---------
Changelog
---------

0.3 (2010-01-25)
================

- Included a distutils manifest file; so that all files in the package can be released onto PyPi.

0.2 (2010-01-25)
================

- Moved the MockStorage class to the provider module and renamed it to Storage.  It turns out this class might not be so singular use after all.  The move was warranted by a ZODB storage implementation (see the wsgioauth.zodb package).
- Added a verifier check that is required by OAuth 1.0a.  This checks that the verifiers match when making a request for an access token.  Also, the verifier is set during the authorization process.
- Wrote individual methods for pulling OAuth parameters from the various places they can reside.  By doing this, a bug in the HMAC_SHA1 custom signature method was fixed.  The bug existed because the HTTP Authorization header parameters were not being taken into account when creating the base signature.
- Fixed an issue with the nonce check, where requests for authorization were being passed through the middleware as full OAuth requests with a nonce value of None.  This caused an invalid NOnceReplay error when attempting to do another authorization request.  So, the nonce check method execution was moved into the signature check method, where it would not be executed by the authorization code.
- Created an example service provider and consumer application.
- Created the consumer Client and Request classes that respectively subclasses httplib2's Http and oauth2's Request.  These subclassed versions work with OAuth version 1.0a.
- Registered the echo application for use in the examples.
- Removed the wsgiref dependency.  However, the wsgiref package is still required to run the examples, but not required in the library itself.
- Moved the package for pre-alpha to alpha.

0.1 (2010-01-06)
================

- Initial pre-alpha release.

0.0 (2009-12-00)
================

- Created the service provider middleware from the ashes of another package I was working on. The middleware is used to authorize users attempting to access the protected resource (aka the application or parts of the application).
- Established egg entry-points for:

 - Simple authentication plugins that would most likely call up the applications login or some central login page. (see setup.py's entry_points for an example)
 - Signature plugins that are used to sign, unsign and check OAuth requests.

- Created examples (in the mock module) for:

 - A service provider administration application.
 - A very simple storage implementation.

- Created our own Token class based off off oauth2.Token, because we needed a new constructor for keyword arguments and the ability to plug-in our own verifier generation.
- Replaced oauth2.Request with a subclassed webob.Request at wsgioauth.request.Request.  The subclass simply adds the *oauth_params* method to provider an easy way of gathering the oauth parameters from a request of any of the `three acceptable methods <http://oauth.net/core/1.0a/#consumer_req_param>`_.
- Replaced oauth2.Server with a WSGI application/middleware at wsgioauth.provider.*. 
