Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | | Normalize handling of request.scopes list | Joel Stevenson | 2016-11-21 | 1 | -4/+5 | |
|/ | | | | | | | | | | | | | | | | | | | | | Use the scope_to_list() util to initalize the request.scopes list from the request.scope request parameter in two place where it was instead being set to None. - AuthorizationEndpoint.validate_authorization_request() - TokenEndpoint.create_token_response() In both cases the Request should be properly populated before it is passed to the client's validator. In the case of the TokenEndpoint - there are OAuth2 workflows that allow an optional scope parameter so we should have been doing this for them anyway. Since scope_to_list() may return None, also update the openid_connect code to behave properly when this is the case. Fixes #436 | |||||
* | Small fix for #416 | Omer Katz | 2016-08-28 | 1 | -1/+1 | |
| | | | Tuples are initialized faster on CPython. | |||||
* | Test for membership should be "not in", here too. | Joel Stevenson | 2016-08-26 | 1 | -3/+3 | |
| | ||||||
* | Test for membership should be "not in". | Joel Stevenson | 2016-08-25 | 2 | -2/+2 | |
| | | | | Commenting. | |||||
* | Short description doc for AuthCodeGrantDispatcher | Joel Stevenson | 2016-08-18 | 1 | -1/+2 | |
| | ||||||
* | Move the claims handling into OpenIDConnectBase._inflate_claims() and a new ↵ | Joel Stevenson | 2016-08-18 | 3 | -16/+44 | |
| | | | | | | AuthCodeGrantDispatcher to route requests to either the default AuthorizationCodeGrant or OpenIDConnectAuthCode depending on scope when the request's response_type is a simple (ambiguous) 'code'. Include basic docs about OpenID Connect auth flow support | |||||
* | Reworking the handling of claims. @bjmc was quite right to question the ↵ | Joel Stevenson | 2016-05-06 | 1 | -0/+13 | |
| | | | | haste-y inclusion in the Resource endpoint. It is an optional parameter to the Authorization Code endpoint and so needs to be stored with both the generated authorization code grant and any subsequent access token issued to that authorization code. | |||||
* | Check the response type against exact response_type registry formats in ↵ | Joel Stevenson | 2016-05-02 | 1 | -1/+1 | |
| | | | | GrantTypeBase.add_token() | |||||
* | Prevent save_token() from being called twice within create_token_response(). ↵ | Joel Stevenson | 2016-04-29 | 5 | -7/+11 | |
| | | | | We call save_token() after any token modifiers have run so we can tell the token_handler's create_token() method not to save the token and do that explicitly ourselves. | |||||
* | Merge branch 'openid_connect' of https://github.com/joelstevenson/oauthlib ↵ | Joel Stevenson | 2016-04-26 | 4 | -15/+24 | |
|\ | | | | | | | into openid_connect | |||||
| * | Handle multi-valued response_types as specified in ↵ | Joel Stevenson | 2016-04-25 | 4 | -17/+24 | |
| | | | | | | | | | | | | | | http://openid.net/specs/oauth-v2-multiple-response-types-1_0.html#Combinations Handle new 'none' response_type Implicit flow won't generate a token unless it is asked for (skipped for "id_token" response_type | |||||
* | | Remove some comments related to new code for OIDC feature. | Joel Stevenson | 2016-04-26 | 4 | -14/+6 | |
|/ | ||||||
* | Fixup implicit flow authorization response and test | Joel Stevenson | 2016-04-19 | 2 | -1/+8 | |
| | ||||||
* | More wiring to get OpenID Connect code fully integrated. | Joel Stevenson | 2016-04-19 | 2 | -9/+5 | |
| | ||||||
* | First pass attempt at updating openid_connect branch | Joel Stevenson | 2016-04-15 | 3 | -3/+30 | |
| | ||||||
* | Convenience (for testing) imports. | Ib Lundgren | 2016-04-14 | 1 | -0/+5 | |
| | ||||||
* | Raise OIDCNoPrompt exception upon authorization if requested. | Ib Lundgren | 2016-04-14 | 1 | -32/+66 | |
| | ||||||
* | Response mode support. | Ib Lundgren | 2016-04-14 | 3 | -11/+66 | |
| | ||||||
* | Small steps on the OpenID grant types. | Ib Lundgren | 2016-04-14 | 1 | -26/+94 | |
| | | | | | | Direct response if prompt is none. Sketched out methods for implicit and hybrid. New method for adding access tokens in hybrid auth step. | |||||
* | Support for extra token validators and code modifiers. | Ib Lundgren | 2016-04-14 | 1 | -1/+15 | |
| | ||||||
* | Initial sketch of OpenID Connect grant extensions. | Ib Lundgren | 2016-04-14 | 1 | -0/+273 | |
