Version 0.15
This is the last release before v1.0. In this release, we added more RFCs
implementations and did some refactors for JOSE:
RFC8037: CFRG Elliptic Curve Diffie-Hellman (ECDH) and Signatures in JSON Object Signing and Encryption (JOSE)
RFC7638: JSON Web Key (JWK) Thumbprint
We also fixed bugs for integrations:
Fixed support for HTTPX>=0.14.3
Added OAuth clients of HTTPX back
Fixed parallel token refreshes for HTTPX async OAuth 2 client
Raise OAuthError when callback contains errors
Breaking Change:
The parameter algorithms in JsonWebSignature and JsonWebEncryption
are changed. Usually you don't have to care about it since you won't use it directly.
Whole JSON Web Key is refactored, please check JSON Web Key (JWK)
OAuth often seems complicated and difficult-to-implement. There are several
prominent libraries for handling OAuth requests, but they all suffer from one
or both of the following:
* They predate the OAuth 1.0 spec, AKA RFC 5849.
* They predate the OAuth 2.0 spec, AKA RFC 6749.
* They assume the usage of a specific HTTP request library.
OAuthLib is a generic utility which implements the logic of OAuth without
assuming a specific HTTP request object or web framework. Use it to graft OAuth
client support onto your favorite HTTP library, or provider support onto your
favourite web framework. If you're a maintainer of such a library, write a thin
veneer on top of OAuthLib and get OAuth support for very little effort.
