Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | OAuth 1.0a signature methods: RSA-SHA256, RSA-SHA512 and HMAC-SHA512 (#723) | Hoylen Sue | 2020-06-03 | 1 | -319/+826 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Adding support for RSA-SHA256. * Added support for HMAC-SHA512, RSA-SHA256 and RSA-SHA512 signature methods. * Made version dependencies consistent. * Updated OAuth1 signature tests. * Fixed parsing of netloc/host. Deprecated old functions. * Refactored and expanded tests to include signature validate. * Update docs for HMAC-SHA512, RSA-SHA256 and RSA-SHA512 signature methods. * Updated code comments in oauth1 signatures module. * Updated changelog. * Update docs/feature_matrix.rst Co-Authored-By: Omer Katz <omer.drow@gmail.com> * Used parenthesis instead of backslash to break lines. * Fixed typo Co-authored-by: Omer Katz <omer.drow@gmail.com> Co-authored-by: Omer Katz <omer.drow@gmail.com> | ||||
* | Sorted tests import per isort 4.3.21 | Anton Ruhlov | 2020-04-10 | 47 | -164/+160 |
| | |||||
* | Use unittest.mock instead of external mock | Michał Górny | 2020-03-16 | 37 | -37/+37 |
| | | | | | | Replace the use of external 'mock' package with built-in Python unittest.mock (present since py3.3). This also fixes all test failures for me. | ||||
* | Merge branch 'master' into rm-2.7 | Omer Katz | 2019-08-29 | 1 | -68/+87 |
|\ | |||||
| * | remove unneeded additional collect_parameters assertion in the ↵ | Ashley Sommer | 2019-08-19 | 1 | -1/+0 |
| | | | | | | | | signature_base_string test. Fixes python 2.7 test failure. | ||||
| * | Fix tests for OAuth1 signature basestring generation, to better align with ↵ | Ashley Sommer | 2019-08-14 | 1 | -68/+88 |
| | | | | | | | | | | | | examples and expected results set out in the RFC doc. Fixes https://github.com/oauthlib/oauthlib/issues/695 | ||||
* | | The future is now | Hugo | 2019-08-15 | 48 | -96/+0 |
| | | |||||
* | | Upgrade unit tests to use more useful asserts | Hugo | 2019-08-15 | 8 | -24/+24 |
| | | |||||
* | | Drop support for legacy Python 2.7 | Hugo | 2019-08-15 | 5 | -23/+5 |
| | | |||||
* | | Upgrade Python syntax with pyupgrade | Hugo | 2019-08-15 | 9 | -22/+22 |
| | | |||||
* | | Drop support for legacy Python 2.7 | Hugo | 2019-08-15 | 6 | -57/+41 |
|/ | |||||
* | Merge branch 'master' into oidc-userinfo | Jonathan Huot | 2019-07-04 | 6 | -6/+139 |
|\ | |||||
| * | Merge branch 'master' into 672-fix-null-expires-in | Josh Holmer | 2019-07-03 | 1 | -1/+1 |
| |\ | |||||
| | * | Error in timestamp comparison | Jonathan Huot | 2019-07-03 | 1 | -1/+1 |
| | | | |||||
| * | | Merge branch 'master' into 672-fix-null-expires-in | Omer Katz | 2019-06-29 | 10 | -12/+319 |
| |\ \ | | |/ | |||||
| | * | Check for authorization response errors | Mark Gregson | 2019-06-06 | 1 | -3/+6 |
| | | | |||||
| | * | Enforce POST HTTP method on TokenEndpoint, IntrospectEndpoint and ↵ | Abhishek Patel | 2019-05-14 | 4 | -19/+79 |
| | | | | | | | | | | | | | | | | | | | | | | | | RevocationEndpoint - Add validation checks for HTTP method in TokenEndpoint, IntrospectEndpoint and RevocationEndpoint. - CHANGE DEFAULT HTTP method for TokenEndpoint from 'GET' to 'POST'. - Add tests + Fix an old test in . It used to send query params to TokenEndpoint which is not allowed anymore. Fixed it so payload is sent as POST body. | ||||
| | * | Ban all query parameters on Intropspection, Token and Revocation endpopoint | Abhishek Patel | 2019-05-14 | 3 | -18/+11 |
| | | | |||||
| | * | Add tests + create a global variable for blacklisted query parameters | Abhishek Patel | 2019-05-14 | 3 | -0/+59 |
| | | | |||||
| * | | Handle null value in expires_in field in JSON handler | Josh Holmer | 2019-04-30 | 1 | -0/+18 |
| | | | | | | | | | | | | Closes #672 | ||||
* | | | Add UserInfoEndpoint to the OIDC Provider support. | Jonathan Huot | 2019-05-13 | 1 | -0/+70 |
| |/ |/| | |||||
* | | Merge branch 'master' into 670-pkce-requestinfo | Jonathan Huot | 2019-05-07 | 4 | -5/+195 |
|\ \ | |||||
| * \ | Merge branch 'master' into patch-1 | Jonathan Huot | 2019-05-07 | 3 | -3/+118 |
| |\ \ | |||||
