efd5f481e9
This implements a few oauth2 fixes: - passes along the state object - enforces authorization code expiration (currently set to 1 minute, we could make this configurable) - enforces redirect_uri - properly checks for client_secret when granting a token - handles pulling client authentication for token grant from basic auth - implement token revocation |
||
---|---|---|
.. | ||
0001_initial.py | ||
0002_remove_token_code_token_revoked_alter_token_token_and_more.py | ||
__init__.py |