Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
| | * | | Add double-quotes to the key/values in WWW-Authenticate264-status401 | Jonathan Huot | 2018-12-12 | 1 | -3/+3 | |
| | | | | ||||||
| | * | | Used WWW-Authenticate and auth-param values as RFC6750 described it. | Jonathan Huot | 2018-12-12 | 7 | -14/+27 | |
| | | | | | | | | | | | | | | | | It misses the possibility to add scope= and realm= at the moment, but it should be a step forward into the right direction. | |||||
| | * | | Handle 401 with WWW-Authenticate. Moved wrong 401 into 400. | Jonathan Huot | 2018-12-04 | 7 | -6/+15 | |
| | | | | | | | | | | | | | | | | access_denied/unauthorized_client/consent_required/login_required MUST be 400, and not 401. Also, 401 MUST have WWW-Authenticate when set. It could have an impact of processing those in webframeworks. | |||||
| * | | | Add details on grant_type & implicit special case. | Jonathan Huot | 2018-12-13 | 1 | -0/+12 | |
| | | | | ||||||
| * | | | Replace temporary list by using clearer "extend" method | Jonathan Huot | 2018-12-13 | 1 | -1/+1 | |
| | | | | ||||||
| * | | | Merge pull request #624 from oauthlib/preconf-server-metadata | Jonathan Huot | 2018-12-11 | 1 | -3/+9 | |
| |\ \ \ | | | | | | | | | | | Preconf server metadata | |||||
| | * | | | Add Server metadata test and fix metadata. | Jonathan Huot | 2018-11-30 | 1 | -3/+9 | |
| | | | | | | | | | | | | | | | | | | | | Fix grant_types_supported which must include "implicit" even if it is not a grant_type in oauthlib sense. Removed internal "none" field value from the list of response_types. | |||||
| * | | | | Merge branch 'master' into 601-pkce-support | Jonathan Huot | 2018-12-11 | 1 | -1/+3 | |
| |\ \ \ \ | | |/ / / | |/| / / | | |/ / | ||||||
| * | | | Add OAuth2 Provider Server Metadata for PKCE. | Jonathan Huot | 2018-11-30 | 1 | -0/+2 | |
| | | | | ||||||
| * | | | Initial OAuth2.0/PKCE Provider support | Jonathan Huot | 2018-11-29 | 3 | -12/+238 | |
| | | | | ||||||
* | | | | Extract raising on unsupported token. | Omer Katz | 2018-12-17 | 3 | -11/+10 | |
| | | | | ||||||
* | | | | Extract raising error on client auth failure. | Omer Katz | 2018-12-17 | 3 | -21/+15 | |
| | | | | ||||||
* | | | | Raise error on missing token. | Omer Katz | 2018-12-17 | 3 | -9/+11 | |
| | | | | ||||||
* | | | | Extract redirect handling to a common method. | Omer Katz | 2018-12-17 | 3 | -70/+59 | |
| | | | | ||||||
* | | | | Extract default grant headers to helper method. | Omer Katz | 2018-12-17 | 5 | -21/+13 | |
| |_|/ |/| | | ||||||
* | | | change: response_type as attribute | mlboy | 2018-12-12 | 1 | -1/+3 | |
| | | | ||||||
* | | | change: grant_type as attribute | mlboy | 2018-12-12 | 1 | -1/+2 | |
| | | | | | | | | | use refresh_token_key as attribute | |||||
* | | | change: grant_type as attribute | mlboy | 2018-12-12 | 1 | -1/+3 | |
| | | | ||||||
* | | | change: grant_type as attribute | mlboy | 2018-12-12 | 1 | -1/+3 | |
| | | | ||||||
* | | | change: grant_type as attribute | mlboy | 2018-12-12 | 1 | -2/+4 | |
| |/ |/| | ||||||
* | | `invalid_scope` status code should be 400 | Benjamin Pereto | 2018-12-03 | 1 | -1/+3 | |
|/ | ||||||
* | Allow custom provider to override oauthlib valuesoauth-metadata | Jonathan Huot | 2018-11-21 | 1 | -6/+8 | |
| | | | | See https://github.com/oauthlib/oauthlib/pull/605#discussion_r234438151 | |||||
* | Merge branch 'master' into oauth-metadata | Omer Katz | 2018-11-01 | 1 | -1/+1 | |
|\ | ||||||
| * | Wrong Client is also a FatalClientError (#608) | Jonathan Huot | 2018-11-01 | 1 | -1/+1 | |
| | | | | | | FatalClientError is it SHOULD NOT be redirected to client (redirect_uri), but MUST be redirected to USERS (error_uri). | |||||
* | | Initial OAuth Authorization Server Metadata RFC8414 | Jonathan Huot | 2018-10-25 | 2 | -0/+192 | |
|/ | ||||||
* | Merge branch 'master' into fix-585_client_id | Jonathan Huot | 2018-09-21 | 1 | -1/+3 | |
|\ | ||||||
| * | fixup! `invalid_grant` status code should be 400 | Free Duerinckx | 2018-09-20 | 1 | -0/+2 | |
| | | ||||||
| * | Merge branch 'master' into invalid-grant-should-respond-with-400 | Omer Katz | 2018-09-20 | 11 | -126/+323 | |
| |\ | ||||||
