| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Adding support for RSA-SHA256.
* Added support for HMAC-SHA512, RSA-SHA256 and RSA-SHA512 signature methods.
* Made version dependencies consistent.
* Updated OAuth1 signature tests.
* Fixed parsing of netloc/host. Deprecated old functions.
* Refactored and expanded tests to include signature validate.
* Update docs for HMAC-SHA512, RSA-SHA256 and RSA-SHA512 signature methods.
* Updated code comments in oauth1 signatures module.
* Updated changelog.
* Update docs/feature_matrix.rst
Co-Authored-By: Omer Katz <omer.drow@gmail.com>
* Used parenthesis instead of backslash to break lines.
* Fixed typo
Co-authored-by: Omer Katz <omer.drow@gmail.com>
Co-authored-by: Omer Katz <omer.drow@gmail.com>
|
|
|
|
|
|
|
|
|
| |
* Update setup.py
* remove un needed python 2 codes
* remove un needed python 2 codes
* remove un needed python 2 codes
|
| |
|
| |
|
|\ |
|
| |
| |
| |
| |
| |
| | |
examples and expected results set out in the RFC doc.
Fixes https://github.com/oauthlib/oauthlib/issues/695
|
| | |
|
| | |
|
| | |
|
|/ |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
The type 'bytes' is available on all supported Pythons. Likewise the
byte literal b'...' is available on all supported Pythons. Use idiomatic
Python and remove workaround for an issue that no longer exists. Makes
the code more forward compatible with Python 3.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Added sphinx build for developers
Rationale is to build docs locally to prevent RTD to break later.
* Replace manual sphinx into make
* Renamed idan URL to oauthlib community
* Renamed http into https URLs since http is returning 302
* python requests library renamed its home URL
* Add ignore list for "make linkcheck"
linkcheck is doing requests to github with anonymous access, however creating an issue require an logged-in account
* virtualenv changed its homepage and website.
* Fixed broken link
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add support for HMAC-SHA256
* Add explicit declaration of HMAC-SHA1 and point HMAC at it
To avoid confusion, HMAC constant name should explicitly state which SHA variant is used, but for backwards compatibility, SIGNATURE_HMAC is still needed
* add support for HMAC-SHA256 including tests and comments
* constructor tests verify client built with correct signer method
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
When running tests, fixes warnings of the form:
.../oauthlib/oauthlib/oauth1/rfc5849/utils.py:56: BytesWarning: str() on a bytes instance
|
| |
|
| |
|
| |
|
|\
| |
| | |
fixed docsting on `invalidate_request_token`
|
| | |
|
|/ |
|
|
|
|
|
| |
In python 3 hashlib works on bytestrings, so we need to encode arguments
to most, if not all, hashing functions.
|
|\
| |
| | |
Providing `oauth_body_hash` for bodies on non-form-encoded requests
|
| | |
|
|\ \
| | |
| | | |
Error description in InvalidRequestError should be oauth1 not oauth2
|
| |/ |
|
| | |
|
| |
| |
| |
| | |
PyJWT helpers. Reformat some test certificates to be easier to maintain. Update documentation to match use of cryptography instead of PyCrypto
|
|\ \
| | |
| | | |
Fix docs - python-rsa is not used
|
| |/ |
|
|/
|
|
|
|
|
|
| |
Content-Type should be application/x-www-form-urlencoded when the
request to sign has a body. If it's not the case a ValueError was raised
saying Content-Type was missing, while it actually could just be wrongly
set (e.g. to application/json). Fix the error message to reflect the
real problem: expected & given Content-Type.
|
| |
|
|
|
|
|
|
| |
Errors were not initialised and thus no message would be
included. Changed to now include the error label, description
and request details.
|
|
|
|
|
|
|
| |
Rather than have all logging under oauthlib we now have it
per file using __name__. Users who wish to enable or disable
all logging can still do so by enabling or disabling the
oauthlib logging namespace.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In certain cases a provider may wish to verify the signature of an
oauth request without doing anything more with it. Learning Tools
Interoperability (LTI), for example, uses "0-legged OAuth" for it's
signature verification process.
http://www.imsglobal.org/lti/
http://andyfmiller.com/2013/02/10/does-lti-use-oauth/
This adds a new ``SignatureOnlyEndpoint`` that implements only the
client validation and signature verification, and leaves off the other
parts that would need to be validated.
|
| |
|