| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
| |
* Add support for HMAC-SHA256
* Add explicit declaration of HMAC-SHA1 and point HMAC at it
To avoid confusion, HMAC constant name should explicitly state which SHA variant is used, but for backwards compatibility, SIGNATURE_HMAC is still needed
* add support for HMAC-SHA256 including tests and comments
* constructor tests verify client built with correct signer method
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In certain cases a provider may wish to verify the signature of an
oauth request without doing anything more with it. Learning Tools
Interoperability (LTI), for example, uses "0-legged OAuth" for it's
signature verification process.
http://www.imsglobal.org/lti/
http://andyfmiller.com/2013/02/10/does-lti-use-oauth/
This adds a new ``SignatureOnlyEndpoint`` that implements only the
client validation and signature verification, and leaves off the other
parts that would need to be validated.
|
| |
|
|
|
|
|
|
| |
Docstrings are considered as such by python only if they are the first
statement in the file/block. Even if they are preceded by a
`from __future__` import they are interpreted as just a string.
|
| |
|
| |
|
|
|
|
|
|
| |
These are mostly unicode string related changes and a few syntax ones.
https://github.com/idan/oauthlib/issues/55
|
|
|