Matt Wright

@sigbjod Does your pull request take into account the findings of @j0hnk?

Alright...I'm going to continue to keep an ear on this thread and, unfortunately, have to rely on your guys work and research on this issue as I've been a bit...

@jramsdale Sadly, I'm completely out of touch with Spring Social these days as I've been focusing only on Python development over the last two years. I'm not sure I have...

This is obviously useful, but you changed some functionality that I see as required. Being able to set `JWT_AUTH_URL_RULE` and `JWT_AUTH_ENDPOINT` to `None` allows one to disable the auth endpoint....

Great idea. I failed to add this obvious feature. However, I'm not sure how the test asserts that the audience is correctly being set/used

New version should fix this. Can you please verify?

@eriktaubeneck I'm not sure its necessary. While the forms do require a POST to get the OAuth flow started, we're not manipulating any data on the server in the context...

Ah, fair enough. Lets definitely look into this, then.

This could be tricky. I'm wondering if there is support in the API clients to know if an access token has expired and we can, within Flask-Social, handle that somehow,...

At risk of sounding stupid, is this basically to get operators between permissions to behave like set operators?