Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-Authlib for openSUSE:Factory
checked in at 2021-11-23 22:10:41
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-Authlib (Old)
and /work/SRC/openSUSE:Factory/.python-Authlib.new.1895 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Authlib"
Tue Nov 23 22:10:41 2021 rev:4 rq:933278 version:0.15.5
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-Authlib/python-Authlib.changes
2021-08-16 10:17:42.190650332 +0200
+++ /work/SRC/openSUSE:Factory/.python-Authlib.new.1895/python-Authlib.changes
2021-11-23 22:13:01.054392319 +0100
@@ -1,0 +2,8 @@
+Tue Nov 16 13:42:27 UTC 2021 - Michael Str??der <mich...@stroeder.com>
+
+- Update to 0.15.5
+ * Make Authlib compatible with latest httpx
+ * Make Authlib compatible with latest werkzeug
+ * Allow customize RFC7523 alg value
+
+-------------------------------------------------------------------
Old:
----
Authlib-0.15.4.tar.gz
New:
----
Authlib-0.15.5.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-Authlib.spec ++++++
--- /var/tmp/diff_new_pack.GWXcbe/_old 2021-11-23 22:13:01.510390811 +0100
+++ /var/tmp/diff_new_pack.GWXcbe/_new 2021-11-23 22:13:01.510390811 +0100
@@ -18,7 +18,7 @@
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
Name: python-Authlib
-Version: 0.15.4
+Version: 0.15.5
Release: 0
Summary: Python library for building OAuth and OpenID Connect servers
License: BSD-3-Clause
++++++ Authlib-0.15.4.tar.gz -> Authlib-0.15.5.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Authlib-0.15.4/Authlib.egg-info/PKG-INFO
new/Authlib-0.15.5/Authlib.egg-info/PKG-INFO
--- old/Authlib-0.15.4/Authlib.egg-info/PKG-INFO 2021-06-05
09:08:57.000000000 +0200
+++ new/Authlib-0.15.5/Authlib.egg-info/PKG-INFO 2021-10-18
14:12:46.000000000 +0200
@@ -1,6 +1,6 @@
Metadata-Version: 2.1
Name: Authlib
-Version: 0.15.4
+Version: 0.15.5
Summary: The ultimate Python library in building OAuth and OpenID Connect
servers.
Home-page: https://authlib.org/
Author: Hsiaoming Yang
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Authlib-0.15.4/PKG-INFO new/Authlib-0.15.5/PKG-INFO
--- old/Authlib-0.15.4/PKG-INFO 2021-06-05 09:08:57.000000000 +0200
+++ new/Authlib-0.15.5/PKG-INFO 2021-10-18 14:12:58.779457000 +0200
@@ -1,6 +1,6 @@
Metadata-Version: 2.1
Name: Authlib
-Version: 0.15.4
+Version: 0.15.5
Summary: The ultimate Python library in building OAuth and OpenID Connect
servers.
Home-page: https://authlib.org/
Author: Hsiaoming Yang
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Authlib-0.15.4/authlib/consts.py
new/Authlib-0.15.5/authlib/consts.py
--- old/Authlib-0.15.4/authlib/consts.py 2021-06-05 09:08:48.000000000
+0200
+++ new/Authlib-0.15.5/authlib/consts.py 2021-10-18 14:08:27.000000000
+0200
@@ -1,5 +1,5 @@
name = 'Authlib'
-version = '0.15.4'
+version = '0.15.5'
author = 'Hsiaoming Yang <m...@lepture.com>'
homepage = 'https://authlib.org/'
default_user_agent = '{}/{} (+{})'.format(name, version, homepage)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/Authlib-0.15.4/authlib/integrations/base_client/async_app.py
new/Authlib-0.15.5/authlib/integrations/base_client/async_app.py
--- old/Authlib-0.15.4/authlib/integrations/base_client/async_app.py
2021-06-05 09:08:40.000000000 +0200
+++ new/Authlib-0.15.5/authlib/integrations/base_client/async_app.py
2021-10-18 13:31:42.000000000 +0200
@@ -85,7 +85,8 @@
async with self._get_oauth_client(**metadata) as client:
if self.request_token_url:
- client.redirect_uri = redirect_uri
+ if redirect_uri is not None:
+ client.redirect_uri = redirect_uri
if request_token is None:
raise MissingRequestTokenError()
# merge request token with verifier
@@ -97,7 +98,8 @@
token = await client.fetch_access_token(token_endpoint,
**kwargs)
client.redirect_uri = None
else:
- client.redirect_uri = redirect_uri
+ if redirect_uri is not None:
+ client.redirect_uri = redirect_uri
kwargs = {}
if self.access_token_params:
kwargs.update(self.access_token_params)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/Authlib-0.15.4/authlib/integrations/base_client/base_app.py
