Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Merge branch 'master' into oidc-reqval-duplicateoidc-reqval-duplicate | Jonathan Huot | 2019-03-04 | 1 | -1/+1 |
|\ | |||||
| * | Combine multiple isinstance() calls to one | Jon Dufresne | 2019-03-02 | 1 | -1/+1 |
| | | |||||
* | | Removed duplicated OIDC members in OAuth2.RequestValidator | Jonathan Huot | 2019-02-28 | 2 | -182/+1 |
|/ | |||||
* | Merge branch 'master' into oidc-nonceoidc-nonce | Jonathan Huot | 2019-02-27 | 1 | -1/+1 |
|\ | |||||
| * | Change to 3.0.2-dev as long as master is in "dev" | Jonathan Huot | 2019-02-25 | 1 | -1/+1 |
| | | |||||
* | | OIDC: Raise error=invalid_request when nonce is mandatory | Jonathan Huot | 2019-02-25 | 3 | -25/+46 |
|/ | | | | Until now, only OIDC implicit was raising an error, but OIDC hybrid contain a couple of mandatory nonce, too. | ||||
* | Merge branch 'master' into fix-uri-normalization | Jonathan Huot | 2019-02-25 | 1 | -7/+1 |
|\ | |||||
| * | Remove usage of "state" for code/token response. | Jonathan Huot | 2019-02-22 | 1 | -7/+1 |
| | | |||||
* | | Renamed construct_base_string to signature_base_string. | Hoylen Sue | 2019-02-22 | 2 | -10/+15 |
| | | |||||
* | | Renamed normalize_base_string_uri to base_string_uri. | Hoylen Sue | 2019-02-21 | 1 | -2/+1 |
| | | |||||
* | | Merge branch 'master' into fix-uri-normalization | Jonathan Huot | 2019-02-21 | 9 | -19/+27 |
|\ \ | |/ | |||||
| * | Add clarity to the deprecation warning | Jonathan Huot | 2019-02-21 | 1 | -2/+2 |
| | | |||||
| * | Fix 652: removed "state" from /token response. | Jonathan Huot | 2019-02-20 | 9 | -19/+27 |
| | | | | | | | | | | | | Fix OIDC /token flow where &state=None was always returned, and fix OAuth2.0 /token flow where &state=foobar was returned if &state=foobar was present in the token request. Remove "save_token" from create_token() signature cuz it was not used internally. Deprecated the option to let upstream libraries have a chance to remove it, if ever used. | ||||
* | | Fixed space encoding in base string URI used in the signature base string. | Hoylen Sue | 2019-02-19 | 1 | -7/+31 |
|/ | |||||
* | pep8 and docs | Duane King | 2019-01-24 | 1 | -13/+22 |
| | |||||
* | Bump to 3.0.1v3.0.1 | Jonathan Huot | 2019-01-24 | 1 | -1/+1 |
| | |||||
* | Fix 644, Add tests for BasicAuth credentials for all endpoints (#645) | Jonathan Huot | 2019-01-11 | 2 | -8/+8 |
| | | | Test Introspect, Revoke, Token (web, legacy, backend) endpoints with authenticate_client and HTTP Basic Auth. | ||||
* | Bump to 2019 | Jonathan Huot | 2018-12-28 | 1 | -1/+1 |
| | |||||
* | Update Changelog to 3.0.0 | Jonathan Huot | 2018-12-28 | 1 | -1/+1 |
| | |||||
* | Merge branch 'master' into dry-up-codedry-up-code | Jonathan Huot | 2018-12-20 | 1 | -9/+33 |
|\ | |||||
| * | Merge branch 'master' into add-metadata-doc | Jonathan Huot | 2018-12-16 | 7 | -18/+276 |
| |\ | |||||
| * | | Add OAuth2.0 Authorization Server Metadata documentation | Jonathan Huot | 2018-12-13 | 1 | -9/+33 |
| | | | |||||
* | | | Fix typo. | Omer Katz | 2018-12-17 | 3 | -3/+3 |
| | | | |||||
* | | | Merge branch 'master' into dry-up-code | Omer Katz | 2018-12-17 | 12 | -31/+318 |
|\ \ \ | | |/ | |/| | |||||
| * | | Fixed OAuth2 Metadata when using PKCE and OIDC.Server601-pkce-support | Jonathan Huot | 2018-12-14 | 1 | -1/+6 |
| | | | |||||
| * | | Fix issue when using Metadata Endpoint with OIDC PreConfigured server. | Jonathan Huot | 2018-12-14 | 1 | -2/+4 |
| | | | |||||
