diff options
author | Hoylen Sue <hoylen@hoylen.com> | 2020-06-03 13:01:25 +1000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-06-03 09:01:25 +0600 |
commit | bda81b3cb6306dec19a6e60113e21b2933d0950c (patch) | |
tree | 1bfce216e41924bde8392e9f63976deeb035fce0 /docs/feature_matrix.rst | |
parent | 0404b486b11b81de780234b944179fa7bde6f2b7 (diff) | |
download | oauthlib-bda81b3cb6306dec19a6e60113e21b2933d0950c.tar.gz |
OAuth 1.0a signature methods: RSA-SHA256, RSA-SHA512 and HMAC-SHA512 (#723)
* Adding support for RSA-SHA256.
* Added support for HMAC-SHA512, RSA-SHA256 and RSA-SHA512 signature methods.
* Made version dependencies consistent.
* Updated OAuth1 signature tests.
* Fixed parsing of netloc/host. Deprecated old functions.
* Refactored and expanded tests to include signature validate.
* Update docs for HMAC-SHA512, RSA-SHA256 and RSA-SHA512 signature methods.
* Updated code comments in oauth1 signatures module.
* Updated changelog.
* Update docs/feature_matrix.rst
Co-Authored-By: Omer Katz <omer.drow@gmail.com>
* Used parenthesis instead of backslash to break lines.
* Fixed typo
Co-authored-by: Omer Katz <omer.drow@gmail.com>
Co-authored-by: Omer Katz <omer.drow@gmail.com>
Diffstat (limited to 'docs/feature_matrix.rst')
-rw-r--r-- | docs/feature_matrix.rst | 101 |
1 files changed, 66 insertions, 35 deletions
diff --git a/docs/feature_matrix.rst b/docs/feature_matrix.rst index df8cb0e..56d0cf3 100644 --- a/docs/feature_matrix.rst +++ b/docs/feature_matrix.rst @@ -1,33 +1,56 @@ Supported features and platforms ================================ -OAuth 1 is fully supported per the RFC for both clients and providers. -Extensions and variations that are outside the spec are not supported. +Features +-------- -- HMAC-SHA1, RSA-SHA1 and plaintext signatures. -- Signature placement in header, url or body. +OAuth 1.0a +.......... + +OAuth 1.0a is fully supported for both clients and providers. + +All standard *signature methods* defined in `RFC 5849`_ *The OAuth 1.0 +Protocol* are supported: + +- HMAC-SHA1 +- RSA-SHA1 +- PLAINTEXT + +Non-standard *signature methods* that replaces SHA-1 with stronger +digest algorithms are also supported: + +- HMAC-SHA256 +- HMAC-SHA512 +- RSA-SHA256 +- RSA-SHA512 + +The OAuth 1.0a signature can be placed in the header, URL or body of +the request. + +OAuth 2.0 +......... OAuth 2.0 client and provider support for: -- `RFC6749#section-4.1`_: Authorization Code Grant -- `RFC6749#section-4.2`_: Implicit Grant -- `RFC6749#section-4.3`_: Resource Owner Password Credentials Grant -- `RFC6749#section-4.4`_: Client Credentials Grant -- `RFC6749#section-6`_: Refresh Tokens -- `RFC6750`_: Bearer Tokens -- `RFC7009`_: Token Revocation -- `RFC Draft MAC tokens`_ +- `RFC 6749 section-4.1`_: Authorization Code Grant +- `RFC 6749 section-4.2`_: Implicit Grant +- `RFC 6749 section-4.3`_: Resource Owner Password Credentials Grant +- `RFC 6749 section-4.4`_: Client Credentials Grant +- `RFC 6749 section-6`_: Refresh Tokens +- `RFC 6750`_: Bearer Tokens +- `RFC 7009`_: Token Revocation +- `RFC Draft`_ Message Authentication Code (MAC) Tokens - OAuth2.0 Provider: `OpenID Connect Core`_ -- OAuth2.0 Provider: `RFC7636`_: Proof Key for Code Exchange by OAuth Public Clients (PKCE) -- OAuth2.0 Provider: `RFC7662`_: Token Introspection -- OAuth2.0 Provider: `RFC8414`_: Authorization Server Metadata +- OAuth2.0 Provider: `RFC 7636`_: Proof Key for Code Exchange by OAuth