Switch to OAuthlib 3.0.0 #357
Conversation
|
thanks for doing this! sorry i missed that str/bytes issue in the test for fyi, i wrote both the 'breaking changes' PR for oauthlib and the #331 code you built off of. there are some new test cases in there that should make you feel better. the most general description of #331 is this: previous versions of both libraries did some stuff that was not spec compliant by default, and made it impossible to do other things that are spec compliant. with this patch, both projects should now default to spec compliance but can still do non-compliant things if needed. |
Oh, that's good to know! In that case, I'm very confident that the code you wrote actually works correctly. :) I'll give it a few more days to let others object if they want (although I don't expect anyone will), and then I'll merge this to master. When it gets released, do you think it should be a major version bump (2.0.0), minor version bump (1.2.0) or micro version bump (1.1.1)? Assuming that there are no other changes in the release, of course. |
|
I think this should be fine as a minor bump. The only people who should expect problems are those who were relying on broken oauth2 implementations, because they:
In both cases, it's because the oauth2 exchange was being implemented in a specially broken way, and oauthlib has exception messages that should properly educate the developer on what to do. This "family" of PRs traces back to a regression in oauthlib where |
06f25d3 to
53481e3
Compare
Fixes #356, builds on top of #331.
This pull request adds support for OAuthlib 3.0.0, and drops support for versions of oauthlib before 3.0.0. I made this pull request based on the code in #331, which I assume is reasonably correct, but I don't have a good way of testing it. I had to make some minor changes to get the tests to pass on Python 3.
I would appreciate some eyes on this. The bulk of the code belongs to @jvanasco.