* 559: allow local OAuth token validation via vendor extension, see [Connexion's OAuth documentation](https://connexion.readthedocs.io/en/latest/security.html#oauth-2-authentication-and-authorization)
1.2
Not secure
* 541: SECURITY: use `Authorization` header instead of URL params when trying to verify OAuth tokens against TokenInfo endpoint (this might be a **BREAKING CHANGE** for TokenInfo endpoints not supporting the `Authorization` header) * 523, 545: minor fixes / refactoring
1.1.16
Not secure
* 526: enable the [use of Flask-Injector](https://medium.com/ssola/building-microservices-with-python-part-i-5240a8dcc2fb) again * 504: allow `http.HTTPStatus` enums as response status codes
1.1.15
Not secure
* 500: preserve the multiplicity of array type query parameters (e.g. `?items=1&items=2&items=3|4`)
1.1.14
Not secure
* 497: fix KeyError if not `Content-Type` in request headers * 485: fix string type mapping for Python 2