summaryrefslogtreecommitdiff
path: root/tests/oauth2
Commit message (Collapse)AuthorAgeFilesLines
* Fixed isort importsDariusz Smigiel2022-06-161-1/+2
| | | | | tox runs isort, whicn pointed multiple errors. Fixed them in this PR
* chore: s/bode_code_verifier/body_code_verifier/gkohki yamagiwa2022-05-151-2/+2
|
* Allow non-HTTPS issuer when OAUTHLIB_INSECURE_TRANSPORT. (#803)Theron Luhn2022-03-061-0/+10
| | | | | * Allow non-HTTPS issuer when OAUTHLIB_INSECURE_TRANSPORT. * Add unit test for validating issuer.
* Add CORS support for Refresh Token Grant.Theron Luhn2022-02-151-0/+41
|
* Add support for device authorization flow (RFC8628) (#795)Mike Kelly2022-01-183-0/+63
| | | | | | | | | | | | | | | | | | | | | | | | | * rfc8628: Add client implementation for token retrieval This change adds an implementation of the Device Authorization flow client from RFC8628. The initial structure is derived from the existing BackendApplicationClient with the addition of the device_code in the client. This change does not provide the support necessary for querying the device code endpoint in order to generate the initial device_code and URL that is required for completing the full end to end device authorization process. * Add device token fetch URI generator In order to perform the full device authorization flow it's necessary to first generate the device code and get the authorization flow URL. prepare_request_uri() allows us to do this while providing scopes and additional parameters. * Remove encoding lines These lines are not required for python3
* PKCE (#786)Jon Velando2021-12-133-0/+68
| | | | | | | | | | | | | | | | | | | * Added pkce on client side for authorization grant flow. Test cases added * added new args before kwargs * updating docstrings with clarification on PKCE params * adding additional clarification on PKCE parameters * adding initial function to create code_verifier and tests * using re.compile for code_verifier allowed characters * adding initial function to create code_challenge with tests * replacing appropriate chars for base64 URL Co-authored-by: Aman Singh Solanki <amans330@gmail.com>
* Add `Access-Control-Allow-Origin` header to metadata endpoint.Theron Luhn2021-12-131-0/+15
|
* Add support for CORS in the token endpoint.Theron Luhn2021-12-132-0/+44
|
* rm comma after Bearer in WWW-Authenticate headerkamenev2021-11-142-4/+4
|
* Bug expires at (#783)Scott Gifford2021-10-221-0/+24
| | | | | | | * verify that expires_at is an int before casting it as such. * casting expires_at as int within try catch with test. Co-authored-by: Scott Gifford <sgifford@activecampaign.com>
* Replace deprecated unittest aliasesHugo van Kemenade2021-08-181-4/+4
|
* fix #755: ensure save_token is called for hybrid code flowKarim Kanso2021-08-181-0/+15
|
* Sorted tests import per isort 4.3.21Anton Ruhlov2020-04-1026-92/+88
|
* Use unittest.mock instead of external mockMichał Górny2020-03-1621-21/+21
| | | | | | Replace the use of external 'mock' package with built-in Python unittest.mock (present since py3.3). This also fixes all test failures for me.
* The future is nowHugo2019-08-1526-53/+0
|
* Upgrade unit tests to use more useful assertsHugo2019-08-151-2/+2
|
* Drop support for legacy Python 2.7Hugo2019-08-153-14/+3
|
* Upgrade Python syntax with pyupgradeHugo2019-08-154-11/+11
|
* Drop support for legacy Python 2.7Hugo2019-08-152-10/+5
|
* Merge branch 'master' into 672-fix-null-expires-inOmer Katz2019-06-297-9/+201
|\
| * Check for authorization response errorsMark Gregson2019-06-061-3/+6
| |
| * Enforce POST HTTP method on TokenEndpoint, IntrospectEndpoint and ↵Abhishek Patel2019-05-144-19/+79
| | | | | | | | | | | | | | | | RevocationEndpoint - Add validation checks for HTTP method in TokenEndpoint, IntrospectEndpoint and RevocationEndpoint. - CHANGE DEFAULT HTTP method for TokenEndpoint from 'GET' to 'POST'. - Add tests + Fix an old test in . It used to send query params to TokenEndpoint which is not allowed anymore. Fixed it so payload is sent as POST body.
