summaryrefslogtreecommitdiff
path: root/oauthlib
Commit message (Collapse)AuthorAgeFilesLines
* Add 3.2.2 versionHEADmasterJonathan Huot2023-01-101-1/+1
|
* Update pre-configured OIDC server to use OIDC flavor of Refresh Token grant ↵Burke Livingston2022-10-061-2/+4
| | | | | | | | | type (#838) * Modify pre-configured OIDC server to use OIDC Refresh Token grant type * Add test coverage for OIDC refresh token grant type * Use longer variable names
* OAuth2Error: Allow falsy values as stateTiphaine LAURENT2022-10-061-1/+1
| | | | The idea is to allow values like `0` to be used a state. The current implementation only checks for truthiness.
* Upgrade GitHub Actions and make bandit, codespell, and pytest mandatory (#835)Christian Clauss2022-10-061-1/+1
| | | | | | | * Upgrade GitHub Actions * Fix typo discovered by codespell * Update lint_python.yml
* Merge pull request #832 from oauthlib/3.2.1Jonathan Huot2022-09-091-1/+1
|\ | | | | Prepare 3.2.1 release
| * Prepare 3.2.1 releaseJonathan Huot2022-09-061-1/+1
| |
* | Merge pull request from GHSA-3pgj-pg6c-r5p7Jonathan Huot2022-09-091-1/+1
|\ \ | | | | | | Improve test coverage of IPv6 parsing
| * | Fix IPV6 regex used to check redirect_uriJonathan Huot2022-09-061-1/+1
| |/
* | Merge pull request #818 from dasm/masterJonathan Huot2022-09-061-28/+38
|\ \ | |/ |/| OAuth1: Allow IPv6 addresses being parsed by signature
| * Restored test for port 0.Dariusz Smigiel2022-06-271-1/+1
| |
| * Merge branch 'oauthlib:master' into masterDariusz2022-06-218-40/+31
| |\
| * | Removed unused query and fragmentDariusz Smigiel2022-06-151-2/+0
| | |
| * | Removed dependency on splitDariusz Smigiel2022-06-151-28/+40
| | |
| * | OAuth1: Allow IPv6 addresses being parsed by signatureDariusz Smigiel2022-05-191-1/+1
| | | | | | | | | | | | | | | This PR addresses issue with incorrectly parsing IPv6 address, described here: https://github.com/oauthlib/oauthlib/issues/817
* | | docs: fix typosKian-Meng Ang2022-07-069-12/+12
| | |
* | | docs: Fix a few typosTim Gates2022-07-038-9/+9
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are small typos in: - docs/oauth1/security.rst - docs/oauth2/grants/custom_grant.rst - oauthlib/oauth2/rfc6749/clients/backend_application.py - oauthlib/oauth2/rfc6749/clients/base.py - oauthlib/oauth2/rfc6749/clients/legacy_application.py - oauthlib/oauth2/rfc6749/clients/service_application.py - oauthlib/oauth2/rfc6749/clients/web_application.py - oauthlib/oauth2/rfc6749/endpoints/revocation.py - oauthlib/oauth2/rfc6749/parameters.py - oauthlib/openid/connect/core/grant_types/dispatchers.py Fixes: - Should read `parameters` rather than `paramters`. - Should read `instantiate` rather than `instanciate`. - Should read `successfully` rather than `sucessfully`. - Should read `present` rather than `pressent`. - Should read `parameter` rather than `paramater`. - Should read `efficient` rather than `effecient`.
* | Fixed isort importsDariusz Smigiel2022-06-168-40/+31
|/ | | | | tox runs isort, whicn pointed multiple errors. Fixed them in this PR
* Allow non-HTTPS issuer when OAUTHLIB_INSECURE_TRANSPORT. (#803)Theron Luhn2022-03-061-2/+2
| | | | | * Allow non-HTTPS issuer when OAUTHLIB_INSECURE_TRANSPORT. * Add unit test for validating issuer.
