| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
reference (#556)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Add command to clean up builds to makefile
* Fix docs strings for endpoints pre_configured
* Chnage grant_types.openid_connect to include a deprecation warning be a backward compatible
* Fix doc string for rfc6749.request_validator
* Remove unused import
* Change import to be explicity
* Move JWTTokenTestCase to openid.connect.core.test_token
* Move JWTToken to oauthlib.openid.connect.core.tokens
* Move to openid connect test
* Move openid connect exceptions to its own file
* Remove openid connect from oauth2 server
* Remove JWTToken from oauth tokens
* Remove grant_types.openid_connect file
* Add oauthlib/openid estructure and tests
|
| | | |
|
| | |\ |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | | |
(cherry picked from commit 5c76855)
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | | |
Fixed some copy and paste typos, see issue #532.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The secrets module should be used for generating cryptographically
strong random numbers suitable for managing data such as passwords,
account authentication, security tokens, and related secrets.
In particularly, secrets should be used in preference to the default
pseudo-random number generator in the random module, which is
designed for modelling and simulation, not security or cryptography.
|
| | | | |
|
| | | |
| | |
| | |
| | | |
(cherry picked from commit 67ebd7a)
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Added sphinx build for developers
Rationale is to build docs locally to prevent RTD to break later.
* Replace manual sphinx into make
* Renamed idan URL to oauthlib community
* Renamed http into https URLs since http is returning 302
* python requests library renamed its home URL
* Add ignore list for "make linkcheck"
linkcheck is doing requests to github with anonymous access, however creating an issue require an logged-in account
* virtualenv changed its homepage and website.
* Fixed broken link
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Add JWT token with it the server knows how to validate this new type of token in resource requests
* Change find_token_type sorted function to reverse result and choose the valued estimated token handler
* Add validate_id_token method to RequestValidator
* Added unittest for JWTToken model
* Updated version of Mock
* Add get_jwt_bearer_token and validate_jwt_bearer_token oauthlib.oauth2.RequestValidator and change oauthlib.oauth2.tokens JWTToken to use it
* Change to improve token type estimate test
* Add a note in RequestValidator.validate_jwt_bearer_token about error 5xx rather 4xx
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Previously, cliend_id was always included in the request body
in the Authorization Code flow and the client_id parameter
was ignored in contradiction with the docs.
Fixes #495
|
| | | | |
|
| | | | |
|
| | |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Add support for HMAC-SHA256
* Add explicit declaration of HMAC-SHA1 and point HMAC at it
To avoid confusion, HMAC constant name should explicitly state which SHA variant is used, but for backwards compatibility, SIGNATURE_HMAC is still needed
* add support for HMAC-SHA256 including tests and comments
* constructor tests verify client built with correct signer method
|
| | |
| |
| |
| |
| |
| | |
* Check access token in self.token dict
* fix typo
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Change create_token_response to only save access_token when it's present in request.response_type
* Remove unused import, fix indentation and improve comment
* Fix AuthorizationEndpoint response_type for OpenID Connect hybrid flow
* Add new ImplicitTokenGrantDispatcher
Changes AuthorizationEndpoint response_type `'token'`, `'id_token'` and
`'id_token token'` to work with OpenID Connect and OAuth2 implicit flow
in a transparent way
* Add new AuthTokenGrantDispatcher
Change AuthorizationEndpoint grant_types `'authorization_code'` to work with
OpenID Connect and OAuth2 authorization flow in a transparent way
* Change tests to include required client_id and redirect_uri
* Remove AuthorizationEndpoint grant_types `'openid'`
Now OpenID Connect and OAuth2 authorization flow can use `authorization_code`
in a transparent way
* Add sone blank lines and fix indentation
* Change AuthorizationEndpoint grant type id_token and id_token token to use openid_connect_implicit direct
* Change default empty value to None and fix a typo
* Add assert called to AuthTokenGrantDispatcher tests
* Add request to get_authorization_code_scopes
|
| | | |
|
| | |
| |
| |
| | |
Fix #431. The inherent function "raise_from_error" is called when "error=" is found in the payload. So it MUST raise something, and until now, only RFC errors were raised.
|
| | | |
|
| | |
| |
| |
| | |
(cherry picked from commit 0b6f7e2)
|
| | |
| |
| |
| | |
(cherry picked from commit 657065d)
|
| | |
| |
| |
| |
| |
| | |
Fixed some copy and paste typos, see issue #532.
(cherry picked from commit 1b3498a)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The secrets module should be used for generating cryptographically
strong random numbers suitable for managing data such as passwords,
account authentication, security tokens, and related secrets.
In particularly, secrets should be used in preference to the default
pseudo-random number generator in the random module, which is
designed for modelling and simulation, not security or cryptography.
(cherry picked from commit d21fd53)
|
| | |
| |
| |
| | |
(cherry picked from commit d49b9f0)
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Added sphinx build for developers
Rationale is to build docs locally to prevent RTD to break later.
* Replace manual sphinx into make
* Renamed idan URL to oauthlib community
* Renamed http into https URLs since http is returning 302
* python requests library renamed its home URL
* Add ignore list for "make linkcheck"
linkcheck is doing requests to github with anonymous access, however creating an issue require an logged-in account
* virtualenv changed its homepage and website.
* Fixed broken link
(cherry picked from commit 32e5ad1)
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* Check access token in self.token dict
* fix typo
(cherry picked from commit fa0b63c)
|
| | | |
|
| | | |
|
| |/ |
|
| |
|
|
| |
raised (used by Flask_OAuthlib)
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |\
| |
| | |
Changed all implicit imports * with explicit classes imports
|
