From 9c392a762e93db47700b7e1957a2cc6f4fbbc1f9 Mon Sep 17 00:00:00 2001 From: Reinout van Rees Date: Fri, 18 Oct 2013 16:51:55 +0200 Subject: [PATCH 1/2] Restructured text syntax fixes Most of the bullet lists where shown as blockquotes because they were indented one space. To keep the version numbers in the changelog stand out (now that there wasn't a blockquote beneath them anymore) I turned them into h3 items. --- README.rst | 98 ++++++++++++++++++++++++++++++------------------------ 1 file changed, 54 insertions(+), 44 deletions(-) diff --git a/README.rst b/README.rst index b90bc8397..da6ec3d3b 100644 --- a/README.rst +++ b/README.rst @@ -47,7 +47,7 @@ Requirements Installation ------------ -Install with pip +Install with pip:: pip install django-oauth-toolkit @@ -86,97 +86,107 @@ Roadmap Highest priority first - * Test server improvements - * OAuth2 client wrapper - * OAuth1 support +* Test server improvements +* OAuth2 client wrapper +* OAuth1 support Changelog --------- 0.5.0 [2013-09-17] +~~~~~~~~~~~~~~~~~~ - * oauthlib 0.6.0 support +* oauthlib 0.6.0 support **Backwards incompatible changes in 0.5.0** - * `backends.py` module has been renamed to `oauth2_backends.py` so you should change your imports whether - you're extending this module +* `backends.py` module has been renamed to `oauth2_backends.py` so you should change your imports whether + you're extending this module **Bugfixes** - * Issue #54: Auth backend proposal to address #50 - * Issue #61: Fix contributing page - * Issue #55: Add support for authenticating confidential client with request body params - * Issue #53: Quote characters in the url query that are safe for Django but not for oauthlib +* Issue #54: Auth backend proposal to address #50 +* Issue #61: Fix contributing page +* Issue #55: Add support for authenticating confidential client with request body params +* Issue #53: Quote characters in the url query that are safe for Django but not for oauthlib 0.4.1 [2013-09-06] +~~~~~~~~~~~~~~~~~~ - * Optimize queries on access token validation +* Optimize queries on access token validation 0.4.0 [2013-08-09] +~~~~~~~~~~~~~~~~~~ **New Features** - * Add Application management views, you no more need the admin to register, update and delete your application. - * Add support to configurable application model - * Add support for function based views +* Add Application management views, you no more need the admin to register, update and delete your application. +* Add support to configurable application model +* Add support for function based views **Backwards incompatible changes in 0.4.0** - * `SCOPE` attribute in settings is now a dictionary to store `{'scope_name': 'scope_description'}` - * Namespace 'oauth2_provider' is mandatory in urls. See issue #36 +* `SCOPE` attribute in settings is now a dictionary to store `{'scope_name': 'scope_description'}` +* Namespace 'oauth2_provider' is mandatory in urls. See issue #36 **Bugfixes** - * Issue #25: Bug in the Basic Auth parsing in Oauth2RequestValidator - * Issue #24: Avoid generation of client_id with ":" colon char when using HTTP Basic Auth - * Issue #21: IndexError when trying to authorize an application - * Issue #9: Default_redirect_uri is mandatory when grant_type is implicit, authorization_code or all-in-one - * Issue #22: Scopes need a verbose description - * Issue #33: Add django-oauth-toolkit version on example main page - * Issue #36: Add mandatory namespace to urls - * Issue #31: Add docstring to OAuthToolkitError and FatalClientError - * Issue #32: Add docstring to validate_uris - * Issue #34: Documentation tutorial part1 needs corsheaders explanation - * Issue #36: Add mandatory namespace to urls - * Issue #45: Add docs for AbstractApplication - * Issue #47: Add docs for views decorators +* Issue #25: Bug in the Basic Auth parsing in Oauth2RequestValidator +* Issue #24: Avoid generation of client_id with ":" colon char when using HTTP Basic Auth +* Issue #21: IndexError when trying to authorize an application +* Issue #9: Default_redirect_uri is mandatory when grant_type is implicit, authorization_code or all-in-one +* Issue #22: Scopes need a verbose description +* Issue #33: Add django-oauth-toolkit version on example main page +* Issue #36: Add