List of all changes
- does not longer depends on South (pull request #15 thanks to Илья Барышев)
- importlib is now imported from django.utils only for django<1.7. For later versions it will be imported directly as python builtin module (pull request #16 thanks to ggbaker)
- django-oauth-plus now passes tests on django1.8 so it should be compatible with this release.
- updated tests requirements
- added Django 1.7 support (pull request #11 thanks to Илья Барышев)
- South requirement changed to South>=1.0
- AUTHORS updated
- updated tox test matrix with new minor versions of django
- fixed issue
#44introduced in 2.1.3
- fixed nonce checking when no timestamp provided
- tz aware (UTC) now for timestamp checking.
- Nonce model has now time-indexed field.
- optional setting OAUTH_NONCE_VALID_PERIOD added.
- Resource model renamed to Scope. Resource still can be used (as proxy model) but now is deprecated and will be removed in future versions.
- Scopes/Resources are now fully optional. There is no need for creating 'all' resource.
- oauth_required decorator has now timestamp field
- added missing nonces tests
- This release includes some migrations and requires additional settings. Internal API has changed.
- fixed issue
#41- use 'X-Forwarded-Proto' header to verify signatures when request was forwarded (e.g. by loadbalancer) in different protocol.
- fixed security issue allowing client to access any scope without proper user authorization (details).
- fixed south migrations for custom user models in django>=1.5
- fixed south version requirement
- @oauth_required decorator sets now request.user to token.user if auth is successful
- more protocol tests added (thanks to Andrei Kopats)
- added XAuth test case
- get_oauth_request doesn't include parameters from request body if it is POST with content-type: application/x-www-form-urlencoded and request includes OAuth authorization header.
- tox tests
- oauth_required decorator can now be used with and without parameters like was described in docs (issue
- configured tox tests to test against different python (2.6, 2.7) and django (1.3, 1.4, 1.5) versions
- tests totally rewritten (now able to run them with simple tox command)
- merged Twitter xAuth support (thanks to Andy Mroczkowski pull request)
- support for django==1.5
- support for Class Based Views
- fixed issues when using custom user model in django>=1.5
- fixed vcs revision tree issue (multiple heads in default) - now pull requests should be easier to merge within bitbucket
- fixed authorization with 'oob' callback