Public Clients (PKCE) +- OAuth2.0 Provider: `RFC 7662`_: Token Introspection +- OAuth2.0 Provider: `RFC 8414`_: Authorization Server Metadata Features to be implemented (any help/PR are welcomed): - OAuth2.0 **Client**: `OpenID Connect Core`_ -- OAuth2.0 **Client**: `RFC7636`_: Proof Key for Code Exchange by OAuth Public Clients (PKCE) -- OAuth2.0 **Client**: `RFC7662`_: Token Introspection -- OAuth2.0 **Client**: `RFC8414`_: Authorization Server Metadata +- OAuth2.0 **Client**: `RFC 7636`_: Proof Key for Code Exchange by OAuth Public Clients (PKCE) +- OAuth2.0 **Client**: `RFC 7662`_: Token Introspection +- OAuth2.0 **Client**: `RFC 8414`_: Authorization Server Metadata - SAML2 - Bearer JWT as Client Authentication - Dynamic client registration @@ -35,24 +58,32 @@ Features to be implemented (any help/PR are welcomed): - OpenID Session Management - ...and more -Supported platforms -------------------- +Platforms +--------- + +OAuthLib is mainly developed and tested on 64-bit Linux. It works on +Unix and Unix-like operating systems (including macOS), as well as +Microsoft Windows. + +It should work on any platform that supports Python, if features +requiring RSA public-key cryptography is not used. -OAuthLib is mainly developed/tested on 64 bit Linux but works on Unix (incl. OS -X) and Windows as well. Unless you are using the RSA features of OAuth 1 you -should be able to use OAuthLib on any platform that supports Python. If you use -RSA you are limited to the platforms supported by `cryptography`_. +If features requiring RSA public-key cryptography is used (e.g +RSA-SHA1 and RS256), it should work on any platform supported by +PyCA's `cryptography`_ package. RSA features require installing +additional packages: see the installation instructions for details. .. _`cryptography`: https://cryptography.io/en/latest/installation/ -.. _`RFC6749#section-4.1`: https://tools.ietf.org/html/rfc6749#section-4.1 -.. _`RFC6749#section-4.2`: https://tools.ietf.org/html/rfc6749#section-4.2 -.. _`RFC6749#section-4.3`: https://tools.ietf.org/html/rfc6749#section-4.3 -.. _`RFC6749#section-4.4`: https://tools.ietf.org/html/rfc6749#section-4.4 -.. _`RFC6749#section-6`: https://tools.ietf.org/html/rfc6749#section-6 -.. _`RFC6750`: https://tools.ietf.org/html/rfc6750 -.. _`RFC Draft MAC tokens`: https://tools.ietf.org/id/draft-ietf-oauth-v2-http-mac-02.html -.. _`RFC7009`: https://tools.ietf.org/html/rfc7009 -.. _`RFC7662`: https://tools.ietf.org/html/rfc7662 -.. _`RFC7636`: https://tools.ietf.org/html/rfc7636 +.. _`RFC 5849`: https://tools.ietf.org/html/rfc5849 +.. _`RFC 6749 section-4.1`: https://tools.ietf.org/html/rfc6749#section-4.1 +.. _`RFC 6749 section-4.2`: https://tools.ietf.org/html/rfc6749#section-4.2 +.. _`RFC 6749 section-4.3`: https://tools.ietf.org/html/rfc6749#section-4.3 +.. _`RFC 6749 section-4.4`: https://tools.ietf.org/html/rfc6749#section-4.4 +.. _`RFC 6749 section-6`: https://tools.ietf.org/html/rfc6749#section-6 +.. _`RFC 6750`: https://tools.ietf.org/html/rfc6750 +.. _`RFC Draft`: https://tools.ietf.org/id/draft-ietf-oauth-v2-http-mac-02.html +.. _`RFC 7009`: https://tools.ietf.org/html/rfc7009 +.. _`RFC 7662`: https://tools.ietf.org/html/rfc7662 +.. _`RFC 7636`: https://tools.ietf.org/html/rfc7636 .. _`OpenID Connect Core`: https://openid.net/specs/openid-connect-core-1_0.html -.. _`RFC8414`: https://tools.ietf.org/html/rfc8414 +.. _`RFC 8414`: https://tools.ietf.org/html/rfc8414 |