[Python-modules-commits] [python-oauthlib] 02/09: Import python-oauthlib_2.0.6.orig.tar.gz
Daniele Tricoli
eriol-guest at moszumanska.debian.org
Sun Feb 4 15:59:38 UTC 2018
This is an automated email from the git hooks/post-receive script.
eriol-guest pushed a commit to branch master
in repository python-oauthlib.
commit c817f1a42a74916950606f95b0050210be7cb9cd
Author: Daniele Tricoli <eriol at mornie.org>
Date: Sat Feb 3 17:46:39 2018 +0100
Import python-oauthlib_2.0.6.orig.tar.gz
---
CHANGELOG.rst | 12 ++++++++++++
PKG-INFO | 3 ++-
oauthlib.egg-info/PKG-INFO | 3 ++-
oauthlib.egg-info/SOURCES.txt | 2 +-
oauthlib.egg-info/requires.txt | 2 --
oauthlib/__init__.py | 2 +-
oauthlib/oauth2/rfc6749/errors.py | 19 ++++++++++++++-----
oauthlib/oauth2/rfc6749/grant_types/openid_connect.py | 12 +++++++++---
...ling.py => test_openid_connect_params_handling.py} | 12 ++++++++++++
9 files changed, 53 insertions(+), 14 deletions(-)
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 397fc07..a6c9d3b 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -1,6 +1,18 @@
Changelog
=========
+2.0.6 (2017-10-20)
+------------------
+
+* 2.0.5 contains breaking changes.
+
+
+2.0.5 (2017-10-19)
+------------------
+
+* Fix OAuth2Error.response_mode for #463.
+* Documentation improvement.
+
2.0.4 (2017-09-17)
------------------
* Fixed typo that caused OAuthlib to crash because of the fix in "Address missing OIDC errors and fix a typo in the AccountSelectionRequired exception".
diff --git a/PKG-INFO b/PKG-INFO
index ba8e424..5b4afac 100644
--- a/PKG-INFO
+++ b/PKG-INFO
@@ -1,11 +1,12 @@
Metadata-Version: 1.1
Name: oauthlib
-Version: 2.0.4
+Version: 2.0.6
Summary: A generic, spec-compliant, thorough implementation of the OAuth request-signing logic
Home-page: https://github.com/idan/oauthlib
Author: Ib Lundgren
Author-email: ib.lundgren at gmail.com
License: BSD
+Description-Content-Type: UNKNOWN
Description: OAuthLib
========
diff --git a/oauthlib.egg-info/PKG-INFO b/oauthlib.egg-info/PKG-INFO
index ba8e424..5b4afac 100644
--- a/oauthlib.egg-info/PKG-INFO
+++ b/oauthlib.egg-info/PKG-INFO
@@ -1,11 +1,12 @@
Metadata-Version: 1.1
Name: oauthlib
-Version: 2.0.4
+Version: 2.0.6
Summary: A generic, spec-compliant, thorough implementation of the OAuth request-signing logic
Home-page: https://github.com/idan/oauthlib
Author: Ib Lundgren
Author-email: ib.lundgren at gmail.com
License: BSD
+Description-Content-Type: UNKNOWN
Description: OAuthLib
========
diff --git a/oauthlib.egg-info/SOURCES.txt b/oauthlib.egg-info/SOURCES.txt
index c54d8fc..7572aa0 100644
--- a/oauthlib.egg-info/SOURCES.txt
+++ b/oauthlib.egg-info/SOURCES.txt
@@ -94,7 +94,7 @@ tests/oauth2/rfc6749/endpoints/test_client_authentication.py
tests/oauth2/rfc6749/endpoints/test_credentials_preservation.py
tests/oauth2/rfc6749/endpoints/test_error_responses.py
tests/oauth2/rfc6749/endpoints/test_extra_credentials.py
-tests/oauth2/rfc6749/endpoints/test_prompt_handling.py
+tests/oauth2/rfc6749/endpoints/test_openid_connect_params_handling.py
tests/oauth2/rfc6749/endpoints/test_resource_owner_association.py
tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py
tests/oauth2/rfc6749/endpoints/test_scope_handling.py
diff --git a/oauthlib.egg-info/requires.txt b/oauthlib.egg-info/requires.txt
index 098d291..50fb2a3 100644
--- a/oauthlib.egg-info/requires.txt
+++ b/oauthlib.egg-info/requires.txt
@@ -11,8 +11,6 @@ pyjwt>=1.0.0
[test]
nose
-unittest2
cryptography
-mock
pyjwt>=1.0.0
blinker
diff --git a/oauthlib/__init__.py b/oauthlib/__init__.py
index 9121582..620be76 100644
--- a/oauthlib/__init__.py
+++ b/oauthlib/__init__.py
@@ -10,7 +10,7 @@
"""
__author__ = 'Idan Gazit <idan at gazit.me>'
-__version__ = '2.0.4'
+__version__ = '2.0.6'
import logging
diff --git a/oauthlib/oauth2/rfc6749/errors.py b/oauthlib/oauth2/rfc6749/errors.py
index 6aabc04..180f636 100644
--- a/oauthlib/oauth2/rfc6749/errors.py
+++ b/oauthlib/oauth2/rfc6749/errors.py
@@ -18,8 +18,8 @@ class OAuth2Error(Exception):
status_code = 400
