summaryrefslogtreecommitdiff
path: root/docs
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'master' into masterJonathan Huot2018-10-044-5/+57
|\
| * Correct capitalization of PyPIJon Dufresne2018-09-161-1/+1
| | | | | | | | As spelled on https://pypi.org/.
| * Remove last remaining G+ reference. (#598)Pieter Ennes2018-09-152-4/+4
| | | | | | (Cherry picked from f3ae98cef91e140b10d25fbd496622d879cc0c0c)
| * idea for documentation in contributing.rstjonathan vanasco2018-09-111-0/+52
| |
* | Mention `oauth_body_hash` in OAuth1 client docsJordan2018-08-301-3/+11
|/ | | | | While the previous documentation was not wrong in that non-formencoded data are not included in the signature for traditional OAuth1 service providers, the library does still include an `oauth_body_hash` for non-formencoded data. Update the documentation to include mention of the `oauth_body_hash` with a notice that validation of said parameter may not be supported by all service providers, but will nevertheless provide an additional integrity check for those that do support it.
* Replaced NCoC with Django CoCJonathan Huot2018-08-171-4/+7
|
* Merge branch 'master' into community_rulesJonathan Huot2018-08-134-11/+131
|\
| * Merge branch 'master' into docs-jwtJonathan Huot2018-08-106-18/+33
| |\
| * | Added access_token as JWT examples, and updated JWT grant sectionJonathan Huot2018-08-104-11/+131
| | | | | | | | | | | | A confusion between JWT as token and as authentication mechanism was introduced long-time back and I tried to make a bit of clarity to not confuse again the newcomers.
* | | Add NCoC and Code of meritJonathan Huot2018-08-131-0/+22
| |/ |/|
* | Fixed bad copy/pasteJonathan Huot2018-08-101-2/+2
| |
* | Updated python versionsJonathan Huot2018-08-101-1/+1
| |
* | Added upstream test as best practiceJonathan Huot2018-08-101-0/+11
| |
* | Mention our "extra" flags somewhere.Jonathan Huot2018-08-101-2/+6
| |
* | Removed last occurences of G+ with GitterJonathan Huot2018-08-103-7/+7
| |
* | Fixed typoJonathan Huot2018-08-101-5/+5
| |
* | Added credits to Idan & team.Jonathan Huot2018-08-101-1/+1
|/
* Merge branch 'master' into oauth2-introspectPieter Ennes2018-05-2615-33/+49
|\
| * Use secrets module in Python 3.6 and later (#533)Olaf Conradi2018-04-131-5/+7
| | | | | | | | | | | | | | | | | | The secrets module should be used for generating cryptographically strong random numbers suitable for managing data such as passwords, account authentication, security tokens, and related secrets. In particularly, secrets should be used in preference to the default pseudo-random number generator in the random module, which is designed for modelling and simulation, not security or cryptography.
| * Fix ReadTheDocs build (#521)Jonathan Huot2018-03-181-2/+1
| |
| * Rtd docs fix (#515)Jonathan Huot2018-02-2813-19/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added sphinx build for developers Rationale is to build docs locally to prevent RTD to break later. * Replace manual sphinx into make * Renamed idan URL to oauthlib community * Renamed http into https URLs since http is returning 302 * python requests library renamed its home URL * Add ignore list for "make linkcheck" linkcheck is doing requests to github with anonymous access, however creating an issue require an logged-in account * virtualenv changed its homepage and website. * Fixed broken link
| * Added bottle-oauthlib (#509)Jonathan Huot2018-01-023-7/+20
| |
* | Added initial introspect supportJonathan Huot2017-12-183-1/+32
|/
* Sorted imports.Omer Katz2017-09-171-2/+4
|
* Documented PyJWT dependency for RSA-SHA1 signatures.Hoylen Sue2017-08-012-8/+9
|
* Fixed client.rstAj2017-03-061-1/+1
| | | Fixed grammar on line 7.
