OAuthLib v3.1.1 Release Notes
Release Date: 2021-05-31 // almost 3 years ago-
๐ OAuth2.0 Provider - Bugfixes
- #753: Fix acceptance of valid IPv6 addresses in URI validation
OAuth2.0 Provider - Features
- #751: OIDC add support of refreshing ID Tokens
๐ OAuth2.0 Client - Bugfixes
- #730: Base OAuth2 Client now has a consistent way of managing the
scope
: it consistently relies on thescope
provided in the constructor if any, except if overridden temporarily in a method call. Note that in particular providing a non-Nonescope
inprepare_authorization_request
orprepare_refresh_token
does not override anymoreself.scope
forever, it is just used temporarily. - #726: MobileApplicationClient.prepare_request_uri and MobileApplicationClient.parse_request_uri_response,
ServiceApplicationClient.prepare_request_body,
and WebApplicationClient.prepare_request_uri now correctly use the default
scope
provided in constructor. - #725: LegacyApplicationClient.prepare_request_body now correctly uses the default
scope
provided in constructor
๐ OAuth2.0 Provider - Bugfixes
- #711: client_credentials grant: fix log message
- #746: OpenID Connect Hybrid - fix nonce not passed to add_id_token
- #756: Different prompt values are now handled according to spec (e.g. prompt=none)
- #759: OpenID Connect - fix Authorization: Basic parsing
- #751: The RefreshTokenGrant modifiers now take the same arguments as the
AuthorizationCodeGrant modifiers (
token
,token_handler
,request
).
General
- #716: improved skeleton validator for public vs private client
- #720: replace mock library with standard unittest.mock
- #727: build isort integration
- #734: python2 code removal
- #735, #750: add python3.8 support
- #749: bump minimum versions of pyjwt and cryptography