token_expiry
for GCE credentials. (#473)scopes
for GCE credentials. (#524)oauth2client.contrib.sqlalchemy
, a SQLAlchemy-based credential store. (#527)oauth2client.contrib.multiprocess_storage
. This supersedes the functionality in oauth2client.contrib.multistore_file
. (#504)oauth2client.contrib.django_util
. Add DjangoORMStorage
, remove FlowField
. (#546)approval_prompt='force'
. (#572)oauth2client.contrib.multistore_file
. (#574)oauth2client.contrib.appengine
. (#533)NOTE: The next major release of oauth2client (v4.0.0) will remove the oauth2client.contrib.multistore_file
module.
token_uri
and revoke_uri
in oauth2client.service_account.ServiceAccountCredentials
. (#510)oauth2client.contrib.multistore_file
now handles OSError
in addition to IOError
because Windows may raise OSError
where other platforms will raise IOError
.oauth2client.contrib.django_util
and oauth2client.contrib.django_orm
have been updated to support Django 1.8 - 1.10. Versions of Django below 1.8 will not work with these modules.oauth2client.client.DeviceFlowInfo
to use UTC instead of the system timezone when calculating code expiration.flask_util.UserOAuth2.required
would accept expired credentials (#452).flask_util
would fill the session with Flow
objects (#498).Flow.step2_exchange
(#446).AppAssertionCredentials
and adding a warning that GCE won't honor scopes (#419)sign_blob()
to service account types and a service_account_email
property. (#421)ServiceAccountCredentials.from_p12_keyfile
when pyOpenSSL is missing. (#424)oauth2client.tools.run_flow()
rather than forcing users to create a dummy argparser (#426)oauth2client.util.dict_to_tuple_key()
from public interface (#429)oauth2client.contrib._appengine_ndb
helper module for oauth2client.contrib.appengine
and moving most code that uses the ndb
library into the helper (#434)django_util
sample code (#438)ServiceAccountCredentials.from_p12_keyfile_buffer()
to allow passing a file-like object in addition to the factory constructor that uses a filename directly (#413)ServiceAccountCredentials.create_delegated()
to allow upgrading a credential to one that acts on behalf of a given subject (#420)id_token
going out of sync after a token refresh (#337)contrib
sub-package code not considered a core part of the library (#346, #353, #370, #375, #376, #382)token_expiry
to devshell
credentials (#372)Storage
locking into a base class (#379)to_json
and from_json
methods to all Credentials
classes (#385)ServiceAccountCredentials
classes (#395, #396, #397, #398, #400)ServiceAccountCredentials
:For JSON keys, you can create a credential via
from oauth2client.service_account import ServiceAccountCredentials credentials = ServiceAccountCredentials.from_json_keyfile_name( key_file_name, scopes=[...])
You can still rely on
from oauth2client.client import GoogleCredentials credentials = GoogleCredentials.get_application_default()
returning these credentials when you set the GOOGLE_APPLICATION_CREDENTIALS
environment variable.
For .p12
keys, construct via
credentials = ServiceAccountCredentials.from_p12_keyfile( service_account_email, key_file_name, scopes=[...])
though we urge you to use JSON keys (rather than .p12
keys) if you can.
This is equivalent to the previous method
# PRE-oauth2client 2.0.0 EXAMPLE CODE! from oauth2client.client import SignedJwtAssertionCredentials with open(key_file_name, 'rb') as key_file: private_key = key_file.read() credentials = SignedJwtAssertionCredentials( service_account_email, private_key, scope=[...])
tools.run_flow()
(#301, bug was introduced when switching from 2 space indents to 4)bytes
/ str
handling in crypto methods. (#203, #250, #272)webapp
with webapp2
in oauth2client.appengine
(#217)state
parameter to step1_get_authorize_url
. (#219 and #222)flask_util
module that provides a Flask extension to aid with using OAuth2 web server flow. This provides the same functionality as the appengine.webapp2
OAuth2Decorator, but will work with any Flask application regardless of hosting environment. (#226, #273)old_run
module. Was deprecated July 2, 2013. (#285)@util.positional
from wrapped request in Credentials.authorize()
(#196, #197).>=
(#200, #204).Authorization
header (#206).OpenSSL
check to be less strict about finding crypto.py
in the OpenSSL
directory.tox
updates for new environment handling in tox
.body
during token refresh when body
is a stream.openSSL
import.well_known_file
.well_known_file
.NO_GCE_CHECK
for skipping GCE detection.InvalidClientSecretsError
.run_flow
.Big thanks to @dhermes for spotting and fixing a mess in our test setup.