* Updated docs for custom validatorsBrendan McCollam2016-12-222-1/+7
|
* Docs for custom validator registrationBrendan McCollam2016-12-225-0/+10
|
* Merge pull request #416 from joelstevenson/openid_connectOmer Katz2016-08-285-0/+41
|\ | | | | Openid connect
| * Move the claims handling into OpenIDConnectBase._inflate_claims() and a new ↵Joel Stevenson2016-08-185-0/+41
| | | | | | | | | | | | AuthCodeGrantDispatcher to route requests to either the default AuthorizationCodeGrant or OpenIDConnectAuthCode depending on scope when the request's response_type is a simple (ambiguous) 'code'. Include basic docs about OpenID Connect auth flow support
* | Convert readthedocs link for their .org -> .io migration for hosted projects ↵Adam Chainz2016-05-311-1/+1
| | | | | | | | | | | | | | | | | | (#427) As per [their blog post of the 27th April](https://blog.readthedocs.com/securing-subdomains/) ‘Securing subdomains’: > Starting today, Read the Docs will start hosting projects from subdomains on the domain readthedocs.io, instead of on readthedocs.org. This change addresses some security concerns around site cookies while hosting user generated data on the same domain as our dashboard. Test Plan: Manually visited all the links I’ve modified.
* | access -> accessedThomas Bartelmess2016-04-131-1/+1
|/
* Code ident in server docYohan Boniface2015-10-261-8/+8
|
* Merge pull request #325 from djmitche/token_generator_fixOmer Katz2015-07-191-1/+3
|\ | | | | Fix documentation for token_generator signature
| * Fix documentation for token_generator signatureDustin J. Mitchell2015-02-271-1/+3
| |
* | Merge pull request #326 from CoolGoose/patch-2Omer Katz2015-07-191-1/+3
|\ \ | | | | | | fix method params and clarify oauth_protected
| * | fix method params and clarify oauth_protectedAlexandru Bucur2015-03-011-1/+3
| |/
* | more code indent issuesCal Leeming2015-06-191-63/+63
| |
* | Support newer PyJWT (1.0.0). remove PyCrypto completely for cryptography and ↵Joseph Tate2015-04-143-28/+20
| | | | | | | | PyJWT helpers. Reformat some test certificates to be easier to maintain. Update documentation to match use of cryptography instead of PyCrypto
* | Merge pull request #303 from shuisman/patch-1Ib Lundgren2015-04-021-1/+1
|\ \ | | | | | | Fix documentation
| * | Fix documentationshuisman2014-12-091-1/+1
| |/ | | | | typo
* | precise oauth1 client workflowst4lk2015-03-261-3/+4
|/
* updated token endpoint documentation to reflect current behavior,the token ↵Enrique Garcia2014-10-271-4/+1
| | | | contains a string with the scopes separated by spaces
* Docs updates recovered from a broken git repo.Ib Lundgren2014-10-238-20/+183
| | | | | | | | | | | | | | Draft release process doc to try force myself into more structured releases in the future. A few initial notes on how to report errors. Added a few common exceptions to the FAQ. Removed supported versions from feature matrix. They are all available in setup.py metadata. Move JWT tokens to grant types where it (confusingly) belongs.
* Fetch docs version from oauthlib.__version__Ib Lundgren2014-10-231-3/+4
|
* Document environment variablesDavid Baumgold2014-10-163-25/+45
|
* Add documentation of OAUTHLIB_STRICT_TOKEN_TYPEChad Whitacre2014-09-221-0/+9
|
* Create Signature Only OAuth1 EndpointRyan Hiebert2014-09-112-0/+6
| | | | | | | | | | | | | | In certain cases a provider may wish to verify the signature of an oauth request without doing anything more with it. Learning Tools Interoperability (LTI), for example, uses "0-legged OAuth" for it's signature verification process. http://www.imsglobal.org/lti/ http://andyfmiller.com/2013/02/10/does-lti-use-oauth/ This adds a new ``SignatureOnlyEndpoint`` that implements only the client validation and signature verification, and leaves off the other parts that would need to be validated.
* Removed mention of django-oauth-toolkit from oauth1 server docs.Kirill Spitsin2014-04-151-2/+0
| | | django-oauth-tools doesn't seem to support oauth1.
* Fixing some typosKevin O'Connor2014-02-129-15/+15
|
View Lorry Controller Status