| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
| |
type (#838)
* Modify pre-configured OIDC server to use OIDC Refresh Token grant type
* Add test coverage for OIDC refresh token grant type
* Use longer variable names
|
|
|
|
| |
The idea is to allow values like `0` to be used a state.
The current implementation only checks for truthiness.
|
|
|
|
|
|
|
| |
* Upgrade GitHub Actions
* Fix typo discovered by codespell
* Update lint_python.yml
|
|\
| |
| | |
Prepare 3.2.1 release
|
| | |
|
|\ \
| | |
| | | |
Improve test coverage of IPv6 parsing
|
| |/ |
|
|\ \
| |/
|/| |
OAuth1: Allow IPv6 addresses being parsed by signature
|
| | |
|
| |\ |
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
This PR addresses issue with incorrectly parsing IPv6 address,
described here: https://github.com/oauthlib/oauthlib/issues/817
|
| | | |
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There are small typos in:
- docs/oauth1/security.rst
- docs/oauth2/grants/custom_grant.rst
- oauthlib/oauth2/rfc6749/clients/backend_application.py
- oauthlib/oauth2/rfc6749/clients/base.py
- oauthlib/oauth2/rfc6749/clients/legacy_application.py
- oauthlib/oauth2/rfc6749/clients/service_application.py
- oauthlib/oauth2/rfc6749/clients/web_application.py
- oauthlib/oauth2/rfc6749/endpoints/revocation.py
- oauthlib/oauth2/rfc6749/parameters.py
- oauthlib/openid/connect/core/grant_types/dispatchers.py
Fixes:
- Should read `parameters` rather than `paramters`.
- Should read `instantiate` rather than `instanciate`.
- Should read `successfully` rather than `sucessfully`.
- Should read `present` rather than `pressent`.
- Should read `parameter` rather than `paramater`.
- Should read `efficient` rather than `effecient`.
|
|/
|
|
|
| |
tox runs isort, whicn pointed multiple errors.
Fixed them in this PR
|
|
|
|
|
| |
* Allow non-HTTPS issuer when OAUTHLIB_INSECURE_TRANSPORT.
* Add unit test for validating issuer.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix list of current features for 3.2.0
* Renamed travis-ci.org icon URLs
* Force fixing the warnings in the docs generation
* Removed unused folder reference
* Added orphean documents into summary.
* Fix docstring formatting example in contributing page.
* Removed unused argument from documentation
* Fix sphinx warning resulting in loss of formatting in RTD.
* Force setuptools until https://github.com/pypa/setuptools/issues/3118 is fixed
* Prevent linux redirection in travis instructions
* Add graphviz/dot command to generate docs frmo Travis
|
| |
|
| |
|
| |
|
| |
|
|\
| |
| | |
Prepare 3.2.0 release
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* rfc8628: Add client implementation for token retrieval
This change adds an implementation of the Device Authorization flow
client from RFC8628. The initial structure is derived from the
existing BackendApplicationClient with the addition of the device_code
in the client.
This change does not provide the support necessary for querying the
device code endpoint in order to generate the initial device_code and
URL that is required for completing the full end to end device
authorization process.
* Add device token fetch URI generator
In order to perform the full device authorization flow it's necessary
to first generate the device code and get the authorization flow URL.
prepare_request_uri() allows us to do this while providing scopes and
additional parameters.
* Remove encoding lines
These lines are not required for python3
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Added pkce on client side for authorization grant flow. Test cases added
* added new args before kwargs
* updating docstrings with clarification on PKCE params
* adding additional clarification on PKCE parameters
* adding initial function to create code_verifier and tests
* using re.compile for code_verifier allowed characters
* adding initial function to create code_challenge with tests
* replacing appropriate chars for base64 URL
Co-authored-by: Aman Singh Solanki <amans330@gmail.com>
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
* verify that expires_at is an int before casting it as such.
* casting expires_at as int within try catch with test.
Co-authored-by: Scott Gifford <sgifford@activecampaign.com>
|
| | |
|
| | |
|
| | |
|
|/
|
|
|
| |
The RefreshTokenGrant modifiers now take the same arguments as the
AuthorizationCodeGrant modifiers
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Use better regex for IPv6 to allow a lot more valid IPv6 addresses
* Adding some unit tests for is_absolute_uri in uri_validate
* Make unit tests Python 3.6 compatible
* Remove redundant import after unit test simplification for py36
* update Changelog
* Remove redundant coding line
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Like with the implicit grant, we need to override add_id_token to pass
the nonce from the current request to GrantBase.add_id_token in order
for the ID token to have the correct nonce.
Add test that the nonce is in ID token from hybrid OIDC flow.
Fixes: #746
|
|
|
|
|
| |
Fix of a couple of typing mistakes in pydoc text:
- Usage of " to surround "application/x-form-urlencoded" instead of `` (as in the rest of the documentation)
- "presence" written with "c"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Adding support for RSA-SHA256.
* Added support for HMAC-SHA512, RSA-SHA256 and RSA-SHA512 signature methods.
* Made version dependencies consistent.
* Updated OAuth1 signature tests.
* Fixed parsing of netloc/host. Deprecated old functions.
* Refactored and expanded tests to include signature validate.
* Update docs for HMAC-SHA512, RSA-SHA256 and RSA-SHA512 signature methods.
* Updated code comments in oauth1 signatures module.
* Updated changelog.
* Update docs/feature_matrix.rst
Co-Authored-By: Omer Katz <omer.drow@gmail.com>
* Used parenthesis instead of backslash to break lines.
* Fixed typo
Co-authored-by: Omer Katz <omer.drow@gmail.com>
Co-authored-by: Omer Katz <omer.drow@gmail.com>
|
|
|
|
|
|
|
|
|
| |
* Update setup.py
* remove un needed python 2 codes
* remove un needed python 2 codes
* remove un needed python 2 codes
|
|\ |
|
| |\ |
|
| | |\ |
|
| | | |
| | | |
| | | |
| | | | |
consistently relies on the `scope` provided in the constructor if any, except if overridden temporarily in a method call. Note that in particular providing a non-None `scope` in `prepare_authorization_request` or `prepare_refresh_token` **does not override anymore self.scope forever**, it is just used remporarily. Fixes #730
|