| * Ban all query parameters on Intropspection, Token and Revocation endpopointAbhishek Patel2019-05-143-18/+11
| |
| * Add tests + create a global variable for blacklisted query parametersAbhishek Patel2019-05-143-0/+59
| |
| * Merge branch 'master' into 670-pkce-requestinfoJonathan Huot2019-05-071-2/+77
| |\
| | * Add valid testcaseY.Umezaki2019-05-071-0/+28
| | |
| | * Add token tests from #491Y.Umezaki2019-05-071-2/+49
| | |
| * | Fix 670. AuthCode API must return the new PKCE attribute670-pkce-requestinfoJonathan Huot2019-04-261-2/+4
| |/
* | Handle null value in expires_in field in JSON handlerJosh Holmer2019-04-301-0/+18
|/ | | | Closes #672
* Removed useless set_state internal functionJonathan Huot2019-02-211-7/+1
| | | | Does not have purpose for /token request
* Add authorization "state" preservation back for AuthCodeJonathan Huot2019-02-211-0/+7
|
* Fix 652: removed "state" from /token response.Jonathan Huot2019-02-202-24/+27
| | | | | | Fix OIDC /token flow where &state=None was always returned, and fix OAuth2.0 /token flow where &state=foobar was returned if &state=foobar was present in the token request. Remove "save_token" from create_token() signature cuz it was not used internally. Deprecated the option to let upstream libraries have a chance to remove it, if ever used.
* Fix 644, Add tests for BasicAuth credentials for all endpoints (#645)Jonathan Huot2019-01-112-2/+57
| | | Test Introspect, Revoke, Token (web, legacy, backend) endpoints with authenticate_client and HTTP Basic Auth.
* Fix issue when using Metadata Endpoint with OIDC PreConfigured server.Jonathan Huot2018-12-141-0/+27
|
* Merge branch 'master' into 601-pkce-supportJonathan Huot2018-12-132-8/+33
|\
| * Add Content-Type and Cache headers to introspect/revocation errorsJonathan Huot2018-12-132-8/+33
| |
| * Add double-quotes to the key/values in WWW-Authenticate264-status401Jonathan Huot2018-12-122-4/+4
| |
| * Used WWW-Authenticate and auth-param values as RFC6750 described it.Jonathan Huot2018-12-122-4/+4
| | | | | | | | It misses the possibility to add scope= and realm= at the moment, but it should be a step forward into the right direction.
| * Handle 401 with WWW-Authenticate. Moved wrong 401 into 400.Jonathan Huot2018-12-042-4/+4
| | | | | | | | access_denied/unauthorized_client/consent_required/login_required MUST be 400, and not 401. Also, 401 MUST have WWW-Authenticate when set. It could have an impact of processing those in webframeworks.
* | Merge pull request #624 from oauthlib/preconf-server-metadataJonathan Huot2018-12-111-0/+61
|\ \ | | | | | | Preconf server metadata
| * | Sort dict and list in dict values for py27/36 compatpreconf-server-metadataJonathan Huot2018-11-301-2/+10
| | |
| * | Add Server metadata test and fix metadata.Jonathan Huot2018-11-301-0/+53
| | | | | | | | | | | | Fix grant_types_supported which must include "implicit" even if it is not a grant_type in oauthlib sense. Removed internal "none" field value from the list of response_types.
* | | Merge branch 'master' into 601-pkce-supportJonathan Huot2018-12-111-1/+1
|\ \ \ | |/ / |/| / | |/
| * `invalid_scope` status code should be 400Benjamin Pereto2018-12-031-1/+1
| |
* | Initial OAuth2.0/PKCE Provider supportJonathan Huot2018-11-297-0/+133
|/
* Allow custom provider to override oauthlib valuesoauth-metadataJonathan Huot2018-11-211-0/+10
| | | | See https://github.com/oauthlib/oauthlib/pull/605#discussion_r234438151
* Initial OAuth Authorization Server Metadata RFC8414Jonathan Huot2018-10-251-0/+28
|
* Merge branch 'master' into fix-585_client_idJonathan Huot2018-09-211-1/+1
|\
| * Merge branch 'master' into invalid-grant-should-respond-with-400Omer Katz2018-09-205-1/+44
| |\
| * \ Merge branch 'master' into invalid-grant-should-respond-with-400Jonathan Huot2018-08-133-2/+18
| |\ \
View Lorry Controller Status