WebTest 2.0.30 has been released.
23 views
Skip to first unread message
Gael Pasgrimaud
Jun 23, 2018, 8:57:13 AM6/23/18
to pylons-...@googlegroups.com
WebTest 2.0.30 has been released.
Here are the changes:
- Add ``Email`` class for input fields with type "email".
- Documentation bearer token and JWT authorization
You can install it via PyPI:
pip install WebTest==2.0.30
Enjoy, and please report any issues you find to the issue tracker at
https://github.com/Pylons/webtest/issues
Thanks!
- WebTest developers
Here are the changes:
- Add ``Email`` class for input fields with type "email".
- Documentation bearer token and JWT authorization
You can install it via PyPI:
pip install WebTest==2.0.30
Enjoy, and please report any issues you find to the issue tracker at
https://github.com/Pylons/webtest/issues
Thanks!
- WebTest developers
Mike Orr
Jun 23, 2018, 2:00:04 PM6/23/18
to pylons-...@googlegroups.com
On Sat, Jun 23, 2018 at 5:57 AM, Gael Pasgrimaud <ga...@gawel.org> wrote:
> WebTest 2.0.30 has been released.
>
> Here are the changes:
>
> - Add ``Email`` class for input fields with type "email".
>
> - Documentation bearer token and JWT authorization
What is a bearer token and JWT authorization? Does that mean a CSRF token?
> WebTest 2.0.30 has been released.
>
> Here are the changes:
>
> - Add ``Email`` class for input fields with type "email".
>
> - Documentation bearer token and JWT authorization
Gael Pasgrimaud
Jun 23, 2018, 2:26:55 PM6/23/18
to pylons-...@googlegroups.com
Hi,
It's like basic auth but use tokens in the Authorization headers instead
of base64(user:pass). It's a bit more secure... JWT token may also contains
some extra data (user infos, api scope, etc.) but those are encrypted using
public/private keys. I don't know much about bearer.
Most apis supports one of those, or both.
https://docs.pylonsproject.org/projects/webtest/en/latest/api.html#webtest.app.TestApp.authorization
of base64(user:pass). It's a bit more secure... JWT token may also contains
some extra data (user infos, api scope, etc.) but those are encrypted using
public/private keys. I don't know much about bearer.
Most apis supports one of those, or both.
https://docs.pylonsproject.org/projects/webtest/en/latest/api.html#webtest.app.TestApp.authorization
Jonathan Vanasco
Jun 25, 2018, 5:21:28 PM6/25/18
to pylons-discuss
On Saturday, June 23, 2018 at 2:26:55 PM UTC-4, Gael Pasgrimaud wrote:
It's like basic auth but use tokens in the Authorization headers instead
of base64(user:pass). It's a bit more secure... JWT token may also contains
some extra data (user infos, api scope, etc.) but those are encrypted using
public/private keys. I don't know much about bearer.
A "Bearer Token" is the common type of "Access Token" in oAuth2 and used by many APIs.
In oAuth2, a client often authenticates with a key+secret and is issued a "Bearer Token" in return. The "Bearer Token" is then sent in the HTTPS headers, and can be invalidated from the authorizing application.
In oAuth2, a client often authenticates with a key+secret and is issued a "Bearer Token" in return. The "Bearer Token" is then sent in the HTTPS headers, and can be invalidated from the authorizing application.
Jonathan Vanasco
Jun 25, 2018, 5:22:20 PM6/25/18
to pylons-discuss
clarification: oAuth2 supports some other flows/tokens too - but the Bearer concept is vert common.
Reply all
Reply to author
Forward
0 new messages