Merge branch 'master' into master

Author: JonathanHuot

.github/workflows/publish-release.yml

@@ -0,0 +1,24 @@
+name: Publish Tags on PyPi when GitHub creates a release
+on:
+  push:
+    tags:
+      - 'v**'
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Python 3.9
+      uses: actions/setup-python@v2
+      with:
+        python-version: 3.9
+    - name: Install upload dependencies
+      run: |
+        python -m pip install --upgrade pip setuptools wheel twine
+    - name: Build and publish
+      env:
+        TWINE_USERNAME: __token__
+        TWINE_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
+      run: |
+        python setup.py sdist bdist_wheel
+        twine upload dist/*

AUTHORS.rst

@@ -22,5 +22,6 @@ Patches and Suggestions
 - Vinay Raikar <rockraikar@gmail.com>
 - kracekumar <me@kracekumar.com>
 - David Baumgold <david@davidbaumgold.com>
+- Sylvain Marie <sylvain.marie@se.com>
 - Craig Anderson <craiga@craiga.id.au>
 - Hugo van Kemenade <https://github.com/hugovk>

HISTORY.rst

@@ -1,12 +1,28 @@
 History
 -------
 
-UNRELEASED
-++++++++++
+v1.4.0 (TBD)
+++++++++++++++++++++++++
+- ``OAuth2Session`` now correctly uses the ``self.verify`` value if ``verify``
+  is not overridden in ``fetch_token`` and ``refresh_token``. Fixes `#404
+  <https://github.com/requests/requests-oauthlib/issues/404>`_.
+- ``OAuth2Session`` constructor now uses its ``client.scope`` when a ``client``
+  is provided and ``scope`` is not overridden. Fixes `#408
+  <https://github.com/requests/requests-oauthlib/issues/408>`_
+- Add support for Python 3.8-3.10
+
+
+v1.3.1 (21 January 2022)
+++++++++++++++++++++++++
 
 - Add initial support for OAuth Mutual TLS (draft-ietf-oauth-mtls)
 - Removed outdated LinkedIn Compliance Fixes
-- Add support for Python 3.8-3.10
+- Add eBay compliance fix
+- Add Spotify OAuth 2 Tutorial
+- Add support for python 3.8, 3.9
+- Fixed LinkedIn Compliance Fixes
+- Fixed ReadTheDocs Documentation and sphinx errors
+- Moved pipeline to GitHub Actions
 
 v1.3.0 (6 November 2019)
 ++++++++++++++++++++++++

docs/conf.py

@@ -41,8 +41,8 @@
 master_doc = "index"
 
 # General information about the project.
-project = u"Requests-OAuthlib"
-copyright = u"2014, Kenneth Reitz"
+project = "Requests-OAuthlib"
+copyright = "2014, Kenneth Reitz"
 
 # The version info for the project you're documenting, acts as replacement for
 # |version| and |release|, also used in various other places throughout the
@@ -188,8 +188,8 @@
     (
         "index",
         "Requests-OAuthlib.tex",
-        u"Requests-OAuthlib Documentation",
-        u"Requests-OAuthlib Contributors",
+        "Requests-OAuthlib Documentation",
+        "Requests-OAuthlib Contributors",
         "manual",
     )
 ]
@@ -223,8 +223,8 @@
     (
         "index",
         "requests-oauthlib",
-        u"Requests-OAuthlib Documentation",
-        [u"Requests-OAuthlib Contributors"],
+        "Requests-OAuthlib Documentation",
+        ["Requests-OAuthlib Contributors"],
         1,
     )
 ]
@@ -242,8 +242,8 @@
     (
         "index",
         "Requests-OAuthlib",
-        u"Requests-OAuthlib Documentation",
-        u"Requests-OAuthlib Contributors",
+        "Requests-OAuthlib Documentation",
+        "Requests-OAuthlib Contributors",
         "Requests-OAuthlib",
         "One line description of project.",
         "Miscellaneous",

docs/contributing.rst

@@ -48,7 +48,27 @@ In order to run successfully, you will need all versions of Python installed. We
    $ pyenv install pypy2.7-7.1.1
    $ pyenv install pypy3.6-7.1.1
 
+
+Publishing a release (for maintainer role)
+==========================================
+
+Maintainer tasks should always be kept to minimum. Once a release is ready, the suggested approach can be followed:
+
+#. Create new branch release-X.Y.Z
+#. Update the HISTORY.rst file
+#. Update the `request_oauthlib/__init__.py`
+#. Raise a pull request to give a chance for all contributors to comment before publishing
+#. Create a TAG vX.Y.Z. By doing this, the pipeline will automatically trigger `twine` and will publish the release to PyPi.
+
+Once verified, complete by doing the following:
+
+#. Create a GitHub release vX.Y.Z in the Releases tab.
+#. Activate the vX.Y.Z version in the documentation (`ReadTheDocs`_)
+#. Merge the PR into master branch.
+
+That's all.
+
 .. _`tox`: https://tox.readthedocs.io/en/latest/install.html
 .. _`virtualenv`: https://virtualenv.pypa.io/en/latest/installation/
 .. _`pyenv`: https://github.com/pyenv/pyenv
-
+.. _`ReadTheDocs`: https://readthedocs.org/projects/requests-oauthlib/versions/

docs/examples/outlook.rst

@@ -5,7 +5,6 @@ Create a new web application client in the `Microsoft Application Registration P
 When you have obtained a ``client_id``, ``client_secret`` and registered
 a callback URL then you can try out the command line interactive example below.
 
