rpm/python-oauthlib
SHA256
1
0
Fork 0
forked from pool/python-oauthlib
Code Pull Requests Activity

Accepting request 676991 from home:jayvdb:django

Browse Source 
- Update to version 3.0.1
  * Fixed regression introduced in 3.0.0
    + Fixed Revocation & Introspection Endpoints when using Client
      Authentication with HTTP Basic Auth.
- from 3.0.0
  * General fixes:
    + Add support of python3.7
    + $ and ' are allowed to be unencoded in query strings
    + Request attributes are no longer overriden by HTTP Headers
    + Removed unnecessary code for handling python2.6
    + Several minors updates to setup.py and tox
    + Set pytest as the default unittest framework
  * OAuth2.0 Provider - outstanding Features
    + OpenID Connect Core support
    + RFC7662 Introspect support
    + RFC8414 OAuth2.0 Authorization Server Metadata support
    + RFC7636 PKCE support
  * OAuth2.0 Provider - API/Breaking Changes
    + Add "request" to confirm_redirect_uri
    + confirm_redirect_uri/get_default_redirect_uri has a bit changed
    + invalid_client is now a FatalError
    + Changed errors status code from 401 to 400:
      - invalid_grant:
      - invalid_scope:
      - access_denied/unauthorized_client/consent_required/login_required
      - 401 must have WWW-Authenticate HTTP Header set.
  * OAuth2.0 Provider - Bugfixes
    + empty scopes no longer raise exceptions for implicit and authorization_code
  * OAuth2.0 Client - Bugfixes / Changes:
    + expires_in in Implicit flow is now an integer
    + expires is no longer overriding expires_in
    + parse_request_uri_response is now required
    + Unknown error=xxx raised by OAuth2 providers was not understood
    + OAuth2's `prepare_token_request` supports sending an empty string for `client_id`
    + OAuth2's `WebApplicationClient.prepare_request_body` was refactored to better
      support sending or omitting the `client_id` via a new `include_client_id` kwarg.
      By default this is included. The method will also emit a DeprecationWarning if
      a `client_id` parameter is submitted; the already configured `self.client_id`
      is the preferred option.
  * OAuth1.0 Client:
    + Support for HMAC-SHA256
- Removed remove_unittest2.patch made redundant by v3.0.1
- Set minumum version of python-PyJWT >= 1.0.0

OBS-URL: https://build.opensuse.org/request/show/676991
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-oauthlib?expand=0&rev=40
This commit is contained in:
Tomáš Chvátal
2019-02-18 09:47:53 +00:00
committed by Git OBS Bridge
parent 3552ed62d1
commit 3a5e559532
5 changed files with 54 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
python-oauthlib.changes
View File

@@ -1,3 +1,50 @@
-------------------------------------------------------------------
Sun Feb 17 00:40:20 UTC 2019 - John Vandenberg <jayvdb@gmail.com>
- Update to version 3.0.1
* Fixed regression introduced in 3.0.0
+ Fixed Revocation & Introspection Endpoints when using Client
Authentication with HTTP Basic Auth.
- from 3.0.0
* General fixes:
+ Add support of python3.7
+ $ and ' are allowed to be unencoded in query strings
+ Request attributes are no longer overriden by HTTP Headers
+ Removed unnecessary code for handling python2.6
+ Several minors updates to setup.py and tox
+ Set pytest as the default unittest framework
* OAuth2.0 Provider - outstanding Features
+ OpenID Connect Core support
+ RFC7662 Introspect support
+ RFC8414 OAuth2.0 Authorization Server Metadata support
+ RFC7636 PKCE support
* OAuth2.0 Provider - API/Breaking Changes
+ Add "request" to confirm_redirect_uri
+ confirm_redirect_uri/get_default_redirect_uri has a bit changed
+ invalid_client is now a FatalError
+ Changed errors status code from 401 to 400:
- invalid_grant:
- invalid_scope:
- access_denied/unauthorized_client/consent_required/login_required
- 401 must have WWW-Authenticate HTTP Header set.
* OAuth2.0 Provider - Bugfixes
+ empty scopes no longer raise exceptions for implicit and authorization_code
* OAuth2.0 Client - Bugfixes / Changes:
+ expires_in in Implicit flow is now an integer
+ expires is no longer overriding expires_in
+ parse_request_uri_response is now required
+ Unknown error=xxx raised by OAuth2 providers was not understood
+ OAuth2's `prepare_token_request` supports sending an empty string for `client_id`
+ OAuth2's `WebApplicationClient.prepare_request_body` was refactored to better
support sending or omitting the `client_id` via a new `include_client_id` kwarg.
By default this is included. The method will also emit a DeprecationWarning if
a `client_id` parameter is submitted; the already configured `self.client_id`
is the preferred option.
* OAuth1.0 Client:
+ Support for HMAC-SHA256
- Removed remove_unittest2.patch made redundant by v3.0.1
- Set minumum version of python-PyJWT >= 1.0.0
-------------------------------------------------------------------
Tue Dec 4 12:50:57 UTC 2018 - Matej Cepl <mcepl@suse.com>