- Update to 0.7.2:
* (Quick fix) Unpushed locally modified files got included in the PyPI 0.7.1
release. Doing a new clean release to address this. Please upgrade quickly
and report any issues you are running into.
* (Quick fix) Add oauthlib.common.log object back in for libraries using it.
* (Change) OAuth2 clients will not raise a Warning on scope change if
the environment variable ``OAUTHLIB_RELAX_TOKEN_SCOPE`` is set. The token
will now be available as an attribute on the error, ``error.token``.
Token changes will now also be announced using blinker.
* (Fix/Feature) Automatic fixes of non-compliant OAuth2 provider responses (e.g. Facebook).
* (Fix) Logging is now tiered (per file) as opposed to logging all under ``oauthlib``.
* (Fix) Error messages should now include a description in their message.
* (Fix/Feature) Optional support for jsonp callbacks after token revocation.
* (Feature) Client side preparation of OAuth 2 token revocation requests.
* (Feature) New OAuth2 client API methods for preparing full requests.
* (Feature) OAuth1 SignatureOnlyEndpoint that only verifies signatures and client IDs.
* (Fix/Feature) Refresh token grant now allow optional refresh tokens.
* (Fix) add missing state param to OAuth2 errors.
* (Fix) add_params_to_uri now properly parse fragment.
* (Fix/Feature) All OAuth1 errors can now be imported from oauthlib.oauth1.
* (Fix/Security) OAuth2 logs will now strip client provided password, if present.
* Allow unescaped @ in urlencoded parameters.
- New dependency on python-blinker
- Add pycrypto.patch to be compatible with latest PyJWT