Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Make grants public attributes of pre_configured server class (#613) | Ivan Anishchuk | 2019-10-22 | 2 | -70/+70 |
| | | | | To make registering hooks without custom server class easier. | ||||
* | Merge branch 'master' into doc-improvement | Jonathan Huot | 2019-08-30 | 62 | -284/+102 |
|\ | |||||
| * | Merge branch 'master' into rm-2.7 | Omer Katz | 2019-08-29 | 1 | -2/+2 |
| |\ | |||||
| * | | The future is now | Hugo | 2019-08-15 | 58 | -116/+0 |
| | | | |||||
| * | | Drop support for legacy Python 2.7 | Hugo | 2019-08-15 | 9 | -53/+13 |
| | | | |||||
| * | | Upgrade Python syntax with pyupgrade | Hugo | 2019-08-15 | 28 | -60/+60 |
| | | | |||||
| * | | Drop support for legacy Python 2.7 | Hugo | 2019-08-15 | 8 | -57/+31 |
| | | | |||||
* | | | Merge branch 'master' into doc-improvement | Omer Katz | 2019-08-26 | 1 | -2/+2 |
|\ \ \ | | |/ | |/| | |||||
| * | | Fix tests for OAuth1 signature basestring generation, to better align with ↵ | Ashley Sommer | 2019-08-14 | 1 | -2/+2 |
| |/ | | | | | | | | | | | examples and expected results set out in the RFC doc. Fixes https://github.com/oauthlib/oauthlib/issues/695 | ||||
* | | Extended the requirements of the authenticate_client method documentation. | Zsolt Balint | 2019-08-10 | 1 | -0/+11 |
|/ | |||||
* | Change version to -dev | Jonathan Huot | 2019-08-06 | 1 | -1/+1 |
| | |||||
* | Merge branch 'master' into release-3.1.0 | Jonathan Huot | 2019-08-05 | 8 | -51/+186 |
|\ | |||||
| * | Merge branch 'master' into oidc-userinfooidc-userinfo | Jonathan Huot | 2019-08-01 | 2 | -2/+35 |
| |\ | |||||
| | * | add HMAC-SHA256 signature validation | Hamish Moffatt | 2019-07-25 | 2 | -2/+35 |
| | | | |||||
| * | | Merge branch 'master' into oidc-userinfo | Jonathan Huot | 2019-07-19 | 1 | -1/+1 |
| |\ \ | | |/ | |||||
| * | | Merge branch 'master' into oidc-userinfo | Jonathan Huot | 2019-07-04 | 6 | -7/+55 |
| |\ \ | |||||
| * | | | Add UserInfoEndpoint to the OIDC Provider support. | Jonathan Huot | 2019-05-13 | 5 | -1/+149 |
| | | | | |||||
| * | | | Removed duplicated code for oauth2.BaseEndpoint | Jonathan Huot | 2019-05-13 | 1 | -48/+2 |
| | | | | |||||
* | | | | Bump to 3.1.0 | Jonathan Huot | 2019-07-19 | 1 | -1/+1 |
| |_|/ |/| | | |||||
* | | | Bump version | Jonathan Huot | 2019-07-19 | 1 | -1/+1 |
| | | | |||||
* | | | Merge branch 'master' into release-3.0.2release-3.0.2 | Jonathan Huot | 2019-07-19 | 22 | -278/+375 |
|\ \ \ | | |/ | |/| | |||||
| * | | Merge branch 'master' into 672-fix-null-expires-in | Jonathan Huot | 2019-07-04 | 1 | -0/+1 |
| |\ \ | |||||
| | * | | Fix BackendApplicationClient.prepare_request_body | qporest | 2019-07-02 | 1 | -0/+1 |
| | | | | | | | | | | | | Currently, if no `scope` is passed to `prepare_request_body`, None will be passed on to `prepare_token_request`, even if BackendApplicationClient was initialized with `scope`. | ||||
| * | | | Merge branch 'master' into 672-fix-null-expires-in | Omer Katz | 2019-06-29 | 13 | -22/+245 |
| |\ \ \ | | |/ / | |||||
| | * | | Check for authorization response errors | Mark Gregson | 2019-06-06 | 1 | -3/+6 |
| | | | | |||||
| | * | | Enforce POST HTTP method on TokenEndpoint, IntrospectEndpoint and ↵ | Abhishek Patel | 2019-05-14 | 4 | -2/+28 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RevocationEndpoint - Add validation checks for HTTP method in TokenEndpoint, IntrospectEndpoint and RevocationEndpoint. - CHANGE DEFAULT HTTP method for TokenEndpoint from 'GET' to 'POST'. - Add tests + Fix an old test in . It used to send query params to TokenEndpoint which is not allowed anymore. Fixed it so payload is sent as POST body. | ||||
| | * | | Ban all query parameters on Intropspection, Token and Revocation endpopoint | Abhishek Patel | 2019-05-14 | 1 | -8/+4 |