Fix a serious issue with tests not being run. (#86, #87, #89)
Start credentials cleanup for single 2LO/3LO call. (#83, #84)
Clean up stack traces when re-raising in some places. (#79)
Clean up doc building. (#81, #82)
Fixed minimum version for six
dependency. (#75)
six
/py3 support.oauth2client.tools
.Merge python3 branch! Massive thanks due to @pferate and @methane for doing the heavy lifting.
Make oauth2client.tools
import gracefully if argparse
isn't present.
Change flow.step2_exchange
to preserve the raw id_token
in the token_response
field.
flow.step2_exchange
, which is common in some environments (such as GAE).Added support for the Google Application Default Credentials for more information (thanks @orestica).
Added support for OAuth2 for devices (#3, thanks @sde-melo).
The minimum required Python version is now 2.6.
The anyjson
submodule has been removed.
Better exception handling around missing crypto libraries (#56).
Improve error messages in AccessTokenRefreshError
(#53, thanks @erickoledadevrel).
Drop uritemplate
as a dependency.
Handle X509 certs with PyCrypto (#51, thanks @liujin-google).
Handle additional failure types on OSX (#32, thanks @simoncadman).
Better unicode handling with PKCS12 passwords (#31, thanks @jterrace).
Better retry handling with bad server replies on refresh (#29, thanks @kaste).
Better logging for missing refresh_token
in server replies (#21).
Support login_hint
(#18, thanks @jay0lee).
Better overwrite options in django_orm.Storage
. (#2, thanks @lraccomando).
The use of the gflags
library is now deprecated, and is no longer a dependency. If you are still using the oauth2client.tools.run()
function then include python-gflags
as a dependency of your application or switch to oauth2client.tools.run_flow
.
Samples have been updated to use the new apiclient.sample_tools
, and no longer use gflags
.
Added support for the experimental Object Change Notification, as found in the Cloud Storage API.
The oauth2client App Engine decorators are now threadsafe.
Use the following redirects feature of httplib2 where it returns the ultimate URL after a series of redirects to avoid multiple hops for every resumable media upload request.
Updated AdSense Management API samples to V1.3
Add option to automatically retry requests.
Ability to list registered keys in multistore_file
.
User-agent must contain (gzip)
.
The method
parameter for httplib2
is not positional. This would cause spurious warnings in the logging.
Making OAuth2Decorator more extensible. Fixes Issue 256.
Update AdExchange Buyer API examples to version v1.2.
Add PEM support to SignedJWTAssertionCredentials
(used to only support PKCS12 formatted keys). Note that if you use PEM formatted keys you can use PyCrypto 2.6 or later instead of OpenSSL.
Allow deserialized discovery docs to be passed to build_from_document()
.
Make ResumableUploadError
derive from HttpError
.
Many changes to move all the closures in apiclient.discovery
into real classes and objects.
Make from_json
behavior inheritable.
Expose the full token response in OAuth2Client
and OAuth2Decorator
.
Handle reasons that are None.
Added support for NDB based storing of oauth2client objects.
Update grant_type
for AssertionCredentials
.
Adding a .revoke()
to Credentials. Closes issue 98.
Modify oauth2client.multistore_file
to store and retrieve credentials using an arbitrary key.
Don't accept 403
challenges by default for auth challenges.
Set httplib2.RETRIES
to 1.
Consolidate handling of scopes.
Upgrade to httplib2 version 0.8.
Allow setting the response_type
in OAuth2WebServerFlow
.
Ensure that dataWrapper
feature is checked before using the data
value.
HMAC verification does not use a constant time algorithm.
keyring
-based Storage
.client_secrets
JSON file backed by a cache.additionalProperties
when printing schema'd objects.client_secrets.json
. Fixes issue 156.locked_file.py
understand win32file primitives for better awesomeness.MediaUpload
to include io.Base
and also fix some bugs.credentials_from_code
and credentials_from_clientsecrets_and_code
.StorageByKeyName
.None
handling in Django fields. Fixes issue 128.README
files..delete()
method.apiclient.anyjson
has moved to oauth2client.anyjson
.taskqueue().lease()
used to require a parameter named body. In this new release only methods that really need to send a body require a body parameter, and so you may get errors about an unknown body
parameter in your call. The solution is to remove the unneeded body={}
parameter.