Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:cabelo:innovators
python-oauthlib
python-oauthlib.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File python-oauthlib.spec of Package python-oauthlib
# # spec file for package python-oauthlib # # Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via https://bugs.opensuse.org/ # %{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-oauthlib Version: 3.1.0 Release: 60.1 Summary: A Generic Implementation of the OAuth Request-Signing Logic License: BSD-3-Clause Group: Development/Languages/Python URL: https://github.com/oauthlib/oauthlib Source: https://files.pythonhosted.org/packages/source/o/oauthlib/oauthlib-%{version}.tar.gz Patch: o_switch_to_unitest_mock.patch BuildRequires: %{python_module PyJWT >= 1.0.0} BuildRequires: %{python_module blinker} BuildRequires: %{python_module cryptography} BuildRequires: %{python_module pyasn1} BuildRequires: %{python_module setuptools} BuildRequires: fdupes BuildRequires: python-rpm-macros Requires: python-PyJWT >= 1.0.0 Requires: python-blinker Requires: python-cryptography BuildArch: noarch %python_subpackages %description A generic, spec-compliant, thorough implementation of the OAuth request-signing logic. OAuth often seems complicated and difficult-to-implement. There are several prominent libraries for signing OAuth requests, but they all suffer from one or both of the following: 1. They predate the OAuth 1.0 spec, AKA RFC 5849. 2. They predate the OAuth 2.0 spec, AKA RFC 6749. 3. They assume the usage of a specific HTTP request library. OAuthLib is a generic utility which implements the logic of OAuth without assuming a specific HTTP request object. Use it to graft OAuth support onto your favorite HTTP library. If you're a maintainer of such a library, write a thin veneer on top of OAuthLib and get OAuth support for very little effort. %prep %setup -q -n oauthlib-%{version} %patch -p1 %build %python_build %install %python_install %python_expand %fdupes %{buildroot}%{$python_sitelib} %check %python_exec setup.py test %files %{python_files} %license LICENSE %doc README.rst CHANGELOG.rst %dir %{python_sitelib}/oauthlib %{python_sitelib}/oauthlib/* %dir %{python_sitelib}/oauthlib-%{version}-py*.egg-info %{python_sitelib}/oauthlib-%{version}-py*.egg-info/* %changelog * Thu Sep 24 2020 Hans-Peter Jansen <hpj@urpla.net> - Fix patch numbering * Wed Apr 29 2020 John Paul Adrian Glaubitz <adrian.glaubitz@suse.com> - Add patch to switch from external mock to unittest.mock + o_switch_to_unitest_mock.patch * Wed Sep 11 2019 Tomáš Chvátal <tchvatal@suse.com> - Update to 3.1.0: * OAuth2.0 Provider - Features * #660: OIDC add support of nonce, c_hash, at_hash fields * #677: OIDC add UserInfo endpoint - New RequestValidator.get_userinfo_claims method * #666: Disabling query parameters for POST requests * Sun Jul 21 2019 Arun Persaud <arun@gmx.de> - specfile: * be more specific in %%files section - update to version 3.0.2: * #650: Fixed space encoding in base string URI used in the signature base string. * #652: Fixed OIDC /token response which wrongly returned "&state=None" * #654: Doc: The value state must not be stored by the AS, only returned in /authorize response. * #656: Fixed OIDC "nonce" checks: raise errors when it's mandatory * Sun Feb 17 2019 John Vandenberg <jayvdb@gmail.com> - Update to version 3.0.1 * Fixed regression introduced in 3.0.0 + Fixed Revocation & Introspection Endpoints when using Client Authentication with HTTP Basic Auth. - from 3.0.0 * General fixes: + Add support of python3.7 + $ and ' are allowed to be unencoded in query strings + Request attributes are no longer overriden by HTTP Headers + Removed unnecessary code for handling python2.6 + Several minors updates to setup.py and tox + Set pytest as the default unittest framework * OAuth2.0 Provider - outstanding Features + OpenID Connect Core support + RFC7662 Introspect support + RFC8414 OAuth2.0 Authorization Server Metadata support + RFC7636 PKCE support * OAuth2.0 Provider - API/Breaking Changes + Add "request" to confirm_redirect_uri + confirm_redirect_uri/get_default_redirect_uri has a bit changed + invalid_client is now a FatalError + Changed errors status code from 401 to 400: - invalid_grant: - invalid_scope: - access_denied/unauthorized_client/consent_required/login_required - 401 must have WWW-Authenticate HTTP Header set. * OAuth2.0 Provider - Bugfixes + empty scopes no longer raise exceptions for implicit and authorization_code * OAuth2.0 Client - Bugfixes / Changes: + expires_in in Implicit flow is now an integer + expires is no longer overriding expires_in + parse_request_uri_response is now required + Unknown error=xxx raised by OAuth2 providers was not understood + OAuth2's `prepare_token_request` supports sending an empty string for `client_id` + OAuth2's `WebApplicationClient.prepare_request_body` was