Ported from https://github.com/securedimensions/QGIS-OAuth2-Plugin
The Testbed 13 version provides an additional configuration tab "software statement" which allows a user to automatically register the plugin with a required configuration with the Authorization Server. Of course this can only be leveraged, if the Authorization Server involved supports the registration via digitally signed software statements (JWTs) as described in this ER.
[FEATURE] Adds a detectTypes flag to the delimited text provider url. If
set to "no" then type detection is not done and all attributes are
treated as text fields. Otherwise the original behaviour of
detecting field types is preserved.
[needs-docs] Adds a "Detect field types" check box to the record and
field options section of the delimited text provider GUI.
This addresses (at least partially) issue #18601. A more complete
solution would be to allow users to set field types.
Possible fix for a crash obtained with incomplete crash report
trace... but it doesn't hurt to be safe anyway and guard against
nullptr symbols.
Also safer memory management via unique_ptrs, which fixes a couple
of leaks in symbol handling.
This is supported by the toolbox now, so relax the requirement
that all models have a compulsory group name. If no group is set,
the model is shown directly under the Models node in the toolbox.
Also switch a warning from message box to message bar
unless a filter string is entered
This allows easier discoverability - e.g. without this, the model
and script nodes are hidden until models/scripts have already
been created.
Ported from https://github.com/securedimensions/QGIS-OAuth2-Plugin
The Boundless Geo version of the plugin requests the state parameter to be provided by the user.
We have changed that as we think that the user must not be responsible for providing that,
as a duplication of a state parameter could lead to unintentional errors.
The Testbed 13 version generates the state parameter automatically for each authorization
request to the Authorization Server and checks the value from the redirect to ensure no CSRF attacks.
