Fixed RFC7592 Dynamic Client Registration Management Protocol

[azmeuk]

This PR fixes/implements the RFC7592 spec. It brings those changes

• The Flask integration keep the request data when the request type is PUT
• rfc7592/endpoint.py implements the RFC7592 specification
• The endpoint is tested by tests/flask/test_oauth2/test_client_configuration_endpoint.py
• rfc7592/endpoint.py has a 100% coverage
• The implementation is documented by docs/specs/rfc7592.rst

I read RFC7592 and did my best to implement this, but I am not 100% confident to have understood or implemented things right. I think a second pair of eyes might help. I tried to make unit tests as explicit and short as I could, and insert quotes from the spec to illustrate the tests.

The extract_client_metadata method has been copied from RFC7591 (and I removed the software_statement part). Maybe this should be factorized? If so, how should this be? I was thinking of extracting the method in a ClientRegistrationEndpointMixin from which would inherit ClientRegistrationEndpoint and ClientConfigurationEndpoint.

There are breaking changes on some method signatures, but this spec was not documented anyways:

• introspect_client MUST be implemented
• save_client is renamed update_client and takes an additional client_metadata parameter
• introspect_metadata is not required anymore
• revoke_access_token takes a token parameter

I think the documentation could make clearer that a registration access token can be a different thing than a regular access_token, but I guess this is enough like this.

Fixes #499

• You consent that the copyright of your pull request source code belongs to Authlib's author.

[lepture]

1. I tried to remove sqlachemy from authlib.
2. are you using some code formatting tool? most of the Authlib code are using ' instead of ", please don't change them.

[lepture]

Thanks for your contribution, I'll check the specification implementation later.

[azmeuk]

I have added commits for simple quotes and framework independent examples. I added commits to the PR so you can review the differences, but if you prefer (and for future fixes) I can squash the commit and force push.

are you using some code formatting tool?

Yep. I was using black :)

What do you think about using a pre-commit configuration to check and enforce the code style for authlib? We could take inspiration from the wtforms pre-commit configuration. I can open a PR if you wish.

[lepture]

@azmeuk I don't like the black code style. Let's keep it the current way.

For testing, I'm using self.assertEqual and other self.assertXXX from unittest module. These method would print better error stack than the raw assert.

No worries, I'll squash to merge the PR. You can add as many commits as you like.

[lepture]

We are almost done. But there should be a get_server_metadata method implementation in the rfc documentation.

Thanks for your hard work.

[azmeuk]

This is done, is this implementation example enough?

[lepture]

Thanks.