| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Add testcase for prepare_token_request()
* Add testcase for InsecureTransportError in add_token()
* Fix typo in testcase of add_token() for MAC token type
* Add testcase for TokenExpiredError in add_token()
* Add testcase for prepare_request_body without private key
* Add testcase for optional kwargs in prepare_request_body()
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| | |
Fixed some copy and paste typos, see issue #532.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
The secrets module should be used for generating cryptographically
strong random numbers suitable for managing data such as passwords,
account authentication, security tokens, and related secrets.
In particularly, secrets should be used in preference to the default
pseudo-random number generator in the random module, which is
designed for modelling and simulation, not security or cryptography.
|
| | | |
|
| |\ \
| | |
| | | |
Merge 2.0.7 back to master
|
| | | |
| | |
| | |
| | | |
(cherry picked from commit e7b906a)
|
| |/ /
| |
| |
| | |
(cherry picked from commit 67ebd7a)
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
* Fix indentation in Travis config.
* Fill GitHub OAuth key.
* Deploy tags from all branches.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Added sphinx build for developers
Rationale is to build docs locally to prevent RTD to break later.
* Replace manual sphinx into make
* Renamed idan URL to oauthlib community
* Renamed http into https URLs since http is returning 302
* python requests library renamed its home URL
* Add ignore list for "make linkcheck"
linkcheck is doing requests to github with anonymous access, however creating an issue require an logged-in account
* virtualenv changed its homepage and website.
* Fixed broken link
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Add JWT token with it the server knows how to validate this new type of token in resource requests
* Change find_token_type sorted function to reverse result and choose the valued estimated token handler
* Add validate_id_token method to RequestValidator
* Added unittest for JWTToken model
* Updated version of Mock
* Add get_jwt_bearer_token and validate_jwt_bearer_token oauthlib.oauth2.RequestValidator and change oauthlib.oauth2.tokens JWTToken to use it
* Change to improve token type estimate test
* Add a note in RequestValidator.validate_jwt_bearer_token about error 5xx rather 4xx
|
| | |
| |
| |
| |
| |
| | |
Previously, cliend_id was always included in the request body
in the Authorization Code flow and the client_id parameter
was ignored in contradiction with the docs.
Fixes #495
|
| | | |
|
| | | |
|
| | | |
|
| |/ |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Add support for HMAC-SHA256
* Add explicit declaration of HMAC-SHA1 and point HMAC at it
To avoid confusion, HMAC constant name should explicitly state which SHA variant is used, but for backwards compatibility, SIGNATURE_HMAC is still needed
* add support for HMAC-SHA256 including tests and comments
* constructor tests verify client built with correct signer method
|
| |
|
|
|
|
| |
* Check access token in self.token dict
* fix typo
|
| |
|
|
|
|
|
|
| |
For Travis CI documentation on including a bdist_wheel distribution,
see:
https://docs.travis-ci.com/user/deployment/pypi/#Uploading-different-distributions
Fixes #493
|
| |
|
|
|
|
|
| |
The wheel package format supports including the license file. This is
done using the [metadata] section in the setup.cfg file. For additional
information on this feature, see:
https://wheel.readthedocs.io/en/stable/index.html#including-the-license-in-the-generated-wheel-file
|
| | |
|
| | |
|
| |
|
|
| |
This is due to https://github.com/pyca/cryptography/pull/3970
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Change create_token_response to only save access_token when it's present in request.response_type
* Remove unused import, fix indentation and improve comment
* Fix AuthorizationEndpoint response_type for OpenID Connect hybrid flow
* Add new ImplicitTokenGrantDispatcher
Changes AuthorizationEndpoint response_type `'token'`, `'id_token'` and
`'id_token token'` to work with OpenID Connect and OAuth2 implicit flow
in a transparent way
* Add new AuthTokenGrantDispatcher
Change AuthorizationEndpoint grant_types `'authorization_code'` to work with
OpenID Connect and OAuth2 authorization flow in a transparent way
* Change tests to include required client_id and redirect_uri
* Remove AuthorizationEndpoint grant_types `'openid'`
Now OpenID Connect and OAuth2 authorization flow can use `authorization_code`
in a transparent way
* Add sone blank lines and fix indentation
* Change AuthorizationEndpoint grant type id_token and id_token token to use openid_connect_implicit direct
* Change default empty value to None and fix a typo
* Add assert called to AuthTokenGrantDispatcher tests
* Add request to get_authorization_code_scopes
|
| |\
| |
| | |
initialization of variable
|
| |/
|
|
| |
raised (used by Flask_OAuthlib)
|
| |\
| |
| | |
Pass through nonce in code flow
|
| | | |
|
| | | |
|
| |/ |
|
| | |
|
| | |
|
| | |
|
