summaryrefslogtreecommitdiff
path: root/tests
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'master' into 613-oidc-dispatcher613-oidc-dispatcherJonathan Huot2018-11-231-0/+38
|\
| * Allow custom provider to override oauthlib valuesoauth-metadataJonathan Huot2018-11-211-0/+10
| | | | | | | | See https://github.com/oauthlib/oauthlib/pull/605#discussion_r234438151
| * Initial OAuth Authorization Server Metadata RFC8414Jonathan Huot2018-10-251-0/+28
| |
* | Fix unit tests for new Dispatch attributes namesJonathan Huot2018-11-201-8/+8
|/
* Merge branch 'master' into fix-585_client_idJonathan Huot2018-09-2113-40/+24
|\
| * Fix OIDC tests (#565)Pieter Ennes2018-09-2112-39/+23
| | | | | | | | | | | | | | | | | | | | | | | | * Unmute ignored OIDC tests. * Fix more import errors. * Remove recently invalidated test for id_token_hint. * Fix tested grants. * Fix import on py27.
| * Merge branch 'master' into invalid-grant-should-respond-with-400Omer Katz2018-09-209-42/+68
| |\
| * \ Merge branch 'master' into invalid-grant-should-respond-with-400Jonathan Huot2018-08-133-2/+18
| |\ \
| * \ \ Merge branch 'master' into invalid-grant-should-respond-with-400Jonathan Huot2018-08-121-0/+2
| |\ \ \
| * | | | `invalid_grant` status code should be 400Free Duerinckx2018-07-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | According to section 5.2 of rfc 6749 (https://tools.ietf.org/html/rfc6749#section-5.2) A server should respond with 400 in case of an invalid grant. The given grant is invalid and the client should give other data. A 401 is not applicable here because the client is required to give a suitable Authorization header field which doesn't make any sense if you are trying to acquire a grant authentication. According to sections 10.4.1 and 10.4.2 of rfc 2616 (https://tools.ietf.org/html/rfc2616#section-10.4.1)
* | | | | * changed "function definition" to "function signature" in two docstringsjonathan vanasco2018-09-201-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | * fixed some formatting issues in `prepare_token_request` docstring * slightly altered `prepare_token_request` in handling nontruthy values for `client_secret`.
* | | | | Merge branch 'fix-585_client_id' of github.com:jvanasco/oauthlib into ↵jonathan vanasco2018-09-175-41/+23
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | fix-585_client_id
| * \ \ \ \ Merge branch 'master' into fix-585_client_idJonathan Huot2018-09-175-41/+23
| |\ \ \ \ \ | | | |_|_|/ | | |/| | |
| | * | | | Merge branch 'master' into 431-customexceptionJonathan Huot2018-09-154-41/+19
| | |\ \ \ \
| | | * | | | Correct recent merge (#596)Jon Dufresne2018-09-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Merge c8a7cb199a8d448c2934100a5bb06598be402939 mistakenly reverted a line from aef9a3e944f41c3afaaf22ba20f86a267a7d3bb3.
| | | * | | | Merge branch 'master' into bytesJonathan Huot2018-09-141-7/+7
| | | |\ \ \ \
| | | | * | | | Prefer assertIsInstance(...) over assertTrue(isinstance(...))Jon Dufresne2018-09-142-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It is a more explicit assert with a more information message in case of failure. For a full list of available assert methods, see: https://docs.python.org/3/library/unittest.html#assert-methods
| | | * | | | | Remove unnecessary workaround for bytes typeJon Dufresne2018-09-142-15/+10
| | | |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The type 'bytes' is available on all supported Pythons. Likewise the byte literal b'...' is available on all supported Pythons. Use idiomatic Python and remove workaround for an issue that no longer exists. Makes the code more forward compatible with Python 3.
| | | * | | | Remove workarounds for unsupported Python 2.6Jon Dufresne2018-09-111-19/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Python 2.6 support was removed in 91152df142bdde134d84ed27963cda8e6b878416. Drop unittest2 dependency. All necessary testing features are included in the stdlib unittest.
| | * | | | | Add support of custom errors coming from providersJonathan Huot2018-09-101-0/+4
| | |/ / / / | | | | | | | | | | | | | | | | | | Fix #431. The inherent function "raise_from_error" is called when "error=" is found in the payload. So it MUST raise something, and until now, only RFC errors were raised.
* | | | | | migrated `include_client_id` to `prepare_request_token`jonathan vanasco2018-09-173-17/+67
|/ / / / /
* | | | | * added support for empty strings of `client_secret`jonathan vanasco2018-09-172-10/+48
| | | | | | | | | | | | | | | | | | | | * added LegacyApplicationClient tests to ensure the grant supports a variety of allowed methods
* | | | | standardized some test valuesjonathan vanasco2018-09-142-8/+8
| | | | | | | | | | | | | | | | | | | | integrated against requests_oauthlib idea
* | | | | updated tests to pass on 2.x and 3.xjonathan vanasco2018-09-131-5/+10
| | | | |
* | | | | * addresing ticket #585jonathan vanasco2018-09-131-1/+48
|/ / / / | | | | | | | | | | | | | | | | | | | | * `prepare_request_body` client_id is deprecated in favor of include_client_id * a new unit test `test_prepare_request_body` is added to ensure conformity of several use cases * the docstrings for the `body` param have been consolidated and standardized across multiple functions linked to `prepare_request_body` for clarity
* | | | Write a test for authorization grant w/ no scope.Theron Luhn2018-09-031-0/+6
| | | |
* | | | Fix test_error_catching.Theron Luhn2018-09-021-1/+3
| | | |
* | | | Merge branch 'master' into 445_confirm_redirectJonathan Huot2018-08-201-0/+5
|\ \ \ \
| * | | | Remove headers from request attributesJonathan Huot2018-08-181-0/+5
| | |_|/ | |/| |
* | | | Merge branch 'master' into 445_confirm_redirectJonathan Huot2018-08-154-2/+20
|\ \ \ \ | |/ / /
| * | | Merge branch 'master' into get_default_redirJonathan Huot2018-08-123-2/+4
| |\ \ \
| | * \ \ Merge branch 'master' into 569_expires_in_implicitJonathan Huot2018-08-121-0/+2
| | |\ \ \ | | | | |/ | | | |/|
| | | * | $ and ' are allowed to be unencoded in query strings (#564)Chris Utz2018-08-121-0/+2
| | | |/
| | * | Implicit was not converting expires_in into integersJonathan Huot2018-08-062-2/+2
| | |/
| * | Add syntax check of get_default_redirect_uriJonathan Huot2018-07-301-0/+16
| |/ | | | | | | Authorization Code was missing this check, whereas Implicit was checking it.
