Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Bump oauthlib from 2.1.0 to 3.1.0 in /etc #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump oauthlib from 2.1.0 to 3.1.0 in /etc #4

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Mar 12, 2021
edited
Loading

Bumps oauthlib from 2.1.0 to 3.1.0.

Release notes

Sourced from oauthlib's releases.

3.1.0 is an feature release including improvement to OIDC and security enhancements. Check-it out !

OAuth2.0 Provider - Features

  • #660: OIDC add support of nonce, c_hash, at_hash fields
    • New RequestValidator.fill_id_token method
    • Deprecated RequestValidator.get_id_token method
  • #677: OIDC add UserInfo endpoint
    • New RequestValidator.get_userinfo_claims method

OAuth2.0 Provider - Security

  • #665: Enhance data leak to logs
    • New default to not expose request content in logs
    • New function oauthlib.set_debug(True)
  • #666: Disabling query parameters for POST requests

OAuth2.0 Provider - Bugfixes

  • #670: Fix validate_authorization_request to return the new PKCE fields
  • #674: Fix token_type to be case-insensitive (bearer and Bearer)

OAuth2.0 Client - Bugfixes

  • #290: Fix Authorization Code's errors processing
  • #603: BackendApplication.Client.prepare_request_body use the "scope" argument as intended.
  • #672: Fix edge case when expires_in=Null

OAuth1.0 Client

  • #669: Add case-insensitive headers to oauth1 BaseEndpoint

3.0.2

Bug fix release

  • #650: OAuth1: Fixed space encoding in base string URI used in the signature base string.
  • #654: OAuth2: Doc: The value state must not be stored by the AS, only returned in /authorize response.
  • #652: OIDC: Fixed /token response which wrongly returned "&state=None"
  • #656: OIDC: Fixed "nonce" checks: raise errors when it's mandatory

3.0.1

Fix regression introduced in 3.0.0

  • #644 Fixed Revocation & Introspection Endpoints when using Client Authentication with HTTP Basic Auth.

3.0.0

This is a major release containing API Breaking changes, and new major features. See the full list below:

... (truncated)

Changelog

Sourced from oauthlib's changelog.

3.1.0 (2019-08-06)

OAuth2.0 Provider - Features

  • #660: OIDC add support of nonce, c_hash, at_hash fields
    • New RequestValidator.fill_id_token method
    • Deprecated RequestValidator.get_id_token method
  • #677: OIDC add UserInfo endpoint - New RequestValidator.get_userinfo_claims method

OAuth2.0 Provider - Security

* [#665](https://github.com/oauthlib/oauthlib/issues/665): Enhance data leak to logs
    * New default to not expose request content in logs
    * New function `oauthlib.set_debug(True)`
* [#666](https://github.com/oauthlib/oauthlib/issues/666): Disabling query parameters for POST requests

OAuth2.0 Provider - Bugfixes

  • #670: Fix validate_authorization_request to return the new PKCE fields
  • #674: Fix token_type to be case-insensitive (bearer and Bearer)

OAuth2.0 Client - Bugfixes

  • #290: Fix Authorization Code's errors processing
  • #603: BackendApplicationClient.prepare_request_body use the scope argument as intended.
  • #672: Fix edge case when expires_in=Null

OAuth1.0 Client

  • #669: Add case-insensitive headers to oauth1 BaseEndpoint

OAuth1.0

  • #722: Added support for HMAC-SHA512, RSA-SHA256 and RSA-SHA512 signature methods.

3.0.2 (2019-07-04)

  • #650: Fixed space encoding in base string URI used in the signature base string.
  • #652: Fixed OIDC /token response which wrongly returned "&state=None"
  • #654: Doc: The value state must not be stored by the AS, only returned in /authorize response.
  • #656: Fixed OIDC "nonce" checks: raise errors when it's mandatory

3.0.1 (2019-01-24)

  • Fixed OAuth2.0 regression introduced in 3.0.0: Revocation with Basic auth no longer possible #644

3.0.0 (2019-01-01)

OAuth2.0 Provider - outstanding Features

... (truncated)

Commits
  • 31cae75 Release 3.1.0 (#689)
  • eb84110 Add the ReadTheDocs theme to dev builds "i.e tox -e docs".
  • 55bcc38 Merge branch 'master' into release-3.1.0
  • a99c714 Add hooks to highlight the possibilities of the framework (#673)
  • f74922b Merge branch 'master' into docs-flows-hooks
  • f516c16 Oidc userinfo (#677)
  • 64e3474 Merge branch 'master' into oidc-userinfo
  • 7538f04 add HMAC-SHA256 signature validation (#691)
  • 36e4512 add HMAC-SHA256 signature validation
  • a97cada Bump to 3.1.0
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 12, 2021
@dependabot dependabot bot force-pushed the dependabot/pip/etc/oauthlib-3.1.0 branch from 34c3a42 to 95065b0 Compare March 28, 2021 04:33
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Jun 2, 2021

Superseded by #78.

@dependabot dependabot bot closed this Jun 2, 2021
@dependabot dependabot bot deleted the dependabot/pip/etc/oauthlib-3.1.0 branch June 2, 2021 06:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants