Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Merge branch 'master' into oidc-userinfo | Jonathan Huot | 2019-07-04 | 6 | -7/+55 |
|\ | |||||
| * | Merge branch 'master' into 672-fix-null-expires-in | Jonathan Huot | 2019-07-04 | 1 | -0/+1 |
| |\ | |||||
| | * | Fix BackendApplicationClient.prepare_request_body | qporest | 2019-07-02 | 1 | -0/+1 |
| | | | | | | | | | Currently, if no `scope` is passed to `prepare_request_body`, None will be passed on to `prepare_token_request`, even if BackendApplicationClient was initialized with `scope`. | ||||
| * | | Merge branch 'master' into 672-fix-null-expires-in | Omer Katz | 2019-06-29 | 8 | -8/+58 |
| |\ \ | | |/ | |||||
| | * | Check for authorization response errors | Mark Gregson | 2019-06-06 | 1 | -3/+6 |
| | | | |||||
| | * | Enforce POST HTTP method on TokenEndpoint, IntrospectEndpoint and ↵ | Abhishek Patel | 2019-05-14 | 4 | -2/+28 |
| | | | | | | | | | | | | | | | | | | | | | | | | RevocationEndpoint - Add validation checks for HTTP method in TokenEndpoint, IntrospectEndpoint and RevocationEndpoint. - CHANGE DEFAULT HTTP method for TokenEndpoint from 'GET' to 'POST'. - Add tests + Fix an old test in . It used to send query params to TokenEndpoint which is not allowed anymore. Fixed it so payload is sent as POST body. | ||||
| | * | Ban all query parameters on Intropspection, Token and Revocation endpopoint | Abhishek Patel | 2019-05-14 | 1 | -8/+4 |
| | | | |||||
| | * | Add tests + create a global variable for blacklisted query parameters | Abhishek Patel | 2019-05-14 | 1 | -7/+9 |
| | | | |||||
| | * | Add validation check for presence of forbidden query parameters in OAuth2 ↵ | Abhishek Patel | 2019-05-14 | 4 | -1/+18 |
| | | | | | | | | | | | | TokenEndpoint, IntrospectionEndpoint and RevocationEndpoint | ||||
| * | | Handle null value in expires_in field in JSON handler | Josh Holmer | 2019-04-30 | 1 | -1/+4 |
| | | | | | | | | | | | | Closes #672 | ||||
* | | | Removed duplicated code for oauth2.BaseEndpoint | Jonathan Huot | 2019-05-13 | 1 | -48/+2 |
| |/ |/| | |||||
* | | Merge branch 'master' into 670-pkce-requestinfo | Jonathan Huot | 2019-05-07 | 2 | -2/+5 |
|\ \ | |||||
| * \ | Merge branch 'master' into patch-1 | Jonathan Huot | 2019-05-07 | 1 | -0/+3 |
| |\ \ | |||||
| | * \ | Merge branch 'master' into oidc-hashes | Jonathan Huot | 2019-04-23 | 4 | -35/+35 |
| | |\ \ | | | |/ | |||||
| | * | | Add technicals fields of `id_token` in oauthlib OIDC support | Jonathan Huot | 2019-02-28 | 1 | -0/+3 |
| | | | | | | | | | | | | | | | | A new RequestValidator `fill_id_token` has been introduced to replace `get_id_token`. It aims to have the bare minimum amount of fields to complete a full OIDC id_token support. `get_id_token` is still valid but optional, and if it is implemented, `fill_id_token` will not be called. The current `fill_id_token` came with full support of `aud`, `iat`, `nonce`, `at_hash` and `c_hash`. More could come in the future e.g. `auth_time`, ... | ||||
| | * | | Removed duplicated OIDC members in OAuth2.RequestValidator | Jonathan Huot | 2019-02-28 | 1 | -182/+0 |
| | | | | |||||
| * | | | token_type should be case insensitive | ume | 2019-05-01 | 1 | -2/+2 |
| | |/ | |/| | |||||
* | | | Fix 670. AuthCode API must return the new PKCE attribute670-pkce-requestinfo | Jonathan Huot | 2019-04-26 | 1 | -0/+3 |
|/ / | |||||
* | | fix include_client_id argument | Arjan Keeman | 2019-04-01 | 4 | -35/+35 |
| | | |||||
* | | Removed duplicated OIDC members in OAuth2.RequestValidator | Jonathan Huot | 2019-02-28 | 1 | -182/+0 |
|/ | |||||
* | Remove usage of "state" for code/token response. | Jonathan Huot | 2019-02-22 | 1 | -7/+1 |
| | |||||
* | Add clarity to the deprecation warning | Jonathan Huot | 2019-02-21 | 1 | -2/+2 |
| | |||||
* | Fix 652: removed "state" from /token response. | Jonathan Huot | 2019-02-20 | 6 | -15/+21 |
