python-oauthlib/python-oauthlib.changes

-------------------------------------------------------------------
Wed Apr 22 09:38:29 UTC 2015 - mcihar@suse.cz

- Update to 0.7.2:
  * (Quick fix) Unpushed locally modified files got included in the PyPI 0.7.1
    release. Doing a new clean release to address this. Please upgrade quickly
    and report any issues you are running into.
  * (Quick fix) Add oauthlib.common.log object back in for libraries using it.
  * (Change) OAuth2 clients will not raise a Warning on scope change if
    the environment variable ``OAUTHLIB_RELAX_TOKEN_SCOPE`` is set. The token
    will now be available as an attribute on the error, ``error.token``.
    Token changes will now also be announced using blinker.
  * (Fix/Feature) Automatic fixes of non-compliant OAuth2 provider responses (e.g. Facebook).
  * (Fix) Logging is now tiered (per file) as opposed to logging all under ``oauthlib``.
  * (Fix) Error messages should now include a description in their message.
  * (Fix/Feature) Optional support for jsonp callbacks after token revocation.
  * (Feature) Client side preparation of OAuth 2 token revocation requests.
  * (Feature) New OAuth2 client API methods for preparing full requests.
  * (Feature) OAuth1 SignatureOnlyEndpoint that only verifies signatures and client IDs.
  * (Fix/Feature) Refresh token grant now allow optional refresh tokens.
  * (Fix) add missing state param to OAuth2 errors.
  * (Fix) add_params_to_uri now properly parse fragment.
  * (Fix/Feature) All OAuth1 errors can now be imported from oauthlib.oauth1.
  * (Fix/Security) OAuth2 logs will now strip client provided password, if present.
  * Allow unescaped @ in urlencoded parameters.
- New dependency on python-blinker
- Add pycrypto.patch to be compatible with latest PyJWT

-------------------------------------------------------------------
Wed Jul 23 13:29:30 UTC 2014 - mcihar@suse.cz

- Update to version 0.6.3:
  + 0.6.3: 
    * Quick fix. OAuth 1 client repr in 0.6.2 overwrote secrets when
      scrubbing for print.
  + 0.6.2: 
    * Numerous OAuth2 provider errors now suggest a status code of 401 instead
      of 400 (#247.
    * Added support for JSON web tokens with oauthlib.common.generate_signed_token.
      Install extra dependency with oauthlib[signedtoken] (#237).
    * OAuth2 scopes can be arbitrary objects with __str__ defined (#240).
    * OAuth 1 Clients can now register custom signature methods (#239).
    * Exposed new method oauthlib.oauth2.is_secure_transport that checks whether
      the given URL is HTTPS. Checks using this method can be disabled by setting
      the environment variable OAUTHLIB_INSECURE_TRANSPORT (#249).
    * OAuth1 clients now has __repr__ and will be printed with secrets scrubbed.
    * OAuth1 Client.get_oauth_params now takes an oauthlib.Request as an argument.
    * urldecode will now raise a much more informative error message on
      incorrectly encoded strings.
    * Plenty of typo and other doc fixes.
- new dependency on PyJWT

-------------------------------------------------------------------
Sun Apr 13 17:25:38 UTC 2014 - p.drouand@gmail.com

- Update to version 0.6.1
  + (OAuth 2 Provider) is_within_original_scope to check whether a
    refresh token is trying to aquire a new set of scopes that are 
    a subset of the original scope.
  + (OAuth 2 Provider) expires_in token lifetime can be set per request.
  + (OAuth 2 Provider) client_authentication_required method added to
    differentiate between public and confidential clients.
  + (OAuth 2 Provider) rotate_refresh_token now indicates whether a 
    new refresh token should be generated during token refresh or 
    if old should be kept.
  + (OAuth 2 Provider) returned JSON headers no longer include charset.
  + (OAuth 2 Provider) validate_authorizatoin_request now also includes
    the internal request object in the returned dictionary. Note that
    this is not meant to be relied upon heavily and its interface might
    change.
  + many style and typo fixes.

-------------------------------------------------------------------
Tue Jan 21 08:47:36 UTC 2014 - dmueller@suse.com

- use pycrypto, not python-rsa 

-------------------------------------------------------------------
Mon Jan 20 10:22:53 UTC 2014 - speilicke@suse.com

- Add pycrypto requirement for "rsa" submodule

-------------------------------------------------------------------
Fri Nov  1 11:22:43 UTC 2013 - p.drouand@gmail.com

- Update to version 0.6.0
  + All endpoint methods change contract to return 3 values instead
    of 4. The new signature is `headers`, `body`, `status code` where
    the initial `redirect_uri` has been relocated to its rightful place
    inside headers as `Location`.
  + OAuth 1 Access Token Endpoint has a new required validator method 
    `invalidate_request_token`.
  + OAuth 1 Authorization Endpoint now returns a 200 response instead
    of 302 on `oob` callbacks.
- Changes from version 0.5.1
  + OAuth 1 provider fix for incorrect token param in nonce validation.
- Changes from version 0.5.0
  + OAuth 1 provider refactor. OAuth 2 refresh token validation fix.
- Changes from version 0.4.2
  + OAuth 2 draft to RFC. Removed OAuth 2 framework decorators.
- Changes from version 0.4.1
  + Documentation corrections and various small code fixes.
- Changes from version 0.4.0
  + OAuth 2 Provider support (experimental).
- Changes from version 0.3.8
  + OAuth 2 Client now uses custom errors and raise on expire
- Changes from version 0.3.7
  + OAuth 1 optional encoding of Client.sign return values
- Changes from version 0.3.6
  + Revert default urlencoding.
- Changes from version 0.3.5
  + Default unicode conversion (utf-8) and urlencoding of input.

-------------------------------------------------------------------
Thu Oct 24 11:09:35 UTC 2013 - speilicke@suse.com

- Require python-setuptools instead of distribute (upstreams merged)

-------------------------------------------------------------------
Fri Nov 23 11:19:03 UTC 2012 - saschpe@suse.de

- Update to version 0.3.4:
  + A number of small features and bug fixes.
- Changes from version 0.3.3:
  + OAuth 1 Provider verify now return useful params
- Changes from version 0.3.2:
  + Fixed #62, all Python 3 tests pass.
- Changes from version 0.3.1:
  + Python 3.1, 3.2, 3.3 support (experimental)
- Changes from version 0.3.0:
  + Initial OAuth 2 client support
- Changes from version 0.2.1:
  + Exclude non urlencoded bodies during request verification
- Changes from version 0.2.0:
  + OAuth provider support
- Changes from version 0.1.4:
  + soft dependency on PyCrypto  

-------------------------------------------------------------------
Fri May 18 00:49:08 UTC 2012 - jfunk@funktronics.ca

- Initial release