Merge GitHub action for release

.flake8

@@ -0,0 +1,5 @@
+[flake8]
+exclude =
+    tests/*
+max-line-length = 100
+max-complexity = 10

.github/workflows/pypi.yml

@@ -0,0 +1,55 @@
+name: Release to PyPI
+
+permissions:
+  contents: write
+
+on:
+  push:
+    tags:
+      - "1.*"
+
+jobs:
+  build:
+    name: build dist files
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - uses: actions/setup-python@v4
+      with:
+        python-version: 3.9
+
+    - name: install build
+      run: python -m pip install --upgrade build
+
+    - name: build dist
+      run: python -m build
+
+    - uses: actions/upload-artifact@v3
+      with:
+        name: artifacts
+        path: dist/*
+        if-no-files-found: error
+
+  publish:
+    environment:
+      name: pypi-release
+      url: https://pypi.org/project/Authlib/
+    permissions:
+      id-token: write
+    name: release to pypi
+    needs: build
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/download-artifact@v3
+      with:
+        name: artifacts
+        path: dist
+
+    - name: Push build artifacts to PyPI
+      uses: pypa/gh-action-pypi-publish@release/v1
+      with:
+        skip-existing: true
+        password: ${{ secrets.PYPI_API_TOKEN }}

docs/changelog.rst

@@ -6,6 +6,21 @@ Changelog
 
 Here you can see the full list of changes between each Authlib release.
 
+Version 1.3.0
+-------------
+
+- Restore ``AuthorizationServer.create_authorization_response`` behavior, via :PR:`558`
+- Include ``leeway`` in ``validate_iat()`` for JWT, via :PR:`565`
+- Fix ``encode_client_secret_basic``, via :PR:`594`
+- Use single key in JWK if JWS does not specify ``kid``, via :PR:`596`
+- Fix error when RFC9068 JWS has no scope field, via :PR:`598`
+
+**New features**:
+
+- RFC9068 implementation, via :PR:`586`, by @azmeuk.
+
+**Breaking changes**:
+
 - End support for python 3.7
 
 Version 1.2.1
@@ -106,127 +121,21 @@ Added ``ES256K`` algorithm for JWS and JWT.
 **Breaking Changes**: find how to solve the deprecate issues via https://git.io/JkY4f
 
 
-Version 0.15.5
---------------
-
-**Released on Oct 18, 2021.**
-
-- Make Authlib compatible with latest httpx
-- Make Authlib compatible with latest werkzeug
-- Allow customize RFC7523 ``alg`` value
-
-Version 0.15.4
---------------
-
-**Released on Jul 17, 2021.**
-
-- Security fix when JWT claims is None.
-
-
-Version 0.15.3
---------------
-
-**Released on Jan 15, 2021.**
-
-- Fixed `.authorize_access_token` for OAuth 1.0 services, via :issue:`308`.
-
-Version 0.15.2
---------------
-
-**Released on Oct 18, 2020.**
-
-- Fixed HTTPX authentication bug, via :issue:`283`.
-
-
-Version 0.15.1
---------------
-
-**Released on Oct 14, 2020.**
-
-- Backward compatible fix for using JWKs in JWT, via :issue:`280`.
-
-
-Version 0.15
-------------
-
-**Released on Oct 10, 2020.**
-
-This is the last release before v1.0. In this release, we added more RFCs
-implementations and did some refactors for JOSE:
-
-- RFC8037: CFRG Elliptic Curve Diffie-Hellman (ECDH) and Signatures in JSON Object Signing and Encryption (JOSE)
-- RFC7638: JSON Web Key (JWK) Thumbprint
-
-We also fixed bugs for integrations:
-
-- Fixed support for HTTPX>=0.14.3
-- Added OAuth clients of HTTPX back via :PR:`270`
-- Fixed parallel token refreshes for HTTPX async OAuth 2 client
-- Raise OAuthError when callback contains errors via :issue:`275`
-
-**Breaking Change**:
-
-1. The parameter ``algorithms`` in ``JsonWebSignature`` and ``JsonWebEncryption``
-are changed. Usually you don't have to care about it since you won't use it directly.
-2. Whole JSON Web Key is refactored, please check :ref:`jwk_guide`.
-
-Version 0.14.3
---------------
-
-**Released on May 18, 2020.**
-
-- Fix HTTPX integration via :PR:`232` and :PR:`233`.
-- Add "bearer" as default token type for OAuth 2 Client.
-- JWS and JWE don't validate private headers by default.
-- Remove ``none`` auth method for authorization code by default.
-- Allow usage of user provided ``code_verifier`` via :issue:`216`.
-- Add ``introspect_token`` method on OAuth 2 Client via :issue:`224`.
-
-
-Version 0.14.2
---------------
-
-**Released on May 6, 2020.**
-
-- Fix OAuth 1.0 client for starlette.
-- Allow leeway option in client parse ID token via :PR:`228`.
-- Fix OAuthToken when ``expires_at`` or ``expires_in`` is 0 via :PR:`227`.
-- Fix auto refresh token logic.
-- Load server metadata before request.
-
-
-Version 0.14.1
---------------
-
-**Released on Feb 12, 2020.**
-
-- Quick fix for legacy imports of Flask and Django clients
-
-
-Version 0.14
-------------
-
-**Released on Feb 11, 2020.**
-
-In this release, Authlib has introduced a new way to write framework integrations
-for clients.
-
-**Bug fixes** and enhancements in this release:
-
-- Fix HTTPX integrations due to HTTPX breaking changes
-- Fix ES algorithms for JWS
-- Allow user given ``nonce`` via :issue:`180`.
-- Fix OAuth errors ``get_headers`` leak.
-- Fix ``code_verifier`` via :issue:`165`.
-
-**Breaking Change**: drop sync OAuth clients of HTTPX.
-
-
 Old Versions
 ------------
 
