diff options
Diffstat (limited to 'CHANGELOG.rst')
-rw-r--r-- | CHANGELOG.rst | 50 |
1 files changed, 34 insertions, 16 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index e07ec3c..c42df83 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -1,33 +1,51 @@ Changelog ========= -3.1.0 (TBD) +3.1.1 (TBD) ------------------ +OAuth2.0 Client - Bugfixes + * #730: Base OAuth2 Client now has a consistent way of managing the `scope`: it consistently + relies on the `scope` provided in the constructor if any, except if overridden temporarily + in a method call. Note that in particular providing a non-None `scope` in + `prepare_authorization_request` or `prepare_refresh_token` does not override anymore + `self.scope` forever, it is just used temporarily. + * #726: MobileApplicationClient.prepare_request_uri and MobileApplicationClient.parse_request_uri_response, + ServiceApplicationClient.prepare_request_body, + and WebApplicationClient.prepare_request_uri now correctly use the default `scope` provided in + constructor. + * #725: LegacyApplicationClient.prepare_request_body now correctly uses the default `scope` provided in constructor + +3.1.0 (2019-08-06) +------------------ OAuth2.0 Provider - Features -* #660: OIDC add support of nonce, c_hash, at_hash fields - - New RequestValidator.fill_id_token method - - Deprecated RequestValidator.get_id_token method -* #677: OIDC add UserInfo endpoint - - New RequestValidator.get_userinfo_claims method + + * #660: OIDC add support of `nonce`, `c_hash`, `at_hash fields` + - New `RequestValidator.fill_id_token` method + - Deprecated `RequestValidator.get_id_token` method + * #677: OIDC add `UserInfo` endpoint - New `RequestValidator.get_userinfo_claims` method OAuth2.0 Provider - Security -* #665: Enhance data leak to logs - - New default to not expose request content in logs - - New function `oauthlib.set_debug(True)` -* #666: Disabling query parameters for POST requests + + * #665: Enhance data leak to logs + * New default to not expose request content in logs + * New function `oauthlib.set_debug(True)` + * #666: Disabling query parameters for POST requests OAuth2.0 Provider - Bugfixes -* #670: Fix validate_authorization_request to return the new PKCE fields -* #674: Fix token_type to be case-insensitive (bearer and Bearer) + + * #670: Fix `validate_authorization_request` to return the new PKCE fields + * #674: Fix `token_type` to be case-insensitive (`bearer` and `Bearer`) OAuth2.0 Client - Bugfixes -* #290: Fix Authorization Code's errors processing -* #603: BackendApplication.Client.prepare_request_body use the "scope" argument as intended. -* #672: Fix edge case when expires_in=Null + + * #290: Fix Authorization Code's errors processing + * #603: BackendApplicationClient.prepare_request_body use the `scope` argument as intended. + * #672: Fix edge case when `expires_in=Null` OAuth1.0 Client -* #669: Add case-insensitive headers to oauth1 BaseEndpoint + + * #669: Add case-insensitive headers to oauth1 `BaseEndpoint` 3.0.2 (2019-07-04) ------------------ |