Moauthlib

------------------
* (Fix) Allow client secret to be null for public applications that do not mandate it's specification in the query parameters.
* (Fix) Encode request body before hashing in order to prevent encoding errors in Python 3.

------------------
* (Fix) Added token_type_hint to the list of default Request parameters.

------------------

* (Breaking Change) Replace pycrypto with cryptography from https://cryptography.io
* (Breaking Change) Update jwt to 1.0.0 (which is backwards incompatible) no oauthlib api changes
were made.
* (Breaking Change) Raise attribute error for non-existing attributes in the Request object.
* (Fix) Strip whitespace off of scope string.
* (Change) Don't require to return the state in the access token response.
* (Change) Hide password in logs.
* (Fix) Fix incorrect invocation of prepare_refresh_body in the OAuth2 client.
* (Fix) Handle empty/non-parsable query strings.
* (Fix) Check if an RSA key is actually needed before requiring it.
* (Change) Allow tuples for list_to_scope as well as sets and lists.
* (Change) Add code to determine if client authentication is required for OAuth2.
* (Fix) Fix error message on invalid Content-Type header for OAtuh1 signing.
* (Fix) Allow ! character in query strings.
* (Fix) OAuth1 now includes the body hash for requests that specify any content-type that isn't x-www-form-urlencoded.
* (Fix) Fixed error description in oauth1 endpoint.
* (Fix) Revocation endpoint for oauth2 will now return an empty string in the response body instead of 'None'.
* Increased test coverage.
* Performance improvements.
* Documentation improvements and fixes.

------------------

* (Quick fix) Unpushed locally modified files got included in the PyPI 0.7.1
release. Doing a new clean release to address this. Please upgrade quickly
and report any issues you are running into.

------------------

* (Quick fix) Add oauthlib.common.log object back in for libraries using it.

------------------

* (Change) OAuth2 clients will not raise a Warning on scope change if
the environment variable ``OAUTHLIB_RELAX_TOKEN_SCOPE`` is set. The token
will now be available as an attribute on the error, ``error.token``.
Token changes will now also be announced using blinker.
* (Fix/Feature) Automatic fixes of non-compliant OAuth2 provider responses (e.g. Facebook).
* (Fix) Logging is now tiered (per file) as opposed to logging all under ``oauthlib``.
* (Fix) Error messages should now include a description in their message.
* (Fix/Feature) Optional support for jsonp callbacks after token revocation.
* (Feature) Client side preparation of OAuth 2 token revocation requests.
* (Feature) New OAuth2 client API methods for preparing full requests.
* (Feature) OAuth1 SignatureOnlyEndpoint that only verifies signatures and client IDs.
* (Fix/Feature) Refresh token grant now allow optional refresh tokens.
* (Fix) add missing state param to OAuth2 errors.
* (Fix) add_params_to_uri now properly parse fragment.
* (Fix/Feature) All OAuth1 errors can now be imported from oauthlib.oauth1.
* (Fix/Security) OAuth2 logs will now strip client provided password, if present.
* Allow unescaped in urlencoded parameters.