| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
| |
Replace the use of external 'mock' package with built-in Python
unittest.mock (present since py3.3). This also fixes all test failures
for me.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
RevocationEndpoint
- Add validation checks for HTTP method in TokenEndpoint, IntrospectEndpoint and RevocationEndpoint.
- CHANGE DEFAULT HTTP method for TokenEndpoint from 'GET' to 'POST'.
- Add tests + Fix an old test in . It used to send query params to TokenEndpoint which is not allowed anymore. Fixed it so payload is sent as POST body.
|
| |
|
| |
|
|
|
|
| |
Does not have purpose for /token request
|
| |
|
|
|
|
|
|
| |
Fix OIDC /token flow where &state=None was always returned, and fix OAuth2.0 /token flow where &state=foobar was returned if &state=foobar was present in the token request.
Remove "save_token" from create_token() signature cuz it was not used internally. Deprecated the option to let upstream libraries have a chance to remove it, if ever used.
|
|
|
| |
Test Introspect, Revoke, Token (web, legacy, backend) endpoints with authenticate_client and HTTP Basic Auth.
|
| |
|
|\ |
|
| | |
|
| | |
|
| |
| |
| |
| | |
It misses the possibility to add scope= and realm= at the moment, but it should be a step forward into the right direction.
|
| |
| |
| |
| | |
access_denied/unauthorized_client/consent_required/login_required MUST be 400, and not 401. Also, 401 MUST have WWW-Authenticate when set. It could have an impact of processing those in webframeworks.
|
| | |
|
| |
| |
| |
| | |
Fix grant_types_supported which must include "implicit" even if it is not a grant_type in oauthlib sense. Removed internal "none" field value from the list of response_types.
|
|/ |
|
|
|
|
| |
See https://github.com/oauthlib/oauthlib/pull/605#discussion_r234438151
|
| |
|
| |
|
|\ |
|
| |
| |
| |
| | |
Authorization Code was missing this check, whereas Implicit was checking it.
|
| | |
|
| | |
|
| | |
|
|/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add command to clean up builds to makefile
* Fix docs strings for endpoints pre_configured
* Chnage grant_types.openid_connect to include a deprecation warning be a backward compatible
* Fix doc string for rfc6749.request_validator
* Remove unused import
* Change import to be explicity
* Move JWTTokenTestCase to openid.connect.core.test_token
* Move JWTToken to oauthlib.openid.connect.core.tokens
* Move to openid connect test
* Move openid connect exceptions to its own file
* Remove openid connect from oauth2 server
* Remove JWTToken from oauth tokens
* Remove grant_types.openid_connect file
* Add oauthlib/openid estructure and tests
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Change create_token_response to only save access_token when it's present in request.response_type
* Remove unused import, fix indentation and improve comment
* Fix AuthorizationEndpoint response_type for OpenID Connect hybrid flow
* Add new ImplicitTokenGrantDispatcher
Changes AuthorizationEndpoint response_type `'token'`, `'id_token'` and
`'id_token token'` to work with OpenID Connect and OAuth2 implicit flow
in a transparent way
* Add new AuthTokenGrantDispatcher
Change AuthorizationEndpoint grant_types `'authorization_code'` to work with
OpenID Connect and OAuth2 authorization flow in a transparent way
* Change tests to include required client_id and redirect_uri
* Remove AuthorizationEndpoint grant_types `'openid'`
Now OpenID Connect and OAuth2 authorization flow can use `authorization_code`
in a transparent way
* Add sone blank lines and fix indentation
* Change AuthorizationEndpoint grant type id_token and id_token token to use openid_connect_implicit direct
* Change default empty value to None and fix a typo
* Add assert called to AuthTokenGrantDispatcher tests
* Add request to get_authorization_code_scopes
|
| |
|
| |
|
| |
|
| |
|
|\
| |
| | |
Public clients should be validated when revoking tokens
|
| | |
|
| | |
|
|/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use the scope_to_list() util to initalize the request.scopes list from
the request.scope request parameter in two place where it was instead
being set to None.
- AuthorizationEndpoint.validate_authorization_request()
- TokenEndpoint.create_token_response()
In both cases the Request should be properly populated before it is
passed to the client's validator.
In the case of the TokenEndpoint - there are OAuth2 workflows that
allow an optional scope parameter so we should have been doing this
for them anyway.
Since scope_to_list() may return None, also update the openid_connect
code to behave properly when this is the case.
Fixes #436
|
|
|
|
| |
haste-y inclusion in the Resource endpoint. It is an optional parameter to the Authorization Code endpoint and so needs to be stored with both the generated authorization code grant and any subsequent access token issued to that authorization code.
|
| |
|
|
|
|
| |
endpoint "revocation"
|
| |
|
| |
|
|\
| |
| | |
Revocation endpoint should return empty string, not Python 'None'
|
| | |
|
| | |
|