new/Authlib-0.15.5/authlib/integrations/base_client/base_app.py
--- old/Authlib-0.15.4/authlib/integrations/base_client/base_app.py
2021-06-05 09:08:40.000000000 +0200
+++ new/Authlib-0.15.5/authlib/integrations/base_client/base_app.py
2021-10-18 13:31:42.000000000 +0200
@@ -124,8 +124,6 @@
state = self.framework.get_session_data(request, 'state')
if state != request_state:
raise MismatchingStateError()
- if state:
- params['state'] = state
code_verifier = self.framework.get_session_data(request,
'code_verifier')
if code_verifier:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/Authlib-0.15.4/authlib/integrations/base_client/remote_app.py
new/Authlib-0.15.5/authlib/integrations/base_client/remote_app.py
--- old/Authlib-0.15.4/authlib/integrations/base_client/remote_app.py
2021-06-05 09:08:40.000000000 +0200
+++ new/Authlib-0.15.5/authlib/integrations/base_client/remote_app.py
2021-10-18 13:31:42.000000000 +0200
@@ -90,7 +90,8 @@
with self._get_oauth_client(**metadata) as client:
if self.request_token_url:
- client.redirect_uri = redirect_uri
+ if redirect_uri is not None:
+ client.redirect_uri = redirect_uri
if request_token is None:
raise MissingRequestTokenError()
# merge request token with verifier
@@ -102,7 +103,8 @@
token = client.fetch_access_token(token_endpoint, **kwargs)
client.redirect_uri = None
else:
- client.redirect_uri = redirect_uri
+ if redirect_uri is not None:
+ client.redirect_uri = redirect_uri
kwargs = {}
if self.access_token_params:
kwargs.update(self.access_token_params)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/Authlib-0.15.4/authlib/integrations/flask_oauth2/errors.py
new/Authlib-0.15.5/authlib/integrations/flask_oauth2/errors.py
--- old/Authlib-0.15.4/authlib/integrations/flask_oauth2/errors.py
2021-06-05 09:08:40.000000000 +0200
+++ new/Authlib-0.15.5/authlib/integrations/flask_oauth2/errors.py
2021-10-18 13:17:19.000000000 +0200
@@ -1,19 +1,36 @@
+import werkzeug
from werkzeug.exceptions import HTTPException
+_version = werkzeug.__version__.split('.')[0]
-class _HTTPException(HTTPException):
- def __init__(self, code, body, headers, response=None):
- super(_HTTPException, self).__init__(None, response)
- self.code = code
+if _version in ('0', '1'):
+ class _HTTPException(HTTPException):
+ def __init__(self, code, body, headers, response=None):
+ super(_HTTPException, self).__init__(None, response)
+ self.code = code
+
+ self.body = body
+ self.headers = headers
+
+ def get_body(self, environ=None):
+ return self.body
+
+ def get_headers(self, environ=None):
+ return self.headers
+else:
+ class _HTTPException(HTTPException):
+ def __init__(self, code, body, headers, response=None):
+ super(_HTTPException, self).__init__(None, response)
+ self.code = code
- self.body = body
- self.headers = headers
+ self.body = body
+ self.headers = headers
- def get_body(self, environ=None):
- return self.body
+ def get_body(self, environ=None, scope=None):
+ return self.body
- def get_headers(self, environ=None):
- return self.headers
+ def get_headers(self, environ=None, scope=None):
+ return self.headers
def raise_http_exception(status, body, headers):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/Authlib-0.15.4/authlib/integrations/httpx_client/assertion_client.py
new/Authlib-0.15.5/authlib/integrations/httpx_client/assertion_client.py
--- old/Authlib-0.15.4/authlib/integrations/httpx_client/assertion_client.py
2021-06-05 09:08:40.000000000 +0200
+++ new/Authlib-0.15.5/authlib/integrations/httpx_client/assertion_client.py
2021-10-18 13:34:35.000000000 +0200
@@ -1,4 +1,4 @@
-from httpx import AsyncClient, Client
+from httpx import AsyncClient, Client, USE_CLIENT_DEFAULT
try:
from httpx._config import UNSET
except ImportError:
@@ -9,7 +9,7 @@
from .utils import extract_client_kwargs
from .oauth2_client import OAuth2Auth
-__all__ = ['AsyncAssertionClient']
+__all__ = ['AsyncAssertionClient', 'AssertionClient']
class AsyncAssertionClient(_AssertionClient, AsyncClient):
@@ -35,7 +35,7 @@
async def request(self, method, url, withhold_token=False, auth=None,
**kwargs):
"""Send request with auto refresh token feature."""