| * | | Merge remote-tracking branch 'upstream/master' into 601-pkce-support | Jonathan Huot | 2018-12-14 | 1 | -1/+3 |
| |\ \ | |||||
| | * | | Update comments regarding OAuth Request Body Hash. (#628) | Omer Katz | 2018-12-13 | 1 | -1/+3 |
| | |/ | |||||
| * | | Fixed typo | Jonathan Huot | 2018-12-13 | 1 | -1/+1 |
| | | | |||||
| * | | Merge branch 'master' into 601-pkce-support | Jonathan Huot | 2018-12-13 | 12 | -19/+57 |
| |\ \ | | |/ | |||||
| | * | Merge branch 'master' into 264-status401 | Jonathan Huot | 2018-12-13 | 5 | -6/+15 |
| | |\ | |||||
| | * | | Add Content-Type and Cache headers to introspect/revocation errors | Jonathan Huot | 2018-12-13 | 2 | -7/+14 |
| | | | | |||||
| | * | | Add double-quotes to the key/values in WWW-Authenticate264-status401 | Jonathan Huot | 2018-12-12 | 1 | -3/+3 |
| | | | | |||||
| | * | | Used WWW-Authenticate and auth-param values as RFC6750 described it. | Jonathan Huot | 2018-12-12 | 7 | -14/+27 |
| | | | | | | | | | | | | | | | | It misses the possibility to add scope= and realm= at the moment, but it should be a step forward into the right direction. | ||||
| | * | | Handle 401 with WWW-Authenticate. Moved wrong 401 into 400. | Jonathan Huot | 2018-12-04 | 7 | -6/+15 |
| | | | | | | | | | | | | | | | | access_denied/unauthorized_client/consent_required/login_required MUST be 400, and not 401. Also, 401 MUST have WWW-Authenticate when set. It could have an impact of processing those in webframeworks. | ||||
| * | | | Add details on grant_type & implicit special case. | Jonathan Huot | 2018-12-13 | 1 | -0/+12 |
| | | | | |||||
| * | | | Replace temporary list by using clearer "extend" method | Jonathan Huot | 2018-12-13 | 1 | -1/+1 |
| | | | | |||||
| * | | | Merge pull request #624 from oauthlib/preconf-server-metadata | Jonathan Huot | 2018-12-11 | 1 | -3/+9 |
| |\ \ \ | | | | | | | | | | | Preconf server metadata | ||||
| | * | | | Add Server metadata test and fix metadata. | Jonathan Huot | 2018-11-30 | 1 | -3/+9 |
| | | | | | | | | | | | | | | | | | | | | Fix grant_types_supported which must include "implicit" even if it is not a grant_type in oauthlib sense. Removed internal "none" field value from the list of response_types. | ||||
| * | | | | Merge branch 'master' into 601-pkce-support | Jonathan Huot | 2018-12-11 | 1 | -1/+3 |
| |\ \ \ \ | | |/ / / | |/| / / | | |/ / | |||||
| * | | | Add OAuth2 Provider Server Metadata for PKCE. | Jonathan Huot | 2018-11-30 | 1 | -0/+2 |
| | | | | |||||
| * | | | Initial OAuth2.0/PKCE Provider support | Jonathan Huot | 2018-11-29 | 4 | -12/+241 |
| | | | | |||||
* | | | | Extract raising on unsupported token. | Omer Katz | 2018-12-17 | 3 | -11/+10 |
| | | | | |||||
* | | | | Extract raising error on client auth failure. | Omer Katz | 2018-12-17 | 3 | -21/+15 |
| | | | | |||||
* | | | | Raise error on missing token. | Omer Katz | 2018-12-17 | 3 | -9/+11 |
| | | | | |||||
* | | | | Extract redirect handling to a common method. | Omer Katz | 2018-12-17 | 3 | -70/+59 |
| | | | | |||||
* | | | | Extract default grant headers to helper method. | Omer Katz | 2018-12-17 | 5 | -21/+13 |
| |_|/ |/| | | |||||
* | | | change: response_type as attribute | mlboy | 2018-12-12 | 1 | -1/+3 |
| | | | |||||
* | | | change: grant_type as attribute | mlboy | 2018-12-12 | 1 | -1/+2 |
| | | | | | | | | | use refresh_token_key as attribute | ||||
* | | | change: grant_type as attribute | mlboy | 2018-12-12 | 1 | -1/+3 |
| | | |