OAuthLib v0.6.1 Release Notes
Release Date: 2014-01-20 // over 10 years ago-
๐ Draft revocation endpoint features and numerous fixes including:
(OAuth 2 Provider) is_within_original_scope to check whether a refresh token is trying to acquire a new set of scopes that are a subset of the original scope.
(OAuth 2 Provider) expires_in token lifetime can be set per request.
(OAuth 2 Provider) client_authentication_required method added to differentiate between public and confidential clients.
(OAuth 2 Provider) rotate_refresh_token now indicates whether a new refresh token should be generated during token refresh or if old should be kept.
(OAuth 2 Provider) returned JSON headers no longer include charset.
(OAuth 2 Provider) validate_authorizatoin_request now also includes the internal request object in the returned dictionary. Note that this is not meant to be relied upon heavily and its interface might change.
๐ and many style and typo fixes.