diff --git a/.flake8 b/.flake8
new file mode 100644
index 00000000..792698c8
--- /dev/null
+++ b/.flake8
@@ -0,0 +1,5 @@
+[flake8]
+exclude =
+ tests/*
+max-line-length = 100
+max-complexity = 10
diff --git a/.github/workflows/pypi.yml b/.github/workflows/pypi.yml
new file mode 100644
index 00000000..5fc455c4
--- /dev/null
+++ b/.github/workflows/pypi.yml
@@ -0,0 +1,55 @@
+name: Release to PyPI
+
+permissions:
+ contents: write
+
+on:
+ push:
+ tags:
+ - "1.*"
+
+jobs:
+ build:
+ name: build dist files
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v3
+
+ - uses: actions/setup-python@v4
+ with:
+ python-version: 3.9
+
+ - name: install build
+ run: python -m pip install --upgrade build
+
+ - name: build dist
+ run: python -m build
+
+ - uses: actions/upload-artifact@v3
+ with:
+ name: artifacts
+ path: dist/*
+ if-no-files-found: error
+
+ publish:
+ environment:
+ name: pypi-release
+ url: https://pypi.org/project/Authlib/
+ permissions:
+ id-token: write
+ name: release to pypi
+ needs: build
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/download-artifact@v3
+ with:
+ name: artifacts
+ path: dist
+
+ - name: Push build artifacts to PyPI
+ uses: pypa/gh-action-pypi-publish@release/v1
+ with:
+ skip-existing: true
+ password: ${{ secrets.PYPI_API_TOKEN }}
diff --git a/docs/changelog.rst b/docs/changelog.rst
index a6765ac3..ba3ca923 100644
--- a/docs/changelog.rst
+++ b/docs/changelog.rst
@@ -6,6 +6,21 @@ Changelog
Here you can see the full list of changes between each Authlib release.
+Version 1.3.0
+-------------
+
+- Restore ``AuthorizationServer.create_authorization_response`` behavior, via :PR:`558`
+- Include ``leeway`` in ``validate_iat()`` for JWT, via :PR:`565`
+- Fix ``encode_client_secret_basic``, via :PR:`594`
+- Use single key in JWK if JWS does not specify ``kid``, via :PR:`596`
+- Fix error when RFC9068 JWS has no scope field, via :PR:`598`
+
+**New features**:
+
+- RFC9068 implementation, via :PR:`586`, by @azmeuk.
+
+**Breaking changes**:
+
- End support for python 3.7
Version 1.2.1
@@ -106,127 +121,21 @@ Added ``ES256K`` algorithm for JWS and JWT.
**Breaking Changes**: find how to solve the deprecate issues via https://git.io/JkY4f
-Version 0.15.5
---------------
-
-**Released on Oct 18, 2021.**
-
-- Make Authlib compatible with latest httpx
-- Make Authlib compatible with latest werkzeug
-- Allow customize RFC7523 ``alg`` value
-
-Version 0.15.4
---------------
-
-**Released on Jul 17, 2021.**
-
-- Security fix when JWT claims is None.
-
-
-Version 0.15.3
---------------
-
-**Released on Jan 15, 2021.**
-
-- Fixed `.authorize_access_token` for OAuth 1.0 services, via :issue:`308`.
-
-Version 0.15.2
---------------
-
-**Released on Oct 18, 2020.**
-
-- Fixed HTTPX authentication bug, via :issue:`283`.
-
-
-Version 0.15.1
---------------
-
-**Released on Oct 14, 2020.**
-
-- Backward compatible fix for using JWKs in JWT, via :issue:`280`.
-
-
-Version 0.15
-------------
-
-**Released on Oct 10, 2020.**
-
-This is the last release before v1.0. In this release, we added more RFCs
-implementations and did some refactors for JOSE:
-
-- RFC8037: CFRG Elliptic Curve Diffie-Hellman (ECDH) and Signatures in JSON Object Signing and Encryption (JOSE)
-- RFC7638: JSON Web Key (JWK) Thumbprint
-
-We also fixed bugs for integrations:
-
-- Fixed support for HTTPX>=0.14.3
-- Added OAuth clients of HTTPX back via :PR:`270`
-- Fixed parallel token refreshes for HTTPX async OAuth 2 client
-- Raise OAuthError when callback contains errors via :issue:`275`
-
-**Breaking Change**:
-
-1. The parameter ``algorithms`` in ``JsonWebSignature`` and ``JsonWebEncryption``
-are changed. Usually you don't have to care about it since you won't use it directly.
-2. Whole JSON Web Key is refactored, please check :ref:`jwk_guide`.
-
-Version 0.14.3
---------------
-
-**Released on May 18, 2020.**
-
-- Fix HTTPX integration via :PR:`232` and :PR:`233`.
-- Add "bearer" as default token type for OAuth 2 Client.
-- JWS and JWE don't validate private headers by default.
-- Remove ``none`` auth method for authorization code by default.
-- Allow usage of user provided ``code_verifier`` via :issue:`216`.
-- Add ``introspect_token`` method on OAuth 2 Client via :issue:`224`.
-
-
-Version 0.14.2
---------------
-
-**Released on May 6, 2020.**
-
-- Fix OAuth 1.0 client for starlette.
-- Allow leeway option in client parse ID token via :PR:`228`.
-- Fix OAuthToken when ``expires_at`` or ``expires_in`` is 0 via :PR:`227`.
-- Fix auto refresh token logic.
-- Load server metadata before request.