-.. _`Outlook App console`: https://apps.dev.microsoft.com
 .. _`Microsoft Application Registration Portal`: https://portal.azure.com/#blade/Microsoft_AAD_RegisteredApps/ApplicationsListBlade
 
 .. code-block:: pycon

requests_oauthlib/__init__.py

@@ -5,7 +5,7 @@
 from .oauth2_auth import OAuth2
 from .oauth2_session import OAuth2Session, TokenUpdated
 
-__version__ = "1.3.0"
+__version__ = "1.3.1"
 
 import requests
 

requests_oauthlib/oauth1_session.py

@@ -258,7 +258,7 @@ def authorization_url(self, url, request_token=None, **kwargs):
         return add_params_to_uri(url, kwargs.items())
 
     def fetch_request_token(self, url, realm=None, **request_kwargs):
-        r"""Fetch a request token.
+        """Fetch a request token.
 
         This is the first step in the OAuth 1 workflow. A request token is
         obtained by making a signed post request to url. The token is then
@@ -267,7 +267,7 @@ def fetch_request_token(self, url, realm=None, **request_kwargs):
 
         :param url: The request token endpoint URL.
         :param realm: A list of realms to request access to.
-        :param \*\*request_kwargs: Optional arguments passed to ''post''
+        :param request_kwargs: Optional arguments passed to ''post''
             function in ''requests.Session''
         :returns: The response in dict format.
 

requests_oauthlib/oauth2_session.py

@@ -77,7 +77,7 @@ def __init__(
         super(OAuth2Session, self).__init__(**kwargs)
         self._client = client or WebApplicationClient(client_id, token=token)
         self.token = token or {}
-        self.scope = scope
+        self._scope = scope
         self.redirect_uri = redirect_uri
         self.state = state or generate_token
         self._state = state
@@ -97,6 +97,20 @@ def __init__(
             "protected_request": set(),
         }
 
+    @property
+    def scope(self):
+        """By default the scope from the client is used, except if overridden"""
+        if self._scope is not None:
+            return self._scope
+        elif self._client is not None:
+            return self._client.scope
+        else:
+            return None
+
+    @scope.setter
+    def scope(self, scope):
+        self._scope = scope
+
     def new_state(self):
         """Generates a state string to be used in authorizations."""
         try:
@@ -185,7 +199,7 @@ def fetch_token(
         force_querystring=False,
         timeout=None,
         headers=None,
-        verify=True,
+        verify=None,
         proxies=None,
         include_client_id=None,
         client_secret=None,
@@ -325,7 +339,7 @@ def fetch_token(
 
         headers = headers or {
             "Accept": "application/json",
-            "Content-Type": "application/x-www-form-urlencoded;charset=UTF-8",
+            "Content-Type": "application/x-www-form-urlencoded",
         }
         self.token = {}
         request_kwargs = {}
@@ -388,7 +402,7 @@ def refresh_token(
         auth=None,
         timeout=None,
         headers=None,
-        verify=True,
+        verify=None,
         proxies=None,
         **kwargs
     ):
@@ -426,7 +440,7 @@ def refresh_token(
         if headers is None:
             headers = {
                 "Accept": "application/json",
-                "Content-Type": ("application/x-www-form-urlencoded;charset=UTF-8"),
+                "Content-Type": ("application/x-www-form-urlencoded"),
             }
 
         r = self.post(
@@ -464,6 +478,7 @@ def request(
         withhold_token=False,
         client_id=None,
         client_secret=None,
+        files=None,
         **kwargs
     ):
         """Intercept all requests and add the OAuth 2 token if present."""
@@ -519,7 +534,7 @@ def request(
         log.debug("Supplying headers %s and data %s", headers, data)
         log.debug("Passing through key word arguments %s.", kwargs)
         return super(OAuth2Session, self).request(
-            method, url, headers=headers, data=data, **kwargs
+            method, url, headers=headers, data=data, files=files, **kwargs
         )
 
     def register_compliance_hook(self, hook_type, hook):

setup.py

@@ -67,6 +67,6 @@ def readall(path):
         "Programming Language :: Python :: Implementation :: PyPy",
     ],
     zip_safe=False,
-    tests_require=["mock", "requests-mock"],
+    tests_require=['mock;python_version<"3.3"', "requests-mock"],
     test_suite="tests",
 )