| * \ | Merge branch 'master' into invalid-grant-should-respond-with-400 | Jonathan Huot | 2018-08-13 | 2 | -0/+6 | |
| |\ \ | ||||||
| * | | | `invalid_grant` status code should be 400 | Free Duerinckx | 2018-07-04 | 1 | -1/+1 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | According to section 5.2 of rfc 6749 (https://tools.ietf.org/html/rfc6749#section-5.2) A server should respond with 400 in case of an invalid grant. The given grant is invalid and the client should give other data. A 401 is not applicable here because the client is required to give a suitable Authorization header field which doesn't make any sense if you are trying to acquire a grant authentication. According to sections 10.4.1 and 10.4.2 of rfc 2616 (https://tools.ietf.org/html/rfc2616#section-10.4.1) | |||||
* | | | | * changed "function definition" to "function signature" in two docstrings | jonathan vanasco | 2018-09-20 | 2 | -14/+21 | |
| | | | | | | | | | | | | | | | | | | | | * fixed some formatting issues in `prepare_token_request` docstring * slightly altered `prepare_token_request` in handling nontruthy values for `client_secret`. | |||||
* | | | | Merge branch 'fix-585_client_id' of github.com:jvanasco/oauthlib into ↵ | jonathan vanasco | 2018-09-17 | 1 | -0/+12 | |
|\ \ \ \ | | | | | | | | | | | | | | | | fix-585_client_id | |||||
| * \ \ \ | Merge branch 'master' into fix-585_client_id | Jonathan Huot | 2018-09-17 | 1 | -0/+12 | |
| |\ \ \ \ | | | |_|/ | | |/| | | ||||||
| | * | | | Merge branch 'master' into 431-customexception | Jonathan Huot | 2018-09-15 | 11 | -108/+300 | |
| | |\ \ \ | ||||||
| | * | | | | Fixed py27/pypy support | Jonathan Huot | 2018-09-10 | 1 | -1/+1 | |
| | | | | | | ||||||
| | * | | | | Add support of custom errors coming from providers | Jonathan Huot | 2018-09-10 | 1 | -0/+12 | |
| | | | | | | | | | | | | | | | | | | | | | | | | Fix #431. The inherent function "raise_from_error" is called when "error=" is found in the payload. So it MUST raise something, and until now, only RFC errors were raised. | |||||
* | | | | | | migrated `include_client_id` to `prepare_request_token` | jonathan vanasco | 2018-09-17 | 5 | -11/+70 | |
|/ / / / / | ||||||
* | | | | | * added support for empty strings of `client_secret` | jonathan vanasco | 2018-09-17 | 2 | -0/+12 | |
| | | | | | | | | | | | | | | | | | | | | * added LegacyApplicationClient tests to ensure the grant supports a variety of allowed methods | |||||
* | | | | | standardized some test values | jonathan vanasco | 2018-09-14 | 1 | -1/+1 | |
| | | | | | | | | | | | | | | | | | | | | integrated against requests_oauthlib idea | |||||
* | | | | | * addresing ticket #585 | jonathan vanasco | 2018-09-13 | 6 | -15/+42 | |
| |/ / / |/| | | | | | | | | | | | | | | | | | | | * `prepare_request_body` client_id is deprecated in favor of include_client_id * a new unit test `test_prepare_request_body` is added to ensure conformity of several use cases * the docstrings for the `body` param have been consolidated and standardized across multiple functions linked to `prepare_request_body` for clarity | |||||
* | | | | fixed spacing | jonathan vanasco | 2018-09-11 | 1 | -1/+1 | |
| | | | | ||||||
* | | | | cleanup on docs fixes | jonathan vanasco | 2018-09-11 | 11 | -44/+53 | |
| | | | | ||||||
* | | | | redid the docstring fixes | jonathan vanasco | 2018-09-10 | 9 | -82/+265 | |
|/ / / | ||||||
* | | | Merge branch 'master' into master | Jonathan Huot | 2018-09-07 | 2 | -13/+11 | |
|\ \ \ | ||||||
| * | | | Make scope optional for authorization code grant. | Theron Luhn | 2018-09-02 | 1 | -12/+0 | |
| | | | | ||||||
| * | | | Merge branch 'master' into 445_confirm_redirect445_confirm_redirect | Jonathan Huot | 2018-08-20 | 1 | -1/+0 | |
| |\ \ \ | ||||||
| | * | | | client_id is not passed to save_bearer_token234-fixdoc | Jonathan Huot | 2018-08-16 | 1 | -1/+0 | |
| | | |/ | | |/| | ||||||
| * | | | Merge branch 'master' into 445_confirm_redirect | Jonathan Huot | 2018-08-15 | 2 | -0/+6 | |
| |\ \ \ | | |/ / | ||||||
| * | | | Call get_default_redirect_uri if no redirect_uri in token req | Jonathan Huot | 2018-07-30 | 1 | -0/+11 | |
| | |/ | |/| | ||||||
* | | | Merge branch 'master' into master | Jonathan Huot | 2018-08-12 | 2 | -0/+6 | |
|\ \ \ | | |/ | |/| |