- Update to version 3.0.1
* Fixed regression introduced in 3.0.0
+ Fixed Revocation & Introspection Endpoints when using Client
Authentication with HTTP Basic Auth.
- from 3.0.0
* General fixes:
+ Add support of python3.7
+ $ and ' are allowed to be unencoded in query strings
+ Request attributes are no longer overriden by HTTP Headers
+ Removed unnecessary code for handling python2.6
+ Several minors updates to setup.py and tox
+ Set pytest as the default unittest framework
* OAuth2.0 Provider - outstanding Features
+ OpenID Connect Core support
+ RFC7662 Introspect support
+ RFC8414 OAuth2.0 Authorization Server Metadata support
+ RFC7636 PKCE support
* OAuth2.0 Provider - API/Breaking Changes
+ Add "request" to confirm_redirect_uri
+ confirm_redirect_uri/get_default_redirect_uri has a bit changed
+ invalid_client is now a FatalError
+ Changed errors status code from 401 to 400:
- invalid_grant:
- invalid_scope:
- access_denied/unauthorized_client/consent_required/login_required
- 401 must have WWW-Authenticate HTTP Header set.
* OAuth2.0 Provider - Bugfixes
+ empty scopes no longer raise exceptions for implicit and authorization_code
* OAuth2.0 Client - Bugfixes / Changes:
+ expires_in in Implicit flow is now an integer
+ expires is no longer overriding expires_in
+ parse_request_uri_response is now required
+ Unknown error=xxx raised by OAuth2 providers was not understood
+ OAuth2's `prepare_token_request` supports sending an empty string for `client_id`
+ OAuth2's `WebApplicationClient.prepare_request_body` was refactored to better
support sending or omitting the `client_id` via a new `include_client_id` kwarg.
By default this is included. The method will also emit a DeprecationWarning if
a `client_id` parameter is submitted; the already configured `self.client_id`
is the preferred option.
* OAuth1.0 Client:
+ Support for HMAC-SHA256
- Removed remove_unittest2.patch made redundant by v3.0.1
- Set minumum version of python-PyJWT >= 1.0.0
OBS-URL: https://build.opensuse.org/request/show/676991
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-oauthlib?expand=0&rev=40
- specfile:
* ran spec-cleaner
- specfile:
* update copyright year
* updated url
- update to version 2.0.7:
* Moved oauthlib into new organization on GitHub.
* Include license file in the generated wheel package. (#494)
* When deploying a release to PyPI, include the wheel
distribution. (#496)
* Check access token in self.token dict. (#500)
* Added bottle-oauthlib to docs. (#509)
* Update repository location in Travis. (#514)
* Updated docs for organization change. (#515)
* Replace G+ with Gitter. (#517)
* Update requirements. (#518)
* Add shields for Python versions, license and RTD. (#520)
* Fix ReadTheDocs build (#521).
* Fixed "make" command to test upstream with local oauthlib. (#522)
* Replace IRC notification with Gitter Hook. (#523)
* Added Github Releases deploy provider. (#523)
OBS-URL: https://build.opensuse.org/request/show/591304
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-oauthlib?expand=0&rev=32
- Update to 0.7.2:
* (Quick fix) Unpushed locally modified files got included in the PyPI 0.7.1
release. Doing a new clean release to address this. Please upgrade quickly
and report any issues you are running into.
* (Quick fix) Add oauthlib.common.log object back in for libraries using it.
* (Change) OAuth2 clients will not raise a Warning on scope change if
the environment variable ``OAUTHLIB_RELAX_TOKEN_SCOPE`` is set. The token
will now be available as an attribute on the error, ``error.token``.
Token changes will now also be announced using blinker.
* (Fix/Feature) Automatic fixes of non-compliant OAuth2 provider responses (e.g. Facebook).
* (Fix) Logging is now tiered (per file) as opposed to logging all under ``oauthlib``.
* (Fix) Error messages should now include a description in their message.
* (Fix/Feature) Optional support for jsonp callbacks after token revocation.
* (Feature) Client side preparation of OAuth 2 token revocation requests.
* (Feature) New OAuth2 client API methods for preparing full requests.
* (Feature) OAuth1 SignatureOnlyEndpoint that only verifies signatures and client IDs.
* (Fix/Feature) Refresh token grant now allow optional refresh tokens.
* (Fix) add missing state param to OAuth2 errors.
* (Fix) add_params_to_uri now properly parse fragment.
* (Fix/Feature) All OAuth1 errors can now be imported from oauthlib.oauth1.
* (Fix/Security) OAuth2 logs will now strip client provided password, if present.
* Allow unescaped @ in urlencoded parameters.
- New dependency on python-blinker
- Add pycrypto.patch to be compatible with latest PyJWT
OBS-URL: https://build.opensuse.org/request/show/298709
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-oauthlib?expand=0&rev=17
- Update to version 0.6.3:
+ 0.6.3:
* Quick fix. OAuth 1 client repr in 0.6.2 overwrote secrets when
scrubbing for print.
+ 0.6.2:
* Numerous OAuth2 provider errors now suggest a status code of 401 instead
of 400 (#247.
* Added support for JSON web tokens with oauthlib.common.generate_signed_token.
Install extra dependency with oauthlib[signedtoken] (#237).
* OAuth2 scopes can be arbitrary objects with __str__ defined (#240).
* OAuth 1 Clients can now register custom signature methods (#239).
* Exposed new method oauthlib.oauth2.is_secure_transport that checks whether
the given URL is HTTPS. Checks using this method can be disabled by setting
the environment variable OAUTHLIB_INSECURE_TRANSPORT (#249).
* OAuth1 clients now has __repr__ and will be printed with secrets scrubbed.
* OAuth1 Client.get_oauth_params now takes an oauthlib.Request as an argument.
* urldecode will now raise a much more informative error message on
incorrectly encoded strings.
* Plenty of typo and other doc fixes.
- new dependency on PyJWT
OBS-URL: https://build.opensuse.org/request/show/242020
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-oauthlib?expand=0&rev=15
+ A number of small features and bug fixes.
- Changes from version 0.3.3:
+ OAuth 1 Provider verify now return useful params
- Changes from version 0.3.2:
+ Fixed#62, all Python 3 tests pass.
- Changes from version 0.3.1:
+ Python 3.1, 3.2, 3.3 support (experimental)
- Changes from version 0.3.0:
+ Initial OAuth 2 client support
- Changes from version 0.2.1:
+ Exclude non urlencoded bodies during request verification
- Changes from version 0.2.0:
+ OAuth provider support
- Changes from version 0.1.4:
+ soft dependency on PyCrypto
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-oauthlib?expand=0&rev=3
