Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update oauthlib to 2.0.6 #376

Closed
wants to merge 1 commit into from
Closed

Update oauthlib to 2.0.6 #376

wants to merge 1 commit into from

Conversation

pyup-bot
Copy link

There's a new version of oauthlib available.
You are currently using 0.7.2. I have updated it to 2.0.6

These links might come in handy: PyPI | Changelog | Repo

Changelog

2.0.5

  • Fix OAuth2Error.response_mode for 463.
  • Documentation improvement.

2.0.4

  • Fixed typo that caused OAuthlib to crash because of the fix in "Address missing OIDC errors and fix a typo in the AccountSelectionRequired exception".

2.0.3

  • Address missing OIDC errors and fix a typo in the AccountSelectionRequired exception.
  • Update proxy keys on CaseInsensitiveDict.update().
  • Redirect errors according to OIDC's response_mode.
  • Added universal wheel support.
  • Added log statements to except clauses.
  • According to RC7009 Section 2.1, a client should include authentication credentials when revoking its tokens.
    As discussed in 339, this is not make sense for public clients.
    However, in that case, the public client should still be checked that is infact a public client (authenticate_client_id).
  • Improved prompt parameter validation.
  • Added two error codes from RFC 6750.
  • Hybrid response types are now be fragment-encoded.
  • Added Python 3.6 to Travis CI testing and trove classifiers.
  • Fixed BytesWarning issued when using a string placeholder for bytes object.
  • Documented PyJWT dependency and improved logging and exception messages.
  • Documentation improvements and fixes.

2.0.2

  • Dropped support for Python 2.6, 3.2 & 3.3.
  • (FIX) OpenIDConnector will no longer raise an AttributeError when calling openid_authorization_validator() twice.

2.0.1

  • (FIX) Normalize handling of request.scopes list

2.0.0

  • (New Feature) OpenID support.
  • Documentation improvements and fixes.

1.1.2

  • (Fix) Query strings should be able to include colons.
  • (Fix) Cast body to a string to ensure that we can perform a regex substitution on it.

1.1.1

  • (Enhancement) Better sanitisation of Request objects repr.

1.1.0

  • (Fix) '(', ')', '/' and '?' are now safe characters in url encoded strings.
  • (Enhancement) Added support for specifying if refresh tokens should be created on authorization code grants.
  • (Fix) OAuth2Token now handles None scopes correctly.
  • (Fix) Request token is now available for OAuth 1.
  • (Enhancement) OAuth2Token is declared with slots for smaller memory footprint.
  • (Enhancement) RefreshTokenGrant now allows to set issue_new_refresh_tokens.
  • Documentation improvements and fixes.

1.0.3

  • (Fix) Changed the documented return type of the invalidate_request_token() method from the RSA key to None since nobody is using the return type.
  • (Enhancement) Added a validator log that will store what the endpoint has computed for debugging and logging purposes (OAuth 1 only for now).

1.0.2

  • (Fix) Allow client secret to be null for public applications that do not mandate it's specification in the query parameters.
  • (Fix) Encode request body before hashing in order to prevent encoding errors in Python 3.

1.0.1

  • (Fix) Added token_type_hint to the list of default Request parameters.

1.0.0

  • (Breaking Change) Replace pycrypto with cryptography from https://cryptography.io
  • (Breaking Change) Update jwt to 1.0.0 (which is backwards incompatible) no oauthlib api changes
    were made.
  • (Breaking Change) Raise attribute error for non-existing attributes in the Request object.
  • (Fix) Strip whitespace off of scope string.
  • (Change) Don't require to return the state in the access token response.
  • (Change) Hide password in logs.
  • (Fix) Fix incorrect invocation of prepare_refresh_body in the OAuth2 client.
  • (Fix) Handle empty/non-parsable query strings.
  • (Fix) Check if an RSA key is actually needed before requiring it.
  • (Change) Allow tuples for list_to_scope as well as sets and lists.
  • (Change) Add code to determine if client authentication is required for OAuth2.
  • (Fix) Fix error message on invalid Content-Type header for OAtuh1 signing.
  • (Fix) Allow ! character in query strings.
  • (Fix) OAuth1 now includes the body hash for requests that specify any content-type that isn't x-www-form-urlencoded.
  • (Fix) Fixed error description in oauth1 endpoint.
  • (Fix) Revocation endpoint for oauth2 will now return an empty string in the response body instead of 'None'.
  • Increased test coverage.
  • Performance improvements.
  • Documentation improvements and fixes.

0.9.4

Released on Jun 9, 2017

  • Handle HTTP Basic Auth for client's access to token endpoint (301)
  • Allow having access tokens without expiration date (311)
  • Log exception traceback. (281)

0.9.3

Released on Jun 2, 2016

  • Revert the wrong implement of non credential oauth2 require auth
  • Catch all exceptions in OAuth2 providers
  • Bugfix for examples, docs and other things

0.9.2

Released on Nov 3, 2015

  • Bugfix in client parse_response when body is none.
  • Update contrib client by tonyseek
  • Typo fix for OAuth1 provider
  • Fix OAuth2 provider on non credential clients by Fleurer

0.9.1

Released on Mar 9, 2015

  • Improve on security.
  • Fix on contrib client.

0.9.0

Released on Feb 3, 2015

  • New feature for contrib client, which will become the official client in
    the future via 136_ and 176_.
  • Add appropriate headers when making POST request for access toke via 169_.
  • Use a local copy of instance 'request_token_params' attribute to avoid side
    effects via 177_.
  • Some minor fixes of contrib by Hsiaoming Yang.

.. _177: lepture/flask-oauthlib#177
.. _169: lepture/flask-oauthlib#169
.. _136: lepture/flask-oauthlib#136
.. _176: lepture/flask-oauthlib#176

0.8.0

+++++++++++++++++++++++++

  • Added Fitbit compliance fix.
  • Fixed an issue where newlines in the response body for the access token
    request would cause errors when trying to extract the token.
  • Fixed an issue introduced in v0.7.0 where users passing auth to several
    methods would encounter conflicts with the client_id and
    client_secret-derived auth. The user-supplied auth argument is now
    used in preference to those options.

Got merge conflicts? Close this PR and delete the branch. I'll create a new PR for you.

Happy merging! 🤖

@coveralls
Copy link

Coverage Status

Coverage remained the same at 70.209% when pulling 3a2f54a on pyup-update-oauthlib-0.7.2-to-2.0.6 into 2076de7 on master.

2 similar comments
@coveralls
Copy link

Coverage Status

Coverage remained the same at 70.209% when pulling 3a2f54a on pyup-update-oauthlib-0.7.2-to-2.0.6 into 2076de7 on master.

@coveralls
Copy link

Coverage Status

Coverage remained the same at 70.209% when pulling 3a2f54a on pyup-update-oauthlib-0.7.2-to-2.0.6 into 2076de7 on master.

@symroe symroe closed this Jan 30, 2018
@symroe symroe deleted the pyup-update-oauthlib-0.7.2-to-2.0.6 branch June 27, 2018 10:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@pyup-bot @coveralls @symroe