Release 1.3.0

From the CHANGELOG:

[1.3.0] 2020-03-02

Added

• Add support for Python 3.7 & 3.8
• Add support for Django>=2.1,<3.1
• Add requirement for oauthlib>=3.0.1
• Add support for Proof Key for Code Exchange (PKCE, RFC 7636).
• Add support for custom token generators (e.g. to create JWT tokens).
• Add new OAUTH2_PROVIDER settings:
  • ACCESS_TOKEN_GENERATOR to override the default access token generator.
  • REFRESH_TOKEN_GENERATOR to override the default refresh token generator.
  • EXTRA_SERVER_KWARGS options dictionary for oauthlib's Server class.
  • PKCE_REQUIRED to require PKCE.
• Add createapplication management command to create an application.
• Add id in toolkit admin console applications list.
• Add nonstandard Google support for [urn:ietf:wg:oauth:2.0:oob] redirect_uri
  for Google OAuth2 "manual copy/paste".
  N.B. this feature appears to be deprecated and replaced with methods described in
  RFC 8252: OAuth2 for Native Apps and may be deprecated and/or removed
  from a future release of Django-oauth-toolkit.

Changed

• Change this change log to use Keep a Changelog format.
• Backwards-incompatible squashed migrations:
  If you are currently on a release < 1.2.0, you will need to first install 1.2.0 then manage.py migrate before
  upgrading to >= 1.3.0.
• Improved the tutorial.

Removed

• Remove support for Python 3.4
• Remove support for Django<=2.0
• Remove requirement for oauthlib<3.0

Fixed

• Fix a race condition in creation of AccessToken with external oauth2 server.
• Fix several concurrency issues. (#638)
• Fix to pass request to django.contrib.auth.authenticate() (#636)
• Fix missing oauth2_error property exception oauthlib_core.verify_request method raises exceptions in authenticate.
  (#633)
• Fix "django.db.utils.NotSupportedError: FOR UPDATE cannot be applied to the nullable side of an outer join" for postgresql.
  (#714)
• Fix to return a new refresh token during grace period rather than the recently-revoked one.
  (#702)
• Fix a bug in refresh token revocation.
  (#625)

Release 1.0.0

Release 1.0.0

0.11.0

• #424: Added a ROTATE_REFRESH_TOKEN setting to control whether refresh tokens are reused or not
• #315: AuthorizationView does not overwrite requests on get
• #425: Added support for Django 1.10
• #396: added an IsAuthenticatedOrTokenHasScope Permission
• #357: Support multiple-user clients by allowing User to be NULL for Applications
• #389: Reuse refresh tokens if enabled.

0.10.0

• #322: dropping support for python 2.6 and django 1.4, 1.5, 1.6
• #310: Fixed error that could occur sometimes when checking validity of incomplete AccessToken/Grant
• #333: Added possibility to specify the default list of scopes returned when scope parameter is missing
• #325: Added management views of issued tokens
• #249: Added a command to clean expired tokens
• #323: Application registration view uses custom application model in form class
• #299: 'server_class' is now pluggable through Django settings
• #309: Add the py35-django19 env to travis
• #308: Use compact syntax for tox envs
• #306: Django 1.9 compatibility
• #288: Put additional information when generating token responses
• #297: Fixed doc about SessionAuthenticationMiddleware
• #273: Generic read write scope by resource

0.9.0

• oauthlib_backend_class is now pluggable through Django settings
• #127: application/json Content-Type is now supported using JSONOAuthLibCore
• #238: Fixed redirect uri handling in case of error
• #229: Invalidate access tokens when getting a new refresh token
• added support for oauthlib 1.0

0.8.0

bumped version to 0.8.0

0.7.2

Bumped version 0.7.2 and changelog updated

0.7.1

added ashchristopher to the authors file

0.7.0

added item to changelog

0.6.1

• added support for scope query parameter keeping backwards compatibility for the original scopes parameter.
• __str__ method in Application model returns content of name field when available