| | | | | | | Only drafted some of the parameters introduced and little validation has been implemented so far. The id_token creation is also on the TODO list but a lot of it is created by @intelie in his fork already. | |||||
* | Add token modifier and save to refresh token grant as well. | Ib Lundgren | 2016-04-14 | 1 | -0/+11 | |
| | ||||||
* | Move save token to grant type and allow token modification. | Ib Lundgren | 2016-04-14 | 4 | -1/+54 | |
| | | | | | | | | | | | | request_validator.save_bearer_token was previously called from inside token_handler.create_token but is now called from the respective grant type after being created by token_handler.create_token. This makes it easier to allow extensions grants to modify the token via the newly introduced token modifier methods that will be invoked prior to the save. This is consistent with how auth code is created and saved plus it removes the hidden dual purpose of create_token. | |||||
* | Set issue_new_refresh_tokens in RefreshTokenGrant.__init__ | Rafał Furmański | 2016-03-30 | 1 | -4/+1 | |
| | ||||||
* | Added a kwarg to set wether refresh token will be created or not | Hiroki KIYOHARA | 2015-09-29 | 1 | -2/+3 | |
| | ||||||
* | Fix management of rfc6749 errors | fabio | 2015-07-06 | 2 | -29/+36 | |
| | ||||||
* | send no state in the access token response | gunnar | 2015-07-03 | 1 | -1/+1 | |
| | ||||||
* | Merge pull request #341 from kdazzle/request-getattr | Omer Katz | 2015-07-02 | 4 | -4/+5 | |
|\ | | | | | #340 - calling getattr on Request should raise an AttributeError if that attribute doesn't exist | |||||
| * | #340 - provide default values for some params in common.Request | Kyle | 2015-05-09 | 4 | -4/+5 | |
| | | ||||||
* | | Handle empty/non-parsable query strings | Dan Berglund | 2015-06-26 | 2 | -2/+10 | |
|/ | ||||||
* | Remove redundant "state=request.state" parameters | Rodney Richardson | 2014-10-07 | 6 | -44/+22 | |
| | ||||||
* | Add docstring for ResourceOwnerPasswordCredentialsGrant __init__ | David Muller | 2014-09-29 | 1 | -0/+4 | |
| | ||||||
* | create/don't create refresh_token based on self.refresh_token | David Muller | 2014-09-29 | 1 | -1/+1 | |
| | ||||||
* | Add refresh_token keyword arg | David Muller | 2014-09-29 | 1 | -1/+2 | |
| | ||||||
* | Auto pep8 changes throughout the code base. | Ib Lundgren | 2014-09-24 | 6 | -63/+85 | |
| | ||||||
* | Change logging namespace to a tiered one. | Ib Lundgren | 2014-09-24 | 6 | -7/+25 | |
| | | | | | | | Rather than have all logging under oauthlib we now have it per file using __name__. Users who wish to enable or disable all logging can still do so by enabling or disabling the oauthlib logging namespace. | |||||
* | Remove password print from debug logs. Fix #256. | Ib Lundgren | 2014-07-07 | 1 | -2/+1 | |
| | ||||||
* | Use 401 status code for some OAuth 2 errors | Anders Steinlein | 2014-04-30 | 1 | -2/+2 | |
| | ||||||
* | return application/json content type in case of error | masci | 2014-01-19 | 1 | -1/+1 | |
| | ||||||
* | is_within_original_scope method for refresh token grant (Issue #220) | Jan Wrobel | 2013-11-05 | 1 | -1/+3 | |
| | ||||||
* | Include the request object in the returned dict, it can be used to cache ↵ | Andre Cruz | 2013-10-28 | 2 | -0/+2 | |
| | | | | information that will be used later. | |||||
* | Fix all application/json mimetypes. | Hsiaoming Yang | 2013-10-12 | 3 | -3/+3 | |
| | ||||||
* | JSON content type has no charset. | Hsiaoming Yang | 2013-10-12 | 1 | -1/+1 | |
| | ||||||
* | Set headers on client credentials access token response | Aleksandr Vladimirskiy | 2013-10-10 | 1 | -1/+6 | |
| | ||||||
* | fixed call to client_authentication_required | Massimiliano Pippi | 2013-09-21 | 1 | -1/+1 | |
| | ||||||
* | ask validator if client has to be authenticated | Massimiliano Pippi | 2013-09-17 | 3 | -42/+42 | |
| | ||||||
* | #200 First attempt at API cleanup to match OAuth1. | Tyler Jones | 2013-08-01 | 5 | -15/+15 | |
| | ||||||
* | Validator confirm_scopes becomes get_original_scopes. #182, #183 | Ib Lundgren | 2013-06-21 | 1 | -2/+15 | |
| | ||||||
* | Add initial refresh token grant tests. Fix #182. | Ib Lundgren | 2013-06-20 | 1 | -3/+2 | |
| | ||||||
* | Fix scope validation on refresh token grant. | Ib Lundgren | 2013-06-20 | 1 | -15/+1 | |
| |