In short
OAuth2.0 Provider:
- #803 : Metadata endpoint support of non-HTTPS
- CVE-2022-36087
OAuth1.0:
- #818 : Allow IPv6 being parsed by signature
General:
- Improved and fixed documentation warnings.
- Cosmetic changes based on isort
What's Changed
- add missing slots to TokenBase by @ariebovenberg in #804
- Add CORS support for Refresh Token Grant. by @luhn in #806
- GitHub Action to lint Python code by @cclauss in #797
- Docs: fix Sphinx warnings for better ReadTheDocs generation by @JonathanHuot in #807
- Allow non-HTTPS issuer when OAUTHLIB_INSECURE_TRANSPORT. by @luhn in #803
- chore: fix typo in test by @tamanobi in #816
- Fix typo in server.rst by @NemanjaT in #819
- Fixed isort imports by @dasm in #820
- docs: Fix a few typos by @timgates42 in #822
- docs: fix typos by @kianmeng in #823
New Contributors
- @ariebovenberg made their first contribution in #804
- @tamanobi made their first contribution in #816
- @NemanjaT made their first contribution in #819
- @kianmeng made their first contribution in #823
Full Changelog: v3.2.0...v3.2.1