refactored to better support sending or omitting the `client_id` via a new `include_client_id` kwarg. By default this is included. The method will also emit a DeprecationWarning if a `client_id` parameter is submitted; the already configured `self.client_id` is the preferred option. * OAuth1.0 Client: + Support for HMAC-SHA256 - Removed remove_unittest2.patch made redundant by v3.0.1 - Set minumum version of python-PyJWT >= 1.0.0 * Tue Dec 4 2018 Matej Cepl <mcepl@suse.com> - Remove superfluous devel dependency for noarch package * Mon Aug 13 2018 mcepl@suse.com Remove dependency on unittest2 Add remove_unittest2.patch to facilitate that * Wed May 23 2018 arun@gmx.de - specfile: * fix fdupes call for single-spec - update to version 2.1.0: * Fixed some copy and paste typos (#535) * Use secrets module in Python 3.6 and later (#533) * Add request argument to confirm_redirect_uri (#504) * Avoid populating spurious token credentials (#542) * Make populate attributes API public (#546) * Mon Mar 26 2018 arun@gmx.de - specfile: * ran spec-cleaner * Sat Mar 24 2018 arun@gmx.de - specfile: * update copyright year * updated url - update to version 2.0.7: * Moved oauthlib into new organization on GitHub. * Include license file in the generated wheel package. (#494) * When deploying a release to PyPI, include the wheel distribution. (#496) * Check access token in self.token dict. (#500) * Added bottle-oauthlib to docs. (#509) * Update repository location in Travis. (#514) * Updated docs for organization change. (#515) * Replace G+ with Gitter. (#517) * Update requirements. (#518) * Add shields for Python versions, license and RTD. (#520) * Fix ReadTheDocs build (#521). * Fixed "make" command to test upstream with local oauthlib. (#522) * Replace IRC notification with Gitter Hook. (#523) * Added Github Releases deploy provider. (#523) * Sat Oct 21 2017 arun@gmx.de - update to version 2.0.6: * 2.0.5 contains breaking changes. * Fri Oct 20 2017 arun@gmx.de - update to version 2.0.5: * Fix OAuth2Error.response_mode for #463. * Documentation improvement. * Mon Sep 25 2017 arun@gmx.de - update to version 2.0.4: * Fixed typo that caused OAuthlib to crash because of the fix in "Address missing OIDC errors and fix a typo in the AccountSelectionRequired exception". - changes from version 2.0.3: * Address missing OIDC errors and fix a typo in the AccountSelectionRequired exception. * Update proxy keys on CaseInsensitiveDict.update(). * Redirect errors according to OIDC's response_mode. * Added universal wheel support. * Added log statements to except clauses. * According to RC7009 Section 2.1, a client should include authentication credentials when revoking its tokens. As discussed in #339, this is not make sense for public clients. However, in that case, the public client should still be checked that is infact a public client (authenticate_client_id). * Improved prompt parameter validation. * Added two error codes from RFC 6750. * Hybrid response types are now be fragment-encoded. * Added Python 3.6 to Travis CI testing and trove classifiers. * Fixed BytesWarning issued when using a string placeholder for bytes object. * Documented PyJWT dependency and improved logging and exception messages. * Documentation improvements and fixes. * Mon Aug 21 2017 tbechtold@suse.com - update to 2.0.2: * Dropped support for Python 2.6, 3.2 & 3.3. * (FIX) `OpenIDConnector` will no longer raise an AttributeError when calling `openid_authorization_validator()` twice. * Sun May 7 2017 pousaduarte@gmail.com - Convert to singlespec * Mon Jan 2 2017 tbechtold@suse.com - Use pypi.io and htttps as Source * Sun Jan 1 2017 michael@stroeder.com - update to 2.0.1: too many changes to be listed herein (see /usr/share/doc/packages/python-oauthlib/CHANGELOG.rst) - removed obsolete pycrypto.patch because changes were made upstream * Thu Sep 15 2016 rjschwei@suse.com - Include in SLES 12 (FATE#321371, bsc#998103) * Wed Apr 22 2015 mcihar@suse.cz - Update to 0.7.2: * (Quick fix) Unpushed locally modified files got included in the PyPI 0.7.1 release. Doing a new clean release to address this. Please upgrade quickly and report any issues you are running into. * (Quick fix) Add oauthlib.common.log object back in for libraries using it. * (Change) OAuth2 clients will not raise a Warning on scope change if the environment variable ``OAUTHLIB_RELAX_TOKEN_SCOPE`` is set. The token will now be available as an attribute on the error, ``error.token``. Token changes will now also be announced using blinker. * (Fix/Feature) Automatic fixes of non-compliant OAuth2 provider responses (e.g. Facebook). * (Fix) Logging is now tiered (per file) as opposed to logging all under ``oauthlib``. * (Fix) Error messages should now include a description in their message. * (Fix/Feature) Optional support for jsonp callbacks after token