mandatory namespace to urls +* Issue #31: Add docstring to OAuthToolkitError and FatalClientError +* Issue #32: Add docstring to validate_uris +* Issue #34: Documentation tutorial part1 needs corsheaders explanation +* Issue #36: Add mandatory namespace to urls +* Issue #45: Add docs for AbstractApplication +* Issue #47: Add docs for views decorators 0.3.2 [2013-07-10] +~~~~~~~~~~~~~~~~~~ - * Bugfix #37: Error in migrations with custom user on Django 1.5 +* Bugfix #37: Error in migrations with custom user on Django 1.5 0.3.1 [2013-07-10] +~~~~~~~~~~~~~~~~~~ - * Bugfix #27: OAuthlib refresh token refactoring +* Bugfix #27: OAuthlib refresh token refactoring 0.3.0 [2013-06-14] +~~~~~~~~~~~~~~~~~~ - * `Django REST Framework `_ integration layer - * Bugfix #13: Populate request with client and user in validate_bearer_token - * Bugfix #12: Fix paths in documentation +* `Django REST Framework `_ integration layer +* Bugfix #13: Populate request with client and user in validate_bearer_token +* Bugfix #12: Fix paths in documentation **Backwards incompatible changes in 0.3.0** - * `requested_scopes` parameter in ScopedResourceMixin changed to `required_scopes` +* `requested_scopes` parameter in ScopedResourceMixin changed to `required_scopes` 0.2.1 [2013-06-06] +~~~~~~~~~~~~~~~~~~ - * Core optimizations +* Core optimizations 0.2.0 [2013-06-05] +~~~~~~~~~~~~~~~~~~ - * Add support for Django1.4 and Django1.6 - * Add support for Python 3.3 - * Add a default ReadWriteScoped view - * Add tutorial to docs +* Add support for Django1.4 and Django1.6 +* Add support for Python 3.3 +* Add a default ReadWriteScoped view +* Add tutorial to docs 0.1.0 [2013-05-31] +~~~~~~~~~~~~~~~~~~ - * Support OAuth2 Authorization Flows +* Support OAuth2 Authorization Flows 0.0.0 [2013-05-17] +~~~~~~~~~~~~~~~~~~ - * Discussion with Daniel Greenfeld at Django Circus - * Ignition +* Discussion with Daniel Greenfeld at Django Circus +* Ignition From d102b4dfe90ed2d1ffcae044854b477ff8cab9c3 Mon Sep 17 00:00:00 2001 From: Marc Michel Date: Thu, 24 Oct 2013 16:03:31 +0200 Subject: [PATCH 2/2] oauth2 validator class from oauth2_settings, refs issue #19 --- oauth2_provider/oauth2_backends.py | 7 +++---- oauth2_provider/settings.py | 3 +++ 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/oauth2_provider/oauth2_backends.py b/oauth2_provider/oauth2_backends.py index 6e9ba6ce2..525920c96 100644 --- a/oauth2_provider/oauth2_backends.py +++ b/oauth2_provider/oauth2_backends.py @@ -3,8 +3,8 @@ from oauthlib import oauth2 from oauthlib.common import urlencode, urlencoded, quote +from .settings import oauth2_settings from .exceptions import OAuthToolkitError, FatalClientError -from .oauth2_validators import OAuth2Validator from .compat import urlparse, urlunparse @@ -16,7 +16,7 @@ def __init__(self, server=None): """ :params server: An instance of oauthlib.oauth2.Server class """ - self.server = server or oauth2.Server(OAuth2Validator()) + self.server = server or oauth2.Server(oauth2_settings.OAUTH2_VALIDATOR_CLASS()) def _get_escaped_full_path(self, request): """ @@ -126,8 +126,7 @@ def get_oauthlib_core(): Utility function that take a request and returns an instance of `oauth2_provider.backends.OAuthLibCore` """ - from oauth2_provider.oauth2_validators import OAuth2Validator from oauthlib.oauth2 import Server - server = Server(OAuth2Validator()) + server = Server(oauth2_settings.OAUTH2_VALIDATOR_CLASS()) return OAuthLibCore(server) diff --git a/oauth2_provider/settings.py b/oauth2_provider/settings.py index 2accb68e8..eb8c8701a 100644 --- a/oauth2_provider/settings.py +++ b/oauth2_provider/settings.py @@ -28,6 +28,7 @@ DEFAULTS = { 'CLIENT_ID_GENERATOR_CLASS': 'oauth2_provider.generators.ClientIdGenerator', 'CLIENT_SECRET_GENERATOR_CLASS': 'oauth2_provider.generators.ClientSecretGenerator', + 'OAUTH2_VALIDATOR_CLASS': 'oauth2_provider.oauth2_validators.OAuth2Validator', 'SCOPES': {"read": "Reading scope", "write": "Writing scope"}, 'READ_SCOPE': 'read', 'WRITE_SCOPE': 'write', @@ -43,6 +44,7 @@ MANDATORY = ( 'CLIENT_ID_GENERATOR_CLASS', 'CLIENT_SECRET_GENERATOR_CLASS', + 'OAUTH2_VALIDATOR_CLASS', 'SCOPES', ) @@ -50,6 +52,7 @@ IMPORT_STRINGS = ( 'CLIENT_ID_GENERATOR_CLASS', 'CLIENT_SECRET_GENERATOR_CLASS', + 'OAUTH2_VALIDATOR_CLASS', )