| | | | | |||||
| | * | | Add tests + create a global variable for blacklisted query parameters | Abhishek Patel | 2019-05-14 | 1 | -7/+9 |
| | | | | |||||
| | * | | Add validation check for presence of forbidden query parameters in OAuth2 ↵ | Abhishek Patel | 2019-05-14 | 4 | -1/+18 |
| | |/ | | | | | | | | | | TokenEndpoint, IntrospectionEndpoint and RevocationEndpoint | ||||
| | * | Merge branch 'master' into 670-pkce-requestinfo | Jonathan Huot | 2019-05-07 | 7 | -16/+192 |
| | |\ | |||||
| | | * | Merge branch 'master' into patch-1 | Jonathan Huot | 2019-05-07 | 6 | -14/+190 |
| | | |\ | |||||
| | | | * | Merge branch 'master' into oidc-hashesoidc-hashes | Jonathan Huot | 2019-05-06 | 1 | -2/+2 |
| | | | |\ | |||||
| | | | | * | Add case-insensitive headers to oauth1 BaseEndpoint | Jordan Gardner | 2019-05-01 | 1 | -2/+2 |
| | | | | | | |||||
| | | | * | | Removed wrong assumption from copy/paste of get_autho.._scopes. | Jonathan Huot | 2019-04-29 | 1 | -3/+2 |
| | | | | | | | | | | | | | | | | | | | | | | | | This function should always have a good client_id and redirect_uri, because it is called after validate_token_request() | ||||
| | | | * | | Fix typo gave/have | Jonathan Huot | 2019-04-29 | 1 | -2/+2 |
| | | | | | | |||||
| | | | * | | Fix docstring about return value | Jonathan Huot | 2019-04-29 | 1 | -1/+1 |
| | | | | | | |||||
| | | | * | | Merge branch 'master' into oidc-hashes | Jonathan Huot | 2019-04-26 | 2 | -0/+20 |
| | | | |\ \ | | | | | |/ | |||||
| | | | * | | Merge branch 'master' into oidc-hashes | Jonathan Huot | 2019-04-23 | 4 | -35/+35 |
| | | | |\ \ | |||||
| | | | * | | | Python2.7 compatible | Jonathan Huot | 2019-03-26 | 1 | -2/+2 |
| | | | | | | | |||||
| | | | * | | | Add unittests for OIDC GrantTypeBase. | Jonathan Huot | 2019-03-26 | 1 | -3/+3 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rename hash_id_token into id_token_hash | ||||
| | | | * | | | Use native operator instead type conversion | Jonathan Huot | 2019-03-26 | 1 | -1/+1 |
| | | | | | | | |||||
| | | | * | | | Renamed fill into finalize to add clarity | Jonathan Huot | 2019-03-26 | 2 | -5/+5 |
| | | | | | | | |||||
| | | | * | | | Merge branch 'master' into oidc-hashes | Jonathan Huot | 2019-03-05 | 1 | -1/+1 |
| | | | |\ \ \ | |||||
| | | | * | | | | Change to 3.0.2-dev as long as master is in "dev" | Jonathan Huot | 2019-03-05 | 1 | -1/+1 |
| | | | | | | | | |||||
| | | | * | | | | Add c_hash. Add summary about when nonce/hashes are added to id_token | Jonathan Huot | 2019-02-28 | 1 | -0/+29 |
| | | | | | | | | |||||
| | | | * | | | | Add technicals fields of `id_token` in oauthlib OIDC support | Jonathan Huot | 2019-02-28 | 5 | -9/+157 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A new RequestValidator `fill_id_token` has been introduced to replace `get_id_token`. It aims to have the bare minimum amount of fields to complete a full OIDC id_token support. `get_id_token` is still valid but optional, and if it is implemented, `fill_id_token` will not be called. The current `fill_id_token` came with full support of `aud`, `iat`, `nonce`, `at_hash` and `c_hash`. More could come in the future e.g. `auth_time`, ... | ||||
| | | | * | | | | Removed duplicated OIDC members in OAuth2.RequestValidator | Jonathan Huot | 2019-02-28 | 2 | -182/+1 |
| | | | | | | | | |||||
| | | * | | | | | token_type should be case insensitive | ume | 2019-05-01 | 1 | -2/+2 |
| | | | |_|_|/ | | | |/| | | | |||||
| | * | | | | | Fix 670. AuthCode API must return the new PKCE attribute670-pkce-requestinfo | Jonathan Huot | 2019-04-26 | 1 | -0/+3 |
| | |/ / / / | |||||
| * | | | | | Handle null value in expires_in field in JSON handler | Josh Holmer | 2019-04-30 | 1 | -1/+4 |
| |/ / / / | | | | | | | | | | | | | | | | Closes #672 |