diff options
author | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2019-02-20 14:30:03 +0100 |
---|---|---|
committer | Jonathan Huot <jonathan.huot@thomsonreuters.com> | 2019-07-04 11:14:48 +0200 |
commit | cb6af4b44da264613250cb3d99be420dbeb8e268 (patch) | |
tree | 6d9384950ef88e24511dfcd3254a3bfe5a523a70 /CHANGELOG.rst | |
parent | 575638ce7ddb8727e08980235ccd82152af85703 (diff) | |
download | oauthlib-cb6af4b44da264613250cb3d99be420dbeb8e268.tar.gz |
Fix 652: removed "state" from /token response.
Fix OIDC /token flow where &state=None was always returned, and fix OAuth2.0 /token flow where &state=foobar was returned if &state=foobar was present in the token request.
Remove "save_token" from create_token() signature cuz it was not used internally. Deprecated the option to let upstream libraries have a chance to remove it, if ever used.
Diffstat (limited to 'CHANGELOG.rst')
-rw-r--r-- | CHANGELOG.rst | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 2cc0dd3..9e0efda 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -1,6 +1,14 @@ Changelog ========= +TBD +------------------ +* #652: Fixed OIDC /token response which wrongly returned "&state=None" + +3.0.1 (2019-01-24) +------------------ +* Fixed OAuth2.0 regression introduced in 3.0.0: Revocation with Basic auth no longer possible #644 + 3.0.0 (2019-01-01) ------------------ OAuth2.0 Provider - outstanding Features |