Bump oic from 1.1.2 to 1.3.0

[dependabot]

Bumps oic from 1.1.2 to 1.3.0.

Release notes

Sourced from oic's releases.

Security vulnerability fix (CVE-2020-26244)

No release notes provided.

Logout fixes, OAuth improvements

Prepared logout for SameSite changes in browsers.

Fixed and improved OAuth2 support.

See CHANGELOG.md for more details.

Changelog

Sourced from oic's changelog.

1.3.0 [2021-07-09]

Changed

• #763 Drop python 3.5 support

Added

• #790 Support for dict in Client.parse_response formats
• #739 Better error message for providers which return HTTP Error 405 on userinfo
• #723 Add settings class to handle settings related to Client and Server

#723: OpenIDC/pyoidc#723 #739: OpenIDC/pyoidc#739 #763: OpenIDC/pyoidc#763 #790: OpenIDC/pyoidc#790

1.2.1 [2020-12-01]

Fixed

• Fixed several client vulnerabilities (CVE-2020-26244)

1.2.0 [2020-02-05]

Fixed

• #727 OAuth client request using Client Credentials grant

Added

• #719 Add support for JWT registration tokens
• #728 OAuth client request using Extension grant
• #731 Session cookie need to be visible to OP IFrame.

#719: OpenIDC/pyoidc#719 #727: OpenIDC/pyoidc#727 #728: OpenIDC/pyoidc#728 #731: OpenIDC/pyoidc#731

Commits

• bd510e4 Prepare 1.3.0 release
• 147bff9 Merge pull request #791 from OpenIDC/travis-banner
• ff97045 Remove Travis Build Banner
• 7cf85cd Support for dict in Client.parse_response formats (#790)
• a5e8986 Merge pull request #788 from OpenIDC/fix-bandit
• b64bf52 Re-enable bandit
• 2e4493a Merge pull request #787 from OpenIDC/py39
• 3278a12 Add mention of 3.9
• b7f118c Merge branch 'kschu91-bugfix/skew-in-access-token-refresh'
• e54e5d1 pass through **kwargs to ensure additional args like skew can be set
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #87.