ndg-oauth-server 0.6.0

0.6.0

• Clean up of password-based authentication of client by authorization server
• Removal of redundant MyProxy hooks

0.5.1

Willem van Engen的集成增强功能包括：

• password-based client authentication, which is a commonly used client authentication method
• resource authentication for the check_token endpoint, to avoid brute-force attacks on token check; also provides a starting point for audience-restricted tokens and resource-restricted attribute release
• return user attribute from check_token endpoint, so that the resource knows what the user is; attribute name user_name according to CloudFoundry

资源和客户端身份验证使用相同的类，现在被实例化 用一个字符串表示它们的用途（给出有意义的日志消息）。这个 已删除客户端验证器接口，因为所有验证器都可以派生 直接来自authenticator_接口，因为它们都用于客户端和 资源；它们也被重命名以明确说明这一点（删除客户机）。

在client_register.ini和resource_register.ini（后者是新的）字段中 秘密是可选的。

客户端代码不变。

0.4.0

• Revised examples in ndg.oauth.client.examples. bearer_tok uses bearer token to secure access to a simple html page on a resource server, slcs is an example protecting a short-lived credential service aka. Online Certificate Authority. This requires the ContrailOnlineCAService package and should be used in conjunction with the equivalent example in the ndg_oauth_client example.
• Added discrete WSGI resource server middleware ndg.oauth.server.wsgi.resource_server.Oauth2ResourceServerMiddleware
• Includes support for bearer access token passed in Authorization header to resource server.