresh token is trying to aquire a new set of scopes that are a subset of the original scope. + (OAuth 2 Provider) expires_in token lifetime can be set per request. + (OAuth 2 Provider) client_authentication_required method added to differentiate between public and confidential clients. + (OAuth 2 Provider) rotate_refresh_token now indicates whether a new refresh token should be generated during token refresh or if old should be kept. + (OAuth 2 Provider) returned JSON headers no longer include charset. + (OAuth 2 Provider) validate_authorizatoin_request now also includes the internal request object in the returned dictionary. Note that this is not meant to be relied upon heavily and its interface might change. + many style and typo fixes. ------------------------------------------------------------------- Tue Jan 21 08:47:36 UTC 2014 - dmueller@suse.com - use pycrypto, not python-rsa ------------------------------------------------------------------- Mon Jan 20 10:22:53 UTC 2014 - speilicke@suse.com - Add pycrypto requirement for "rsa" submodule ------------------------------------------------------------------- Fri Nov 1 11:22:43 UTC 2013 - p.drouand@gmail.com - Update to version 0.6.0 + All endpoint methods change contract to return 3 values instead of 4. The new signature is `headers`, `body`, `status code` where the initial `redirect_uri` has been relocated to its rightful place inside headers as `Location`. + OAuth 1 Access Token Endpoint has a new required validator method `invalidate_request_token`. + OAuth 1 Authorization Endpoint now returns a 200 response instead of 302 on `oob` callbacks. - Changes from version 0.5.1 + OAuth 1 provider fix for incorrect token param in nonce validation. - Changes from version 0.5.0 + OAuth 1 provider refactor. OAuth 2 refresh token validation fix. - Changes from version 0.4.2 + OAuth 2 draft to RFC. Removed OAuth 2 framework decorators. - Changes from version 0.4.1 + Documentation corrections and various small code fixes. - Changes from version 0.4.0 + OAuth 2 Provider support (experimental). - Changes from version 0.3.8 + OAuth 2 Client now uses custom errors and raise on expire - Changes from version 0.3.7 + OAuth 1 optional encoding of Client.sign return values - Changes from version 0.3.6 + Revert default urlencoding. - Changes from version 0.3.5 + Default unicode conversion (utf-8) and urlencoding of input. ------------------------------------------------------------------- Thu Oct 24 11:09:35 UTC 2013 - speilicke@suse.com - Require python-setuptools instead of distribute (upstreams merged) ------------------------------------------------------------------- Fri Nov 23 11:19:03 UTC 2012 - saschpe@suse.de - Update to version 0.3.4: + A number of small features and bug fixes. - Changes from version 0.3.3: + OAuth 1 Provider verify now return useful params - Changes from version 0.3.2: + Fixed #62, all Python 3 tests pass. - Changes from version 0.3.1: + Python 3.1, 3.2, 3.3 support (experimental) - Changes from version 0.3.0: + Initial OAuth 2 client support - Changes from version 0.2.1: + Exclude non urlencoded bodies during request verification - Changes from version 0.2.0: + OAuth provider support - Changes from version 0.1.4: + soft dependency on PyCrypto ------------------------------------------------------------------- Fri May 18 00:49:08 UTC 2012 - jfunk@funktronics.ca - Initial release