- if not withhold_token and auth is UNSET:
+ if not withhold_token and auth is USE_CLIENT_DEFAULT:
if not self.token or self.token.is_expired():
await self.refresh_token()
@@ -80,7 +80,7 @@
def request(self, method, url, withhold_token=False, auth=None, **kwargs):
"""Send request with auto refresh token feature."""
- if not withhold_token and auth is UNSET:
+ if not withhold_token and auth is USE_CLIENT_DEFAULT:
if not self.token or self.token.is_expired():
self.refresh_token()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/Authlib-0.15.4/authlib/integrations/httpx_client/oauth2_client.py
new/Authlib-0.15.5/authlib/integrations/httpx_client/oauth2_client.py
--- old/Authlib-0.15.4/authlib/integrations/httpx_client/oauth2_client.py
2021-06-05 09:08:40.000000000 +0200
+++ new/Authlib-0.15.5/authlib/integrations/httpx_client/oauth2_client.py
2021-10-18 13:40:06.000000000 +0200
@@ -1,10 +1,6 @@
import asyncio
import typing
-from httpx import AsyncClient, Auth, Client, Request, Response
-try:
- from httpx._config import UNSET
-except ImportError:
- UNSET = None
+from httpx import AsyncClient, Auth, Client, Request, Response,
USE_CLIENT_DEFAULT
from authlib.common.urls import url_decode
from authlib.oauth2.client import OAuth2Client as _OAuth2Client
from authlib.oauth2.auth import ClientAuth, TokenAuth
@@ -30,6 +26,7 @@
try:
url, headers, body = self.prepare(
str(request.url), request.headers, request.content)
+ headers['Content-Length'] = str(len(body))
yield Request(method=request.method, url=url, headers=headers,
data=body)
except KeyError as error:
description = 'Unsupported token_type: {}'.format(str(error))
@@ -42,6 +39,7 @@
def auth_flow(self, request: Request) -> typing.Generator[Request,
Response, None]:
url, headers, body = self.prepare(
request.method, str(request.url), request.headers, request.content)
+ headers['Content-Length'] = str(len(body))
yield Request(method=request.method, url=url, headers=headers,
data=body)
@@ -81,8 +79,8 @@
def handle_error(error_type, error_description):
raise OAuthError(error_type, error_description)
- async def request(self, method, url, withhold_token=False, auth=UNSET,
**kwargs):
- if not withhold_token and auth is UNSET:
+ async def request(self, method, url, withhold_token=False,
auth=USE_CLIENT_DEFAULT, **kwargs):
+ if not withhold_token and auth is USE_CLIENT_DEFAULT:
if not self.token:
raise MissingTokenError()
@@ -114,7 +112,7 @@
return
await self._token_refresh_event.wait() # wait until the token is ready
- async def _fetch_token(self, url, body='', headers=None, auth=UNSET,
+ async def _fetch_token(self, url, body='', headers=None,
auth=USE_CLIENT_DEFAULT,
method='POST', **kwargs):
if method.upper() == 'POST':
resp = await self.post(
@@ -133,7 +131,7 @@
return self.parse_response_token(resp.json())
async def _refresh_token(self, url, refresh_token=None, body='',
- headers=None, auth=UNSET, **kwargs):
+ headers=None, auth=USE_CLIENT_DEFAULT, **kwargs):
resp = await self.post(
url, data=dict(url_decode(body)), headers=headers,
auth=auth, **kwargs)
@@ -150,7 +148,7 @@
return self.token
- def _http_post(self, url, body=None, auth=UNSET, headers=None, **kwargs):
+ def _http_post(self, url, body=None, auth=USE_CLIENT_DEFAULT,
headers=None, **kwargs):
return self.post(
url, data=dict(url_decode(body)),
headers=headers, auth=auth, **kwargs)
@@ -187,8 +185,8 @@
def handle_error(error_type, error_description):
raise OAuthError(error_type, error_description)
- def request(self, method, url, withhold_token=False, auth=UNSET, **kwargs):
- if not withhold_token and auth is UNSET:
+ def request(self, method, url, withhold_token=False,
auth=USE_CLIENT_DEFAULT, **kwargs):
+ if not withhold_token and auth is USE_CLIENT_DEFAULT:
if not self.token:
raise MissingTokenError()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Authlib-0.15.4/authlib/oauth2/rfc6750/errors.py
new/Authlib-0.15.5/authlib/oauth2/rfc6750/errors.py
--- old/Authlib-0.15.4/authlib/oauth2/rfc6750/errors.py 2021-06-05
09:08:40.000000000 +0200
+++ new/Authlib-0.15.5/authlib/oauth2/rfc6750/errors.py 2021-10-18
14:00:33.000000000 +0200
@@ -78,8 +78,14 @@
error = 'insufficient_scope'
status_code = 403
+ def __init__(self, token_scope, required_scope):
+ super(InsufficientScopeError, self).__init__()
+ self.token_scope = token_scope
+ self.required_scope = required_scope
+
def get_error_description(self):
return self.gettext(
'The request requires higher privileges than '
- 'provided by the access token.'
