The most important change in this version is grant extension system. When registering a grant, developers can pass extensions to the grant:
authorization_server.register_grant(GrantClass, [extension])
Find Flask Grant Extensions implementation.
RFC implementations and updates in this release:
- RFC8414: OAuth 2.0 Authorization Server Metadata
- RFC7636: make CodeChallenge a grant extension
- OIDC: make OpenIDCode a grant extension
Besides that, there are other improvements:
- Export
save_authorize_statemethod on Flask and Django client - Add
fetch_tokento Django OAuth client - Add scope operator for
@require_oauthMultiple Scopes - Fix two OAuth clients in the same Flask route PR#85
Deprecate Changes: find how to solve the deprecate issues via https://git.io/fAmW1
Code Changes: v0.9...v0.10