| | | | | | | Fix OIDC /token flow where &state=None was always returned, and fix OAuth2.0 /token flow where &state=foobar was returned if &state=foobar was present in the token request. Remove "save_token" from create_token() signature cuz it was not used internally. Deprecated the option to let upstream libraries have a chance to remove it, if ever used. | ||||
* | pep8 and docs | Duane King | 2019-01-24 | 1 | -13/+22 |
| | |||||
* | Fix 644, Add tests for BasicAuth credentials for all endpoints (#645) | Jonathan Huot | 2019-01-11 | 2 | -8/+8 |
| | | | Test Introspect, Revoke, Token (web, legacy, backend) endpoints with authenticate_client and HTTP Basic Auth. | ||||
* | Merge branch 'master' into dry-up-codedry-up-code | Jonathan Huot | 2018-12-20 | 1 | -9/+33 |
|\ | |||||
| * | Merge branch 'master' into add-metadata-doc | Jonathan Huot | 2018-12-16 | 4 | -15/+266 |
| |\ | |||||
| * | | Add OAuth2.0 Authorization Server Metadata documentation | Jonathan Huot | 2018-12-13 | 1 | -9/+33 |
| | | | |||||
* | | | Fix typo. | Omer Katz | 2018-12-17 | 3 | -3/+3 |
| | | | |||||
* | | | Merge branch 'master' into dry-up-code | Omer Katz | 2018-12-17 | 9 | -28/+308 |
|\ \ \ | | |/ | |/| | |||||
| * | | Fixed OAuth2 Metadata when using PKCE and OIDC.Server601-pkce-support | Jonathan Huot | 2018-12-14 | 1 | -1/+6 |
| | | | |||||
| * | | Fixed typo | Jonathan Huot | 2018-12-13 | 1 | -1/+1 |
| | | | |||||
| * | | Merge branch 'master' into 601-pkce-support | Jonathan Huot | 2018-12-13 | 12 | -19/+57 |
| |\ \ | | |/ | |||||
| | * | Merge branch 'master' into 264-status401 | Jonathan Huot | 2018-12-13 | 5 | -6/+15 |
| | |\ | |||||
| | * | | Add Content-Type and Cache headers to introspect/revocation errors | Jonathan Huot | 2018-12-13 | 2 | -7/+14 |
| | | | | |||||
| | * | | Add double-quotes to the key/values in WWW-Authenticate264-status401 | Jonathan Huot | 2018-12-12 | 1 | -3/+3 |
| | | | | |||||
| | * | | Used WWW-Authenticate and auth-param values as RFC6750 described it. | Jonathan Huot | 2018-12-12 | 7 | -14/+27 |
| | | | | | | | | | | | | | | | | It misses the possibility to add scope= and realm= at the moment, but it should be a step forward into the right direction. | ||||
| | * | | Handle 401 with WWW-Authenticate. Moved wrong 401 into 400. | Jonathan Huot | 2018-12-04 | 7 | -6/+15 |
| | | | | | | | | | | | | | | | | access_denied/unauthorized_client/consent_required/login_required MUST be 400, and not 401. Also, 401 MUST have WWW-Authenticate when set. It could have an impact of processing those in webframeworks. | ||||
| * | | | Add details on grant_type & implicit special case. | Jonathan Huot | 2018-12-13 | 1 | -0/+12 |
| | | | | |||||
| * | | | Replace temporary list by using clearer "extend" method | Jonathan Huot | 2018-12-13 | 1 | -1/+1 |
| | | | | |||||
| * | | | Merge pull request #624 from oauthlib/preconf-server-metadata | Jonathan Huot | 2018-12-11 | 1 | -3/+9 |
| |\ \ \ | | | | | | | | | | | Preconf server metadata | ||||
| | * | | | Add Server metadata test and fix metadata. | Jonathan Huot | 2018-11-30 | 1 | -3/+9 |
| | | | | | | | | | | | | | | | | | | | | Fix grant_types_supported which must include "implicit" even if it is not a grant_type in oauthlib sense. Removed internal "none" field value from the list of response_types. | ||||
| * | | | | Merge branch 'master' into 601-pkce-support | Jonathan Huot | 2018-12-11 | 1 | -1/+3 |
| |\ \ \ \ | | |/ / / | |/| / / | | |/ / | |||||
| * | | | Add OAuth2 Provider Server Metadata for PKCE. | Jonathan Huot | 2018-11-30 | 1 | -0/+2 |
| | | | | |||||
| * | | | Initial OAuth2.0/PKCE Provider support | Jonathan Huot | 2018-11-29 | 3 | -12/+238 |
| | | | | |||||
* | | | | Extract raising on unsupported token. | Omer Katz | 2018-12-17 | 3 | -11/+10 |
| | | | | |||||
* | | | | Extract raising error on client auth failure. | Omer Katz | 2018-12-17 | 3 | -21/+15 |
| | | | | |||||
* | | | | Raise error on missing token. | Omer Katz | 2018-12-17 | 3 | -9/+11 |
| | | | | |||||
* | | | | Extract redirect handling to a common method. | Omer Katz | 2018-12-17 | 3 | -70/+59 |
| | | | | |||||
* | | | | Extract default grant headers to helper method. | Omer Katz | 2018-12-17 | 5 | -21/+13 |
| |_|/ |/| | |