nothing yet
- Removed support for Python 2.6 and Python 3.3. This project now supports Python 2.7, and Python 3.4 and above.
- Added several examples to the documentation.
- Added plentymarkets compliance fix.
- Added a
tokenproperty to OAuth1Session, to match the correspondingtokenproperty on OAuth2Session.
- Added Fitbit compliance fix.
- Fixed an issue where newlines in the response body for the access token request would cause errors when trying to extract the token.
- Fixed an issue introduced in v0.7.0 where users passing
authto several methods would encounter conflicts with theclient_idandclient_secret-derived auth. The user-suppliedauthargument is now used in preference to those options.
- Allowed
OAuth2Session.requestto take theclient_idandclient_secretparameters for the purposes of automatic token refresh, which may need them.
- Use
client_idandclient_secretfor the Authorization header if provided. - Allow explicit bypass of the Authorization header by setting
auth=False. - Pass through the
proxieskwarg when refreshing tokens. - Miscellaneous cleanups.
- Fixed a bug when sending authorization in headers with no username and password present.
- Make sure we clear the session token before obtaining a new one.
- Some improvements to the Slack compliance fix.
- Avoid timing problems around token refresh.
- Allow passing arbitrary arguments to requests when calling
fetch_request_tokenandfetch_access_token.
- Add compliance fix for Slack.
- Add compliance fix for Mailchimp.
TokenRequestDeniedexceptions now carry the entire response, not just the status code.- Pass through keyword arguments when refreshing tokens automatically.
- Send authorization in headers, not just body, to maximize compatibility.
- More getters/setters available for OAuth2 session client values.
- Allow sending custom headers when refreshing tokens, and set some defaults.
- Fix
TypeErrorbeing raised instead ofTokenMissingerror. - Raise requests exceptions on 4XX and 5XX responses in the OAuth2 flow.
- Avoid
AttributeErrorwhen initializing theOAuth2Sessionclass without complete client information.
- New
authorizedproperty on OAuth1Session and OAuth2Session, which allows you to easily determine if the session is already authorized with OAuth tokens or not. - New
TokenMissingandVerifierMissingexception classes for OAuth1Session: this will make it easier to catch and identify these exceptions.
- New install target
[rsa]for people using OAuth1 RSA-SHA1 signature method. - Fixed bug in OAuth2 where supplied state param was not used in auth url.
- OAuth2 HTTPS checking can be disabled by setting environment variable
OAUTHLIB_INSECURE_TRANSPORT. - OAuth1 now re-authorize upon redirects.
- OAuth1 token fetching now raise a detailed error message when the response body is incorrectly encoded or the request was denied.
- Added support for custom OAuth1 clients.
- OAuth2 compliance fix for Sina Weibo.
- Multiple fixes to facebook compliance fix.
- Compliance fixes now re-encode body properly as bytes in Python 3.
- Logging now properly done under
requests_oauthlibnamespace instead of piggybacking on oauthlib namespace. - Logging introduced for OAuth1 auth and session.
- OAuth1Session methods only return unicode strings. #55.
- Renamed requests_oauthlib.core to requests_oauthlib.oauth1_auth for consistency. #79.
- Added Facebook compliance fix and access_token_response hook to OAuth2Session. #63.
- Added LinkedIn compliance fix.
- Added refresh_token_response compliance hook, invoked before parsing the refresh token.
- Correctly limit compliance hooks to running only once!
- Content type guessing should only be done when no content type is given
- OAuth1 now updates r.headers instead of replacing it with non case insensitive dict
- Remove last use of Response.content (in OAuth1Session). #44.
- State param can now be supplied in OAuth2Session.authorize_url