* Docs: fix Sphinx warnings for better ReadTheDocs generation (#807)Jonathan Huot2022-02-246-107/+92
| | | | | | | | | | | | | | | | | | | | | | | * Fix list of current features for 3.2.0 * Renamed travis-ci.org icon URLs * Force fixing the warnings in the docs generation * Removed unused folder reference * Added orphean documents into summary. * Fix docstring formatting example in contributing page. * Removed unused argument from documentation * Fix sphinx warning resulting in loss of formatting in RTD. * Force setuptools until https://github.com/pypa/setuptools/issues/3118 is fixed * Prevent linux redirection in travis instructions * Add graphviz/dot command to generate docs frmo Travis
* Add CORS support for Refresh Token Grant.Theron Luhn2022-02-154-18/+20
|
* add missing slots to TokenBaseArie Bovenberg2022-02-131-0/+1
|
* Fixed the versionJonathan Huot2022-01-291-1/+1
|
* Fixed code documentationJonathan Huot2022-01-291-1/+1
|
* Merge pull request #766 from oauthlib/3.2.0-devJonathan Huot2022-01-291-1/+1
|\ | | | | Prepare 3.2.0 release
| * Prepare 3.2.0 releaseJonathan Huot2021-06-031-1/+1
| |
* | Add support for device authorization flow (RFC8628) (#795)Mike Kelly2022-01-184-0/+113
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * rfc8628: Add client implementation for token retrieval This change adds an implementation of the Device Authorization flow client from RFC8628. The initial structure is derived from the existing BackendApplicationClient with the addition of the device_code in the client. This change does not provide the support necessary for querying the device code endpoint in order to generate the initial device_code and URL that is required for completing the full end to end device authorization process. * Add device token fetch URI generator In order to perform the full device authorization flow it's necessary to first generate the device code and get the authorization flow URL. prepare_request_uri() allows us to do this while providing scopes and additional parameters. * Remove encoding lines These lines are not required for python3
* | PKCE (#786)Jon Velando2021-12-133-6/+143
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added pkce on client side for authorization grant flow. Test cases added * added new args before kwargs * updating docstrings with clarification on PKCE params * adding additional clarification on PKCE parameters * adding initial function to create code_verifier and tests * using re.compile for code_verifier allowed characters * adding initial function to create code_challenge with tests * replacing appropriate chars for base64 URL Co-authored-by: Aman Singh Solanki <amans330@gmail.com>
* | Add `Access-Control-Allow-Origin` header to metadata endpoint.Theron Luhn2021-12-131-1/+2
| |
* | Add support for CORS in the token endpoint.Theron Luhn2021-12-132-0/+44
| |
* | rm comma after Bearer in WWW-Authenticate headerkamenev2021-11-141-5/+2
| |
* | Bug expires at (#783)Scott Gifford2021-10-221-1/+4
| | | | | | | | | | | | | | * verify that expires_at is an int before casting it as such. * casting expires_at as int within try catch with test. Co-authored-by: Scott Gifford <sgifford@activecampaign.com>
* | fix #755: ensure save_token is called for hybrid code flowKarim Kanso2021-08-181-0/+2
| |
* | Move refresh_id_token to validator functionNikos Sklikas2021-06-032-4/+14
| |
* | Add support for refreshing ID TokensNikos Sklikas2021-06-032-0/+37
| |
* | Fix RefreshTokenGrant modifiersNikos Sklikas2021-06-031-1/+1
|/ | | | | The RefreshTokenGrant modifiers now take the same arguments as the AuthorizationCodeGrant modifiers
* 3.1.1 releaseJonathan Huot2021-05-311-1/+1
|
* per @JonathanHuot use existing get_token_from_header()Alan Crosswell2021-05-291-13/+5
|
* handle another case of assuming the token starts after 'Bearer 'Alan Crosswell2021-05-291-5/+6
|
* Fix Authorization header that is not a Bearer to not return a tokenAlan Crosswell2021-05-291-1/+3
|
* Remove typoBella Woo2021-05-261-1/+0
|
* Use better regex for IPv6 to allow a lot more valid IPv6 addresses (#753)Paul Dekkers2021-05-101-26/+2
| | | | | | | | | | | | | * Use better regex for IPv6 to allow a lot more valid IPv6 addresses * Adding some unit tests for is_absolute_uri in uri_validate * Make unit tests Python 3.6 compatible * Remove redundant import after unit test simplification for py36 * update Changelog * Remove redundant coding line
* Properly handle prompt=noneNikos Sklikas2021-05-013-41/+1
|
* Use request.nonce when generating hybrid id tokenTom Evans2021-02-121-0/+3
| | | | | | | | | | Like with the implicit grant, we need to override add_id_token to pass the nonce from the current request to GrantBase.add_id_token in order for the ID token to have the correct nonce. Add test that the nonce is in ID token from hybrid OIDC flow. Fixes: #746
* Update pydoc in parameters.pyX6VmZSxczGzm9Ak5uy-rrodriguez2020-07-291-2/+2
| | | | | Fix of a couple of typing mistakes in pydoc text: - Usage of " to surround "application/x-form-urlencoded" instead of `` (as in the rest of the documentation) - "presence" written with "c"
* OAuth 1.0a signature methods: RSA-SHA256, RSA-SHA512 and HMAC-SHA512 (#723)Hoylen Sue2020-06-035-421/+605
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Adding support for RSA-SHA256. * Added support for HMAC-SHA512, RSA-SHA256 and RSA-SHA512 signature methods. * Made version dependencies consistent. * Updated OAuth1 signature tests. * Fixed parsing of netloc/host. Deprecated old functions. * Refactored and expanded tests to include signature validate. * Update docs for HMAC-SHA512, RSA-SHA256 and RSA-SHA512 signature methods. * Updated code comments in oauth1 signatures module. * Updated changelog. * Update docs/feature_matrix.rst Co-Authored-By: Omer Katz <omer.drow@gmail.com> * Used parenthesis instead of backslash to break lines. * Fixed typo Co-authored-by: Omer Katz <omer.drow@gmail.com> Co-authored-by: Omer Katz <omer.drow@gmail.com>
* Remove Python 2 codes (#734)Asif Saif Uddin2020-05-1240-40/+0
| | | | | | | | | * Update setup.py * remove un needed python 2 codes * remove un needed python 2 codes * remove un needed python 2 codes
* Merge branch 'master' into isort-integrationJonathan Huot2020-04-225-8/+23
|\
| * Merge branch 'master' into fix_issue_728Jonathan Huot2020-04-222-8/+19
| |\
| | * Merge branch 'master' into masterJonathan Huot2020-04-221-8/+18
| | |\
| | | * Base OAuth2 Client now has a consistent way of managing the `scope`: it ↵Sylvain MARIE2020-04-191-8/+18
| | | | | | | | | | | | | | | | consistently relies on the `scope` provided in the constructor if any, except if overridden temporarily in a method call. Note that in particular providing a non-None `scope` in `prepare_authorization_request` or `prepare_refresh_token` **does not override anymore self.scope forever**, it is just used remporarily. Fixes #730
View Lorry Controller Status