description = ''
- def __init__(self, description=None, uri=None, state=None, status_code=None,
- request=None):
+ def __init__(self, description=None, uri=None, state=None,
+ status_code=None, request=None):
"""
description: A human-readable ASCII [USASCII] text providing
additional information, used to assist the client
@@ -39,7 +39,9 @@ class OAuth2Error(Exception):
request: Oauthlib Request object
"""
- self.description = description or self.description
+ if description is not None:
+ self.description = description
+
message = '(%s) %s' % (self.error, self.description)
if request:
message += ' ' + repr(request)
@@ -60,10 +62,17 @@ class OAuth2Error(Exception):
self.grant_type = request.grant_type
if not state:
self.state = request.state
+ else:
+ self.redirect_uri = None
+ self.client_id = None
+ self.scopes = None
+ self.response_type = None
+ self.response_mode = None
+ self.grant_type = None
def in_uri(self, uri):
- return add_params_to_uri(uri, self.twotuples,
- fragment=self.response_mode == "fragment")
+ fragment = self.response_mode == "fragment"
+ return add_params_to_uri(uri, self.twotuples, fragment)
@property
def twotuples(self):
diff --git a/oauthlib/oauth2/rfc6749/grant_types/openid_connect.py b/oauthlib/oauth2/rfc6749/grant_types/openid_connect.py
index bdd09b9..4c98864 100644
--- a/oauthlib/oauth2/rfc6749/grant_types/openid_connect.py
+++ b/oauthlib/oauth2/rfc6749/grant_types/openid_connect.py
@@ -141,6 +141,13 @@ class OpenIDConnectBase(object):
def openid_authorization_validator(self, request):
"""Perform OpenID Connect specific authorization request validation.
+ nonce
+ OPTIONAL. String value used to associate a Client session with
+ an ID Token, and to mitigate replay attacks. The value is
+ passed through unmodified from the Authentication Request to
+ the ID Token. Sufficient entropy MUST be present in the nonce
+ values used to prevent attackers from guessing values
+
display
OPTIONAL. ASCII string value that specifies how the
Authorization Server displays the authentication and consent
@@ -306,6 +313,7 @@ class OpenIDConnectBase(object):
request_info = {
'display': request.display,
+ 'nonce': request.nonce,
'prompt': prompt,
'ui_locales': request.ui_locales.split() if request.ui_locales else [],
'id_token_hint': request.id_token_hint,
@@ -336,9 +344,7 @@ class OpenIDConnectBase(object):
desc = 'Request is missing mandatory nonce parameter.'
raise InvalidRequestError(request=request, description=desc)
- self._inflate_claims(request)
-
- return {'nonce': request.nonce, 'claims': request.claims}
+ return {}
class OpenIDConnectAuthCode(OpenIDConnectBase):
diff --git a/tests/oauth2/rfc6749/endpoints/test_prompt_handling.py b/tests/oauth2/rfc6749/endpoints/test_openid_connect_params_handling.py
similarity index 85%
rename from tests/oauth2/rfc6749/endpoints/test_prompt_handling.py
rename to tests/oauth2/rfc6749/endpoints/test_openid_connect_params_handling.py
index 35e1508..89431b6 100644
--- a/tests/oauth2/rfc6749/endpoints/test_prompt_handling.py
+++ b/tests/oauth2/rfc6749/endpoints/test_openid_connect_params_handling.py
@@ -29,6 +29,8 @@ class OpenIDConnectEndpointTest(TestCase):
response_types={'code': grant})
params = {
'prompt': 'consent',
+ 'display': 'touch',
+ 'nonce': 'abcd',
'state': 'abc',
'redirect_uri': 'https://a.b/cb',
'response_type': 'code',
@@ -71,3 +73,13 @@ class OpenIDConnectEndpointTest(TestCase):
url = 'http://a.b/path?' + urlencode(params)
with self.assertRaises(InvalidRequestError):
self.endpoint.validate_authorization_request(url)
+
+ def test_oidc_params_preservation(self):
+ """
+ Test that the nonce parameter is passed through.
+ """
+ scopes, creds = self.endpoint.validate_authorization_request(self.url)
+
+ self.assertEqual(creds['prompt'], {'consent'})
+ self.assertEqual(creds['nonce'], 'abcd')
+ self.assertEqual(creds['display'], 'touch')
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/python-oauthlib.git
More information about the Python-modules-commits
mailing list