* | Add test when no redirecturi & no defaultJonathan Huot2018-08-151-0/+9
| |
* | Restore confirm = False testJonathan Huot2018-08-151-0/+2
| |
* | confirm_r. is called after auth_clientJonathan Huot2018-07-301-1/+0
| |
* | Call get_default_redirect_uri if no redirect_uri in token reqJonathan Huot2018-07-301-0/+21
|/
* Remove handling of nonstandard parameter "expires" (#506)Seth Davis2018-06-301-11/+0
|
* OpenID Connect split (#525)Wiliam Souza2018-06-0515-656/+865
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add command to clean up builds to makefile * Fix docs strings for endpoints pre_configured * Chnage grant_types.openid_connect to include a deprecation warning be a backward compatible * Fix doc string for rfc6749.request_validator * Remove unused import * Change import to be explicity * Move JWTTokenTestCase to openid.connect.core.test_token * Move JWTToken to oauthlib.openid.connect.core.tokens * Move to openid connect test * Move openid connect exceptions to its own file * Remove openid connect from oauth2 server * Remove JWTToken from oauth tokens * Remove grant_types.openid_connect file * Add oauthlib/openid estructure and tests
* Merge branch 'master' into oauth2-introspectPieter Ennes2018-05-265-6/+378
|\
| * Check that the Bearer header is properly formatted (#491)Mattia Procopio2018-05-261-0/+81
| |
| * Add test coverage (#544)Florian Strzelecki2018-05-212-5/+137
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add testcase for prepare_token_request() * Add testcase for InsecureTransportError in add_token() * Fix typo in testcase of add_token() for MAC token type * Add testcase for TokenExpiredError in add_token() * Add testcase for prepare_request_body without private key * Add testcase for optional kwargs in prepare_request_body()
| * Avoid populating spurious token credentials (#542)Pieter Ennes2018-05-082-0/+31
| |
| * Openid connect jwt (#488)Wiliam Souza2018-01-301-0/+128
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add JWT token with it the server knows how to validate this new type of token in resource requests * Change find_token_type sorted function to reverse result and choose the valued estimated token handler * Add validate_id_token method to RequestValidator * Added unittest for JWTToken model * Updated version of Mock * Add get_jwt_bearer_token and validate_jwt_bearer_token oauthlib.oauth2.RequestValidator and change oauthlib.oauth2.tokens JWTToken to use it * Change to improve token type estimate test * Add a note in RequestValidator.validate_jwt_bearer_token about error 5xx rather 4xx
| * Fix cliend_id in web request body (#505)Antoine Bertin2018-01-291-1/+1
| | | | | | | | | | | | Previously, cliend_id was always included in the request body in the Authorization Code flow and the client_id parameter was ignored in contradiction with the docs. Fixes #495
* | Added initial introspect supportJonathan Huot2017-12-181-0/+132
|/
* Add support for HMAC-SHA256 (builds on PR#388) (#498)Viktor Haag2017-11-141-2/+38
| | | | | | | | | | | | * Add support for HMAC-SHA256 * Add explicit declaration of HMAC-SHA1 and point HMAC at it To avoid confusion, HMAC constant name should explicitly state which SHA variant is used, but for backwards compatibility, SIGNATURE_HMAC is still needed * add support for HMAC-SHA256 including tests and comments * constructor tests verify client built with correct signer method
* OpenID connect improvements (#484)Wiliam Souza2017-10-014-7/+119
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Change create_token_response to only save access_token when it's present in request.response_type * Remove unused import, fix indentation and improve comment * Fix AuthorizationEndpoint response_type for OpenID Connect hybrid flow * Add new ImplicitTokenGrantDispatcher Changes AuthorizationEndpoint response_type `'token'`, `'id_token'` and `'id_token token'` to work with OpenID Connect and OAuth2 implicit flow in a transparent way * Add new AuthTokenGrantDispatcher Change AuthorizationEndpoint grant_types `'authorization_code'` to work with OpenID Connect and OAuth2 authorization flow in a transparent way * Change tests to include required client_id and redirect_uri * Remove AuthorizationEndpoint grant_types `'openid'` Now OpenID Connect and OAuth2 authorization flow can use `authorization_code` in a transparent way * Add sone blank lines and fix indentation * Change AuthorizationEndpoint grant type id_token and id_token token to use openid_connect_implicit direct * Change default empty value to None and fix a typo * Add assert called to AuthTokenGrantDispatcher tests * Add request to get_authorization_code_scopes
View Lorry Controller Status