-
-
-Version 0.14.1
---------------
-
-**Released on Feb 12, 2020.**
-
-- Quick fix for legacy imports of Flask and Django clients
-
-
-Version 0.14
-------------
-
-**Released on Feb 11, 2020.**
-
-In this release, Authlib has introduced a new way to write framework integrations
-for clients.
-
-**Bug fixes** and enhancements in this release:
-
-- Fix HTTPX integrations due to HTTPX breaking changes
-- Fix ES algorithms for JWS
-- Allow user given ``nonce`` via :issue:`180`.
-- Fix OAuth errors ``get_headers`` leak.
-- Fix ``code_verifier`` via :issue:`165`.
-
-**Breaking Change**: drop sync OAuth clients of HTTPX.
-
-
Old Versions
------------
Find old changelog at https://github.com/lepture/authlib/releases
+- Version 0.15.5: Released on Oct 18, 2021
+- Version 0.15.4: Released on Jul 17, 2021
+- Version 0.15.3: Released on Jan 15, 2021
+- Version 0.15.2: Released on Oct 18, 2020
+- Version 0.15.1: Released on Oct 14, 2020
+- Version 0.15.0: Released on Oct 10, 2020
+- Version 0.14.3: Released on May 18, 2020
+- Version 0.14.2: Released on May 6, 2020
+- Version 0.14.1: Released on Feb 12, 2020
+- Version 0.14.0: Released on Feb 11, 2020
- Version 0.13.0: Released on Nov 11, 2019
- Version 0.12.0: Released on Sep 3, 2019
- Version 0.11.0: Released on Apr 6, 2019
diff --git a/pyproject.toml b/pyproject.toml
index 9787c3bd..47061ee9 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,3 +1,49 @@
+[project]
+name = "Authlib"
+description = "The ultimate Python library in building OAuth and OpenID Connect servers and clients."
+authors = [{name = "Hsiaoming Yang", email="me@lepture.com"}]
+dependencies = [
+ "cryptography",
+]
+license = {text = "BSD-3-Clause"}
+requires-python = ">=3.8"
+dynamic = ["version"]
+readme = "README.rst"
+classifiers = [
+ "Development Status :: 5 - Production/Stable",
+ "Environment :: Console",
+ "Environment :: Web Environment",
+ "Intended Audience :: Developers",
+ "License :: OSI Approved :: BSD License",
+ "Operating System :: OS Independent",
+ "Programming Language :: Python",
+ "Programming Language :: Python :: 3",
+ "Programming Language :: Python :: 3.8",
+ "Programming Language :: Python :: 3.9",
+ "Programming Language :: Python :: 3.10",
+ "Programming Language :: Python :: 3.11",
+ "Programming Language :: Python :: Implementation :: CPython",
+ "Topic :: Security",
+ "Topic :: Security :: Cryptography",
+ "Topic :: Internet :: WWW/HTTP :: Dynamic Content",
+ "Topic :: Internet :: WWW/HTTP :: WSGI :: Application",
+]
+
+[project.urls]
+Documentation = "https://docs.authlib.org/"
+Purchase = "https://authlib.org/plans"
+Issues = "https://github.com/lepture/authlib/issues"
+Source = "https://github.com/lepture/authlib"
+Donate = "https://github.com/sponsors/lepture"
+Blog = "https://blog.authlib.org/"
+
[build-system]
requires = ["setuptools", "wheel"]
build-backend = "setuptools.build_meta"
+
+[tool.setuptools.dynamic]
+version = {attr = "authlib.__version__"}
+
+[tool.setuptools.packages.find]
+where = ["."]
+include = ["authlib", "authlib.*"]
diff --git a/setup.cfg b/setup.cfg
index 15d2bf78..b636ad0c 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -1,67 +1,10 @@
[bdist_wheel]
universal = 1
-[metadata]
-name = Authlib
-version = attr: authlib.__version__
-author = Hsiaoming Yang
-url = https://authlib.org/
-author_email = me@lepture.com
-license = BSD 3-Clause License
-license_file = LICENSE
-description = The ultimate Python library in building OAuth and OpenID Connect servers and clients.
-long_description = file: README.rst
-long_description_content_type = text/x-rst
-platforms = any
-classifiers =
- Development Status :: 5 - Production/Stable
- Environment :: Console
- Environment :: Web Environment
- Framework :: Flask
- Framework :: Django
- Intended Audience :: Developers
- License :: OSI Approved :: BSD License
- Operating System :: OS Independent
- Programming Language :: Python
- Programming Language :: Python :: 3
- Programming Language :: Python :: 3.8
- Programming Language :: Python :: 3.9
- Programming Language :: Python :: 3.10
- Programming Language :: Python :: 3.11
- Programming Language :: Python :: 3.12
- Topic :: Internet :: WWW/HTTP :: Dynamic Content
- Topic :: Internet :: WWW/HTTP :: WSGI :: Application
-
-project_urls =
- Documentation = https://docs.authlib.org/
- Commercial License = https://authlib.org/plans
- Bug Tracker = https://github.com/lepture/authlib/issues
- Source Code = https://github.com/lepture/authlib
- Donate = https://github.com/sponsors/lepture
- Blog = https://blog.authlib.org/
-
-[options]
-packages = find:
-zip_safe = False
-include_package_data = True
-install_requires =
- cryptography>=3.2
-
-[options.packages.find]
-include=
- authlib
- authlib.*
-
[check-manifest]
ignore =
tox.ini
-[flake8]
-exclude =
- tests/*
-max-line-length = 100
-max-complexity = 10
-
[tool:pytest]
python_files = test*.py
norecursedirs = authlib build dist docs htmlcov