revocation. * (Feature) Client side preparation of OAuth 2 token revocation requests. * (Feature) New OAuth2 client API methods for preparing full requests. * (Feature) OAuth1 SignatureOnlyEndpoint that only verifies signatures and client IDs. * (Fix/Feature) Refresh token grant now allow optional refresh tokens. * (Fix) add missing state param to OAuth2 errors. * (Fix) add_params_to_uri now properly parse fragment. * (Fix/Feature) All OAuth1 errors can now be imported from oauthlib.oauth1. * (Fix/Security) OAuth2 logs will now strip client provided password, if present. * Allow unescaped @ in urlencoded parameters. - New dependency on python-blinker - Add pycrypto.patch to be compatible with latest PyJWT * Wed Jul 23 2014 mcihar@suse.cz - Update to version 0.6.3: + 0.6.3: * Quick fix. OAuth 1 client repr in 0.6.2 overwrote secrets when scrubbing for print. + 0.6.2: * Numerous OAuth2 provider errors now suggest a status code of 401 instead of 400 (#247. * Added support for JSON web tokens with oauthlib.common.generate_signed_token. Install extra dependency with oauthlib[signedtoken] (#237). * OAuth2 scopes can be arbitrary objects with __str__ defined (#240). * OAuth 1 Clients can now register custom signature methods (#239). * Exposed new method oauthlib.oauth2.is_secure_transport that checks whether the given URL is HTTPS. Checks using this method can be disabled by setting the environment variable OAUTHLIB_INSECURE_TRANSPORT (#249). * OAuth1 clients now has __repr__ and will be printed with secrets scrubbed. * OAuth1 Client.get_oauth_params now takes an oauthlib.Request as an argument. * urldecode will now raise a much more informative error message on incorrectly encoded strings. * Plenty of typo and other doc fixes. - new dependency on PyJWT * Sun Apr 13 2014 p.drouand@gmail.com - Update to version 0.6.1 + (OAuth 2 Provider) is_within_original_scope to check whether a refresh token is trying to aquire a new set of scopes that are a subset of the original scope. + (OAuth 2 Provider) expires_in token lifetime can be set per request. + (OAuth 2 Provider) client_authentication_required method added to differentiate between public and confidential clients. + (OAuth 2 Provider) rotate_refresh_token now indicates whether a new refresh token should be generated during token refresh or if old should be kept. + (OAuth 2 Provider) returned JSON headers no longer include charset. + (OAuth 2 Provider) validate_authorizatoin_request now also includes the internal request object in the returned dictionary. Note that this is not meant to be relied upon heavily and its interface might change. + many style and typo fixes. * Tue Jan 21 2014 dmueller@suse.com - use pycrypto, not python-rsa * Mon Jan 20 2014 speilicke@suse.com - Add pycrypto requirement for "rsa" submodule * Fri Nov 1 2013 p.drouand@gmail.com - Update to version 0.6.0 + All endpoint methods change contract to return 3 values instead of 4. The new signature is `headers`, `body`, `status code` where the initial `redirect_uri` has been relocated to its rightful place inside headers as `Location`. + OAuth 1 Access Token Endpoint has a new required validator method `invalidate_request_token`. + OAuth 1 Authorization Endpoint now returns a 200 response instead of 302 on `oob` callbacks. - Changes from version 0.5.1 + OAuth 1 provider fix for incorrect token param in nonce validation. - Changes from version 0.5.0 + OAuth 1 provider refactor. OAuth 2 refresh token validation fix. - Changes from version 0.4.2 + OAuth 2 draft to RFC. Removed OAuth 2 framework decorators. - Changes from version 0.4.1 + Documentation corrections and various small code fixes. - Changes from version 0.4.0 + OAuth 2 Provider support (experimental). - Changes from version 0.3.8 + OAuth 2 Client now uses custom errors and raise on expire - Changes from version 0.3.7 + OAuth 1 optional encoding of Client.sign return values - Changes from version 0.3.6 + Revert default urlencoding. - Changes from version 0.3.5 + Default unicode conversion (utf-8) and urlencoding of input. * Thu Oct 24 2013 speilicke@suse.com - Require python-setuptools instead of distribute (upstreams merged) * Fri Nov 23 2012 saschpe@suse.de - Update to version 0.3.4: + A number of small features and bug fixes. - Changes from version 0.3.3: + OAuth 1 Provider verify now return useful params - Changes from version 0.3.2: + Fixed #62, all Python 3 tests pass. - Changes from version 0.3.1: + Python 3.1, 3.2, 3.3 support (experimental) - Changes from version 0.3.0: + Initial OAuth 2 client support - Changes from version 0.2.1: + Exclude non urlencoded bodies during request verification - Changes from version 0.2.0: + OAuth provider support - Changes from version 0.1.4: + soft dependency on PyCrypto * Fri May 18 2012 jfunk@funktronics.ca - Initial release
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor