Hello community, here is the log from the commit of package python-oauthlib for openSUSE:Factory checked in at 2017-11-08 15:09:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-oauthlib (Old) and /work/SRC/openSUSE:Factory/.python-oauthlib.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-oauthlib" Wed Nov 8 15:09:55 2017 rev:19 rq:536027 version:2.0.6 Changes: -------- --- /work/SRC/openSUSE:Factory/python-oauthlib/python-oauthlib.changes 2017-10-09 19:41:02.890499625 +0200 +++ /work/SRC/openSUSE:Factory/.python-oauthlib.new/python-oauthlib.changes 2017-11-08 15:10:05.454141702 +0100 @@ -1,0 +2,13 @@ +Sat Oct 21 03:14:43 UTC 2017 - [email protected] + +- update to version 2.0.6: + * 2.0.5 contains breaking changes. + +------------------------------------------------------------------- +Fri Oct 20 01:43:25 UTC 2017 - [email protected] + +- update to version 2.0.5: + * Fix OAuth2Error.response_mode for #463. + * Documentation improvement. + +------------------------------------------------------------------- Old: ---- oauthlib-2.0.4.tar.gz New: ---- oauthlib-2.0.6.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-oauthlib.spec ++++++ --- /var/tmp/diff_new_pack.aOo1UZ/_old 2017-11-08 15:10:06.178115270 +0100 +++ /var/tmp/diff_new_pack.aOo1UZ/_new 2017-11-08 15:10:06.182115124 +0100 @@ -18,7 +18,7 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-oauthlib -Version: 2.0.4 +Version: 2.0.6 Release: 0 Url: https://github.com/idangazit/oauthlib Summary: A Generic Implementation of the OAuth Request-Signing Logic ++++++ oauthlib-2.0.4.tar.gz -> oauthlib-2.0.6.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oauthlib-2.0.4/CHANGELOG.rst new/oauthlib-2.0.6/CHANGELOG.rst --- old/oauthlib-2.0.4/CHANGELOG.rst 2017-09-17 13:24:38.000000000 +0200 +++ new/oauthlib-2.0.6/CHANGELOG.rst 2017-10-19 18:13:25.000000000 +0200 @@ -1,6 +1,18 @@ Changelog ========= +2.0.6 (2017-10-20) +------------------ + +* 2.0.5 contains breaking changes. + + +2.0.5 (2017-10-19) +------------------ + +* Fix OAuth2Error.response_mode for #463. +* Documentation improvement. + 2.0.4 (2017-09-17) ------------------ * Fixed typo that caused OAuthlib to crash because of the fix in "Address missing OIDC errors and fix a typo in the AccountSelectionRequired exception". diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oauthlib-2.0.4/PKG-INFO new/oauthlib-2.0.6/PKG-INFO --- old/oauthlib-2.0.4/PKG-INFO 2017-09-17 13:25:18.000000000 +0200 +++ new/oauthlib-2.0.6/PKG-INFO 2017-10-19 18:14:11.000000000 +0200 @@ -1,11 +1,12 @@ Metadata-Version: 1.1 Name: oauthlib -Version: 2.0.4 +Version: 2.0.6 Summary: A generic, spec-compliant, thorough implementation of the OAuth request-signing logic Home-page: https://github.com/idan/oauthlib Author: Ib Lundgren Author-email: [email protected] License: BSD +Description-Content-Type: UNKNOWN Description: OAuthLib ======== diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oauthlib-2.0.4/oauthlib/__init__.py new/oauthlib-2.0.6/oauthlib/__init__.py --- old/oauthlib-2.0.4/oauthlib/__init__.py 2017-09-17 13:24:38.000000000 +0200 +++ new/oauthlib-2.0.6/oauthlib/__init__.py 2017-10-19 18:13:25.000000000 +0200 @@ -10,7 +10,7 @@ """ __author__ = 'Idan Gazit <[email protected]>' -__version__ = '2.0.4' +__version__ = '2.0.6' import logging diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oauthlib-2.0.4/oauthlib/oauth2/rfc6749/errors.py new/oauthlib-2.0.6/oauthlib/oauth2/rfc6749/errors.py --- old/oauthlib-2.0.4/oauthlib/oauth2/rfc6749/errors.py 2017-09-17 13:24:38.000000000 +0200 +++ new/oauthlib-2.0.6/oauthlib/oauth2/rfc6749/errors.py 2017-10-19 18:13:25.000000000 +0200 @@ -18,8 +18,8 @@ status_code = 400 description = '' - def __init__(self, description=None, uri=None, state=None, status_code=None, - request=None): + def __init__(self, description=None, uri=None, state=None, + status_code=None, request=None): """ description: A human-readable ASCII [USASCII] text providing additional information, used to assist the client @@ -39,7 +39,9 @@ request: Oauthlib Request object """ - self.description = description or self.description + if description is not None: + self.description = description + message = '(%s) %s' % (self.error, self.description) if request: message += ' ' + repr(request) @@ -60,10 +62,17 @@ self.grant_type = request.grant_type if not state: self.state = request.state + else: + self.redirect_uri = None + self.client_id = None + self.scopes = None + self.response_type = None + self.response_mode = None + self.grant_type = None def in_uri(self, uri): - return add_params_to_uri(uri, self.twotuples, - fragment=self.response_mode == "fragment") + fragment = self.response_mode == "fragment" + return add_params_to_uri(uri, self.twotuples, fragment) @property def twotuples(self): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oauthlib-2.0.4/oauthlib/oauth2/rfc6749/grant_types/openid_connect.py new/oauthlib-2.0.6/oauthlib/oauth2/rfc6749/grant_types/openid_connect.py --- old/oauthlib-2.0.4/oauthlib/oauth2/rfc6749/grant_types/openid_connect.py 2017-09-17 13:24:38.000000000 +0200 +++ new/oauthlib-2.0.6/oauthlib/oauth2/rfc6749/grant_types/openid_connect.py 2017-10-19 18:13:25.000000000 +0200 @@ -141,6 +141,13 @@ def openid_authorization_validator(self, request): """Perform OpenID Connect specific authorization request validation. + nonce + OPTIONAL. String value used to associate a Client session with + an ID Token, and to mitigate replay attacks. The value is + passed through unmodified from the Authentication Request to + the ID Token. Sufficient entropy MUST be present in the nonce + values used to prevent attackers from guessing values + display OPTIONAL. ASCII string value that specifies how the Authorization Server displays the authentication and consent @@ -306,6 +313,7 @@ request_info = { 'display': request.display, + 'nonce': request.nonce, 'prompt': prompt, 'ui_locales': request.ui_locales.split() if request.ui_locales else [], 'id_token_hint': request.id_token_hint, @@ -336,9 +344,7 @@ desc = 'Request is missing mandatory nonce parameter.' raise InvalidRequestError(request=request, description=desc) - self._inflate_claims(request) - - return {'nonce': request.nonce, 'claims': request.claims} + return {} class OpenIDConnectAuthCode(OpenIDConnectBase): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oauthlib-2.0.4/oauthlib.egg-info/PKG-INFO new/oauthlib-2.0.6/oauthlib.egg-info/PKG-INFO --- old/oauthlib-2.0.4/oauthlib.egg-info/PKG-INFO 2017-09-17 13:25:18.000000000 +0200 +++ new/oauthlib-2.0.6/oauthlib.egg-info/PKG-INFO 2017-10-19 18:14:11.000000000 +0200 @@ -1,11 +1,12 @@ Metadata-Version: 1.1 Name: oauthlib -Version: 2.0.4 +Version: 2.0.6 Summary: A generic, spec-compliant, thorough implementation of the OAuth request-signing logic Home-page: https://github.com/idan/oauthlib Author: Ib Lundgren Author-email: [email protected] License: BSD +Description-Content-Type: UNKNOWN Description: OAuthLib ======== diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oauthlib-2.0.4/oauthlib.egg-info/SOURCES.txt new/oauthlib-2.0.6/oauthlib.egg-info/SOURCES.txt --- old/oauthlib-2.0.4/oauthlib.egg-info/SOURCES.txt 2017-09-17 13:25:18.000000000 +0200 +++ new/oauthlib-2.0.6/oauthlib.egg-info/SOURCES.txt 2017-10-19 18:14:11.000000000 +0200 @@ -94,7 +94,7 @@ tests/oauth2/rfc6749/endpoints/test_credentials_preservation.py tests/oauth2/rfc6749/endpoints/test_error_responses.py tests/oauth2/rfc6749/endpoints/test_extra_credentials.py -tests/oauth2/rfc6749/endpoints/test_prompt_handling.py +tests/oauth2/rfc6749/endpoints/test_openid_connect_params_handling.py tests/oauth2/rfc6749/endpoints/test_resource_owner_association.py tests/oauth2/rfc6749/endpoints/test_revocation_endpoint.py tests/oauth2/rfc6749/endpoints/test_scope_handling.py diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oauthlib-2.0.4/oauthlib.egg-info/requires.txt new/oauthlib-2.0.6/oauthlib.egg-info/requires.txt --- old/oauthlib-2.0.4/oauthlib.egg-info/requires.txt 2017-09-17 13:25:18.000000000 +0200 +++ new/oauthlib-2.0.6/oauthlib.egg-info/requires.txt 2017-10-19 18:14:11.000000000 +0200 @@ -11,8 +11,6 @@ [test] nose -unittest2 cryptography -mock pyjwt>=1.0.0 blinker diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oauthlib-2.0.4/tests/oauth2/rfc6749/endpoints/test_openid_connect_params_handling.py new/oauthlib-2.0.6/tests/oauth2/rfc6749/endpoints/test_openid_connect_params_handling.py --- old/oauthlib-2.0.4/tests/oauth2/rfc6749/endpoints/test_openid_connect_params_handling.py 1970-01-01 01:00:00.000000000 +0100 +++ new/oauthlib-2.0.6/tests/oauth2/rfc6749/endpoints/test_openid_connect_params_handling.py 2017-10-19 18:13:25.000000000 +0200 @@ -0,0 +1,85 @@ +from __future__ import absolute_import, unicode_literals + +import mock + +from oauthlib.oauth2 import InvalidRequestError +from oauthlib.oauth2.rfc6749.endpoints.authorization import \ + AuthorizationEndpoint +from oauthlib.oauth2.rfc6749.grant_types import OpenIDConnectAuthCode +from oauthlib.oauth2.rfc6749.tokens import BearerToken + +from ....unittest import TestCase + +try: + from urllib.parse import urlencode +except ImportError: + from urllib import urlencode + + + + +class OpenIDConnectEndpointTest(TestCase): + + def setUp(self): + self.mock_validator = mock.MagicMock() + self.mock_validator.authenticate_client.side_effect = self.set_client + grant = OpenIDConnectAuthCode(request_validator=self.mock_validator) + bearer = BearerToken(self.mock_validator) + self.endpoint = AuthorizationEndpoint(grant, bearer, + response_types={'code': grant}) + params = { + 'prompt': 'consent', + 'display': 'touch', + 'nonce': 'abcd', + 'state': 'abc', + 'redirect_uri': 'https://a.b/cb', + 'response_type': 'code', + 'client_id': 'abcdef', + 'scope': 'hello openid' + } + self.url = 'http://a.b/path?' + urlencode(params) + + def set_client(self, request): + request.client = mock.MagicMock() + request.client.client_id = 'mocked' + return True + + @mock.patch('oauthlib.common.generate_token') + def test_authorization_endpoint_handles_prompt(self, generate_token): + generate_token.return_value = "MOCK_CODE" + # In the GET view: + scopes, creds = self.endpoint.validate_authorization_request(self.url) + # In the POST view: + creds['scopes'] = scopes + h, b, s = self.endpoint.create_authorization_response(self.url, + credentials=creds) + expected = 'https://a.b/cb?state=abc&code=MOCK_CODE' + self.assertURLEqual(h['Location'], expected) + self.assertEqual(b, None) + self.assertEqual(s, 302) + + def test_prompt_none_exclusiveness(self): + """ + Test that prompt=none can't be used with another prompt value. + """ + params = { + 'prompt': 'none consent', + 'state': 'abc', + 'redirect_uri': 'https://a.b/cb', + 'response_type': 'code', + 'client_id': 'abcdef', + 'scope': 'hello openid' + } + url = 'http://a.b/path?' + urlencode(params) + with self.assertRaises(InvalidRequestError): + self.endpoint.validate_authorization_request(url) + + def test_oidc_params_preservation(self): + """ + Test that the nonce parameter is passed through. + """ + scopes, creds = self.endpoint.validate_authorization_request(self.url) + + self.assertEqual(creds['prompt'], {'consent'}) + self.assertEqual(creds['nonce'], 'abcd') + self.assertEqual(creds['display'], 'touch') diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/oauthlib-2.0.4/tests/oauth2/rfc6749/endpoints/test_prompt_handling.py new/oauthlib-2.0.6/tests/oauth2/rfc6749/endpoints/test_prompt_handling.py --- old/oauthlib-2.0.4/tests/oauth2/rfc6749/endpoints/test_prompt_handling.py 2017-09-17 13:24:38.000000000 +0200 +++ new/oauthlib-2.0.6/tests/oauth2/rfc6749/endpoints/test_prompt_handling.py 1970-01-01 01:00:00.000000000 +0100 @@ -1,73 +0,0 @@ -from __future__ import absolute_import, unicode_literals - -import mock - -from oauthlib.oauth2 import InvalidRequestError -from oauthlib.oauth2.rfc6749.endpoints.authorization import \ - AuthorizationEndpoint -from oauthlib.oauth2.rfc6749.grant_types import OpenIDConnectAuthCode -from oauthlib.oauth2.rfc6749.tokens import BearerToken - -from ....unittest import TestCase - -try: - from urllib.parse import urlencode -except ImportError: - from urllib import urlencode - - - - -class OpenIDConnectEndpointTest(TestCase): - - def setUp(self): - self.mock_validator = mock.MagicMock() - self.mock_validator.authenticate_client.side_effect = self.set_client - grant = OpenIDConnectAuthCode(request_validator=self.mock_validator) - bearer = BearerToken(self.mock_validator) - self.endpoint = AuthorizationEndpoint(grant, bearer, - response_types={'code': grant}) - params = { - 'prompt': 'consent', - 'state': 'abc', - 'redirect_uri': 'https://a.b/cb', - 'response_type': 'code', - 'client_id': 'abcdef', - 'scope': 'hello openid' - } - self.url = 'http://a.b/path?' + urlencode(params) - - def set_client(self, request): - request.client = mock.MagicMock() - request.client.client_id = 'mocked' - return True - - @mock.patch('oauthlib.common.generate_token') - def test_authorization_endpoint_handles_prompt(self, generate_token): - generate_token.return_value = "MOCK_CODE" - # In the GET view: - scopes, creds = self.endpoint.validate_authorization_request(self.url) - # In the POST view: - creds['scopes'] = scopes - h, b, s = self.endpoint.create_authorization_response(self.url, - credentials=creds) - expected = 'https://a.b/cb?state=abc&code=MOCK_CODE' - self.assertURLEqual(h['Location'], expected) - self.assertEqual(b, None) - self.assertEqual(s, 302) - - def test_prompt_none_exclusiveness(self): - """ - Test that prompt=none can't be used with another prompt value. - """ - params = { - 'prompt': 'none consent', - 'state': 'abc', - 'redirect_uri': 'https://a.b/cb', - 'response_type': 'code', - 'client_id': 'abcdef', - 'scope': 'hello openid' - } - url = 'http://a.b/path?' + urlencode(params) - with self.assertRaises(InvalidRequestError): - self.endpoint.validate_authorization_request(url)
