Version 0.5

This version breaks a lot of things. There are many redesigns in order to get a better stable API. It is still in Alpha stage, with these breaking changes, I hope Authlib will go into Beta in the next version.

• Added register_error_uri() and its Flask integration.
• OAuth2Session supports more grant types.
• Deprecate built-in cache. Read more on issue#23.
• Redesigned OAuth 1 Flask server. Read the docs Flask OAuth 1 Server.
• Deprecate client_model. Read more on issue#27.
• Breaking change on AuthorizationCodeGrant.create_authorization_code, last parameter is changed to an
  OAuth2Request instance.
• Rename callback_uri to redirect_uri in client.

Version 0.4.1

This is a quick bug fix version.

• Fixed missing code params when fetching access token. This bug is introduced when fixing issue#16.

Version 0.4

This version is released when people are enjoying the super blue blood moon. That's why this version is called Tsukino. The full name would be Tsukino Usagi.

This is a feature releasing for OAuth 1 server. Things are not settled yet, there will still be breaking changes in the future. Some of the breaking changes are compatible with deprecated messages, a few are not. I’ll keep the deprecated message for 2 versions. Here is the main features:

• RFC5847, OAuth 1 client and server
• Flask implementation of OAuth 1 authorization server and resource protector.
• Mixin of SQLAlchemy models for easy integration with OAuth 1.

In version 0.4, there is also several bug fixes. Thanks for the early contributors.

• Allow Flask OAuth register fetch_token and update_token.
• Bug fix for OAuthClient when refresh_token_params is None via PR#14.
• Don’t pass everything in request args for Flask OAuth client via issue#16.
• Bug fix for IDToken.validate_exp via issue#17.

Version 0.3

This is a feature releasing for OAuth 2 server. Since this is the first release of the server implementation, you would expect that there are bugs, security vulnerabilities, and uncertainties. Try it bravely.

• RFC6749, all grant types, refresh token, authorization server.
• RFC6750, bearer token creation and validation.
• RFC7009, token revocation.
• Flask implementation of authorization server and resource protector.
• Mixin of SQLAlchemy models for easy integration.

Version 0.2.1

This is a bugfix version for Akemi. Sorry for the typo.

• Fixed a typo in fetch_access_token() which caused issue #5.
• Removed pyjwt dependency from rfc5849.

Version 0.2

This is a Beta version for Clients. You would expect that the clients works well enough for daily use.

• OAuthClient is refactored to be the base class for Flask and Django.
• Add Django integrations authlib.client.django.OAuth and authlib.client.django.RemoteApp.
• Refactor on authlib.client.flask.OAuth and authlib.client.flask.RemoteApp.
• Refactor on Ready to Use Apps, make it stable and ready to use.

Version 0.1

This is an Alpha version for previewing. You can expect there are many features missing, however the client part works well enough.