| | * \ | Merge branch 'master' into oidc-hashesoidc-hashes | Jonathan Huot | 2019-05-06 | 1 | -1/+12 |
| | |\ \ | |||||
| | | * | | Add case-insensitive headers to oauth1 BaseEndpoint | Jordan Gardner | 2019-05-01 | 1 | -1/+12 |
| | | |/ | |||||
| | * | | Merge branch 'master' into oidc-hashes | Jonathan Huot | 2019-04-26 | 2 | -0/+19 |
| | |\ \ | | | |/ | |||||
| | * | | Python2.7 compatible | Jonathan Huot | 2019-03-26 | 1 | -2/+2 |
| | | | | |||||
| | * | | Add unittests for OIDC GrantTypeBase. | Jonathan Huot | 2019-03-26 | 1 | -0/+104 |
| | | | | | | | | | | | | | | | | Rename hash_id_token into id_token_hash | ||||
| | * | | Renamed fill into finalize to add clarity | Jonathan Huot | 2019-03-26 | 1 | -2/+2 |
| | | | | |||||
| * | | | Add valid testcase | Y.Umezaki | 2019-05-07 | 1 | -0/+28 |
| | | | | |||||
| * | | | Add token tests from #491 | Y.Umezaki | 2019-05-07 | 1 | -2/+49 |
| | |/ | |/| | |||||
* | | | Fix 670. AuthCode API must return the new PKCE attribute670-pkce-requestinfo | Jonathan Huot | 2019-04-26 | 1 | -2/+4 |
|/ / | |||||
* | | Add method to get/set debug flag | Abhishek Patel | 2019-04-21 | 2 | -0/+19 |
|/ | | | | | | - By default debug mode is always off - Debug mode turned on automatically for tests - Complete requests sanitized in non debug mode | ||||
* | Fixed missing references in unittests | Jonathan Huot | 2019-02-28 | 3 | -5/+5 |
| | |||||
* | Added missing import after test moved | Jonathan Huot | 2019-02-25 | 1 | -2/+5 |
| | |||||
* | Move HybridGrant test into its respective file. | Jonathan Huot | 2019-02-25 | 2 | -75/+76 |
| | |||||
* | Add nonce mandatory check for "id_token" response_type | Jonathan Huot | 2019-02-25 | 1 | -0/+21 |
| | |||||
* | Add nonce auth request check for authorization_code | Jonathan Huot | 2019-02-25 | 1 | -0/+14 |
| | |||||
* | OIDC: Raise error=invalid_request when nonce is mandatory | Jonathan Huot | 2019-02-25 | 1 | -7/+53 |
| | | | | Until now, only OIDC implicit was raising an error, but OIDC hybrid contain a couple of mandatory nonce, too. | ||||
* | Merge branch 'master' into fix-uri-normalization | Jonathan Huot | 2019-02-25 | 1 | -1/+0 |
|\ | |||||
| * | Remove usage of "state" for code/token response. | Jonathan Huot | 2019-02-22 | 1 | -1/+0 |
| | | |||||
* | | Renamed construct_base_string to signature_base_string. | Hoylen Sue | 2019-02-22 | 1 | -6/+6 |
| | | |||||
* | | Merge branch 'master' into fix-uri-normalization | Jonathan Huot | 2019-02-21 | 3 | -31/+39 |
|\ \ | |/ | |||||
| * | Removed useless set_state internal function | Jonathan Huot | 2019-02-21 | 1 | -7/+1 |
| | | | | | | | | Does not have purpose for /token request | ||||
| * | Add authorization "state" preservation back for AuthCode | Jonathan Huot | 2019-02-21 | 1 | -0/+7 |
| | | |||||
| * | Fix 652: removed "state" from /token response. | Jonathan Huot | 2019-02-20 | 3 | -30/+37 |
| | | | | | | | | | | | | Fix OIDC /token flow where &state=None was always returned, and fix OAuth2.0 /token flow where &state=foobar was returned if &state=foobar was present in the token request. Remove "save_token" from create_token() signature cuz it was not used internally. Deprecated the option to let upstream libraries have a chance to remove it, if ever used. | ||||
* | | Fixed space encoding in base string URI used in the signature base string. | Hoylen Sue | 2019-02-19 | 1 | -8/+19 |
|/ | |||||
* | Fix 644, Add tests for BasicAuth credentials for all endpoints (#645) | Jonathan Huot | 2019-01-11 | 2 | -2/+57 |
| | | | Test Introspect, Revoke, Token (web, legacy, backend) endpoints with authenticate_client and HTTP Basic Auth. | ||||
* | Fix invalid escape sequence in tests (#637) | Jon Dufresne | 2018-12-27 | 1 | -1/+1 |
| | | | | | | | | | Fixes warning when running tests: ``` tests/oauth1/rfc5849/endpoints/test_base.py:63 oauthlib/tests/oauth1/rfc5849/endpoints/test_base.py:63: DeprecationWarning: invalid escape sequence \d headers['Authorization'] = sub('timestamp="\d*k?"', ``` | ||||
* | Fix issue when using Metadata Endpoint with OIDC PreConfigured server. | Jonathan Huot | 2018-12-14 | 1 | -0/+27 |
| |