 Find old changelog at https://github.com/lepture/authlib/releases
 
+- Version 0.15.5: Released on Oct 18, 2021
+- Version 0.15.4: Released on Jul 17, 2021
+- Version 0.15.3: Released on Jan 15, 2021
+- Version 0.15.2: Released on Oct 18, 2020
+- Version 0.15.1: Released on Oct 14, 2020
+- Version 0.15.0: Released on Oct 10, 2020
+- Version 0.14.3: Released on May 18, 2020
+- Version 0.14.2: Released on May 6, 2020
+- Version 0.14.1: Released on Feb 12, 2020
+- Version 0.14.0: Released on Feb 11, 2020
 - Version 0.13.0: Released on Nov 11, 2019
 - Version 0.12.0: Released on Sep 3, 2019
 - Version 0.11.0: Released on Apr 6, 2019

pyproject.toml

@@ -1,3 +1,49 @@
+[project]
+name = "Authlib"
+description = "The ultimate Python library in building OAuth and OpenID Connect servers and clients."
+authors = [{name = "Hsiaoming Yang", email="[email protected]"}]
+dependencies = [
+  "cryptography",
+]
+license = {text = "BSD-3-Clause"}
+requires-python = ">=3.8"
+dynamic = ["version"]
+readme = "README.rst"
+classifiers = [
+  "Development Status :: 5 - Production/Stable",
+  "Environment :: Console",
+  "Environment :: Web Environment",
+  "Intended Audience :: Developers",
+  "License :: OSI Approved :: BSD License",
+  "Operating System :: OS Independent",
+  "Programming Language :: Python",
+  "Programming Language :: Python :: 3",
+  "Programming Language :: Python :: 3.8",
+  "Programming Language :: Python :: 3.9",
+  "Programming Language :: Python :: 3.10",
+  "Programming Language :: Python :: 3.11",
+  "Programming Language :: Python :: Implementation :: CPython",
+  "Topic :: Security",
+  "Topic :: Security :: Cryptography",
+  "Topic :: Internet :: WWW/HTTP :: Dynamic Content",
+  "Topic :: Internet :: WWW/HTTP :: WSGI :: Application",
+]
+
+[project.urls]
+Documentation = "https://docs.authlib.org/"
+Purchase = "https://authlib.org/plans"
+Issues = "https://github.com/lepture/authlib/issues"
+Source = "https://github.com/lepture/authlib"
+Donate = "https://github.com/sponsors/lepture"
+Blog = "https://blog.authlib.org/"
+
 [build-system]
 requires = ["setuptools", "wheel"]
 build-backend = "setuptools.build_meta"
+
+[tool.setuptools.dynamic]
+version = {attr = "authlib.__version__"}
+
+[tool.setuptools.packages.find]
+where = ["."]
+include = ["authlib", "authlib.*"]

setup.cfg

@@ -1,67 +1,10 @@
 [bdist_wheel]
 universal = 1
 
-[metadata]
-name = Authlib
-version = attr: authlib.__version__
-author = Hsiaoming Yang
-url = https://authlib.org/
-author_email = [email protected]
-license = BSD 3-Clause License
-license_file = LICENSE
-description = The ultimate Python library in building OAuth and OpenID Connect servers and clients.
-long_description = file: README.rst
-long_description_content_type = text/x-rst
-platforms = any
-classifiers =
-    Development Status :: 5 - Production/Stable
-    Environment :: Console
-    Environment :: Web Environment
-    Framework :: Flask
-    Framework :: Django
-    Intended Audience :: Developers
-    License :: OSI Approved :: BSD License
-    Operating System :: OS Independent
-    Programming Language :: Python
-    Programming Language :: Python :: 3
-    Programming Language :: Python :: 3.8
-    Programming Language :: Python :: 3.9
-    Programming Language :: Python :: 3.10
-    Programming Language :: Python :: 3.11
-    Programming Language :: Python :: 3.12
-    Topic :: Internet :: WWW/HTTP :: Dynamic Content
-    Topic :: Internet :: WWW/HTTP :: WSGI :: Application
-
-project_urls =
-    Documentation = https://docs.authlib.org/
-    Commercial License = https://authlib.org/plans
-    Bug Tracker = https://github.com/lepture/authlib/issues
-    Source Code = https://github.com/lepture/authlib
-    Donate = https://github.com/sponsors/lepture
-    Blog = https://blog.authlib.org/
-
-[options]
-packages = find:
-zip_safe = False
-include_package_data = True
-install_requires =
-    cryptography>=3.2
-
-[options.packages.find]
-include=
-    authlib
-    authlib.*
-
 [check-manifest]
 ignore =
     tox.ini
 
-[flake8]
-exclude =
-    tests/*
-max-line-length = 100
-max-complexity = 10
-
 [tool:pytest]
 python_files = test*.py
 norecursedirs = authlib build dist docs htmlcov