- )
+ 'provided by the access token. '
+ 'Required: "%(required)s", Provided:"%(provided)s"'
+ ) % dict(required=self.required_scope, provided=self.token_scope)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Authlib-0.15.4/authlib/oauth2/rfc6750/validator.py
new/Authlib-0.15.5/authlib/oauth2/rfc6750/validator.py
--- old/Authlib-0.15.4/authlib/oauth2/rfc6750/validator.py 2021-06-05
09:08:40.000000000 +0200
+++ new/Authlib-0.15.5/authlib/oauth2/rfc6750/validator.py 2021-10-18
14:00:33.000000000 +0200
@@ -95,5 +95,5 @@
if self.token_revoked(token):
raise InvalidTokenError(realm=self.realm)
if self.scope_insufficient(token, scope, scope_operator):
- raise InsufficientScopeError()
+ raise InsufficientScopeError(token.get_scope(), scope)
return token
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Authlib-0.15.4/authlib/oauth2/rfc7523/assertion.py
new/Authlib-0.15.5/authlib/oauth2/rfc7523/assertion.py
--- old/Authlib-0.15.4/authlib/oauth2/rfc7523/assertion.py 2019-10-09
13:37:21.000000000 +0200
+++ new/Authlib-0.15.5/authlib/oauth2/rfc7523/assertion.py 2021-10-18
14:03:16.000000000 +0200
@@ -10,7 +10,7 @@
if header is None:
header = {}
alg = kwargs.pop('alg', None)
- if alg:
+ if alg is not None:
header['alg'] = alg
if 'alg' not in header:
raise ValueError('Missing "alg" in header')
@@ -38,13 +38,15 @@
def client_secret_jwt_sign(client_secret, client_id, token_endpoint,
alg='HS256',
- claims=None, **kwargs):
- return _sign(client_secret, client_id, token_endpoint, alg, claims,
**kwargs)
+ claims=None, header=None, **kwargs):
+ return _sign(client_secret, client_id, token_endpoint,
+ alg, claims=claims, header=header, **kwargs)
def private_key_jwt_sign(private_key, client_id, token_endpoint, alg='RS256',
- claims=None, **kwargs):
- return _sign(private_key, client_id, token_endpoint, alg, claims, **kwargs)
+ claims=None, header=None, **kwargs):
+ return _sign(private_key, client_id, token_endpoint,
+ alg, claims=claims, header=header, **kwargs)
def _sign(key, client_id, token_endpoint, alg, claims=None, **kwargs):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Authlib-0.15.4/authlib/oauth2/rfc7523/auth.py
new/Authlib-0.15.5/authlib/oauth2/rfc7523/auth.py
--- old/Authlib-0.15.4/authlib/oauth2/rfc7523/auth.py 2021-06-05
09:08:40.000000000 +0200
+++ new/Authlib-0.15.5/authlib/oauth2/rfc7523/auth.py 2021-10-18
14:03:48.000000000 +0200
@@ -25,10 +25,12 @@
:param claims: Extra JWT claims
"""
name = 'client_secret_jwt'
+ alg = 'HS256'
- def __init__(self, token_endpoint=None, claims=None):
+ def __init__(self, token_endpoint=None, claims=None, header=None):
self.token_endpoint = token_endpoint
self.claims = claims
+ self.header = header
def sign(self, auth, token_endpoint):
return client_secret_jwt_sign(
@@ -36,6 +38,8 @@
client_id=auth.client_id,
token_endpoint=token_endpoint,
claims=self.claims,
+ header=self.header,
+ alg=self.alg,
)
def __call__(self, auth, method, uri, headers, body):
@@ -72,6 +76,7 @@
:param claims: Extra JWT claims
"""
name = 'private_key_jwt'
+ alg = 'RS256'
def sign(self, auth, token_endpoint):
return private_key_jwt_sign(
@@ -79,6 +84,8 @@
client_id=auth.client_id,
token_endpoint=token_endpoint,
claims=self.claims,
+ header=self.header,
+ alg=self.alg,
)
