bump version to 0.7.0

docs/apps.html

@@ -5,7 +5,7 @@
     <meta charset="utf-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" /><meta name="generator" content="Docutils 0.19: https://docutils.sourceforge.io/" />
 
-    <title>Third-party applications &#8212; FitTrackee 0.6.12
+    <title>Third-party applications &#8212; FitTrackee 0.7.0
  documentation</title>
     <link rel="stylesheet" type="text/css" href="_static/pygments.css" />
     <link rel="stylesheet" type="text/css" href="_static/bootstrap-sphinx.css" />
@@ -41,7 +41,7 @@
         </button>
         <a class="navbar-brand" href="index.html">
           FitTrackee</a>
-        <span class="navbar-text navbar-version pull-left"><b>0.6.12
+        <span class="navbar-text navbar-version pull-left"><b>0.7.0
 </b></span>
       </div>
 
@@ -136,10 +136,6 @@ most endpoints require authorization/authentication.</p>
 <p>To allow a third-party application to interact with API endpoints, an
 <a class="reference external" href="https://datatracker.ietf.org/doc/html/rfc6749">OAuth2</a> client can be created
 in user settings (‘apps’ tab).</p>
-<div class="admonition note">
-<p class="admonition-title">Note</p>
-<p>OAuth2 support is implemented with <a class="reference external" href="https://docs.authlib.org/en/latest/">Authlib</a> library.</p>
-</div>
 <div class="admonition warning">
 <p class="admonition-title">Warning</p>
 <p>OAuth2 endpoints requiring authentication are not accessible by third-party
@@ -149,6 +145,7 @@ client (first-party application).</p>
 <p>FitTrackee supports only <a class="reference external" href="https://datatracker.ietf.org/doc/html/rfc6749#section-1.3.1">Authorization Code</a>
 flow (with PKCE support).
 It allows to exchange an authorization code for an access token.
+The client ID and secret must be sent in the POST body.
 It is recommended to use <a class="reference external" href="https://datatracker.ietf.org/doc/html/rfc7636">PKCE</a>
 to provide a better security.</p>
 <p>The following scopes are available:</p>
@@ -164,10 +161,26 @@ to provide a better security.</p>
 <figure class="align-default">
 <img alt="OAuth2 client creation on FitTrackee" src="_images/fittrackee_screenshot-07.png" />
 </figure>
+<div class="admonition note">
+<p class="admonition-title">Note</p>
+<p>OAuth2 support is implemented with <a class="reference external" href="https://docs.authlib.org/en/latest/">Authlib</a> library.</p>
+</div>
+<div class="admonition warning">
+<p class="admonition-title">Warning</p>
+<div class="line-block">
+<div class="line">If FitTrackee is running behind a proxy, the <code class="docutils literal notranslate"><span class="pre">X-Forwarded-Proto</span></code> header must be set.</div>
+<div class="line">For instance for <cite>nginx</cite>:</div>
+</div>
+<div class="highlight-default notranslate"><div class="highlight"><pre><span></span>proxy_set_header  X-Forwarded-Proto $scheme;
+</pre></div>
+</div>
+</div>
 <p>Some resources about OAuth 2.0:</p>
 <ul class="simple">
 <li><p><a class="reference external" href="https://www.oauth.com">OAuth 2.0 Simplified</a> by <a class="reference external" href="https://aaronparecki.com">Aaron Parecki</a></p></li>
-<li><p><a class="reference external" href="https://requests-oauthlib.readthedocs.io/en/latest/examples/real_world_example.html">Web App Example of OAuth 2 web application flow</a> with Requests-OAuthlib</p></li>
+<li><p><a class="reference external" href="https://requests-oauthlib.readthedocs.io/en/latest/examples/real_world_example.html">Web App Example of OAuth 2 web application flow</a> with Requests-OAuthlib (python)</p></li>
+<li><p><a class="reference external" href="https://docs.authlib.org/en/latest/client/oauth2.html#oauth-2-session">OAuth 2 Session</a> with Authlib (python)</p></li>
+<li><p><a class="reference external" href="https://codeberg.org/SamR1/ft-oauth-client">Minimal example of an application interacting with FitTrackee</a> (python)</p></li>
 </ul>
 </section>