v2.4.3

Release notes

• Bumped version @rohe (#201)
• To get things released that should have been in 2.4.2 but was overtaken by events.

v2.4.2

Release notes

• Update views.py @mrvanes (#200)
• chore: RFC8707 in README @peppelinux (#190)
• Erasing tokens @rohe (#189)
• Separate grant_types_supported and grant_types_helpers @nsklikas (#186)
• Refactor client authentication @nsklikas (#187)
• Catch exception, fix error message @nsklikas (#188)

v2.4.1

Release notes

• v2.4.1 @peppelinux (#185)
• Add more clear client/token authn exceptions @nsklikas (#183)
• Extra args 2 @rohe (#184)

What's Changed

• Extra args 2 by @rohe in #184
• Add more clear client/token authn exceptions by @nsklikas in #183
• v2.4.1 by @peppelinux in #185

Full Changelog: v2.3.5...v2.4.1

v2.4.0

Release notes

• A number of bug fixes and new functionality @rohe (#182)
• The configure parameter scopes_to_claims was not handled correctly. @rohe (#181)
• An add_on that allows adding extra arguments to a response. @rohe (#175)
• feat: added "OAuth 2.0 Authorization Server Issuer Identification" in README @peppelinux (#180)
• Response might not be a Message instance. @rohe (#176)
• Fixes the sub value to real value @kushaldas (#178)
• Support both list and dict @nsklikas (#173)
• Fix imports and config @FaceInTheCrowd (#172)

v2.3.4

Release notes

• Only changing version identifier. @rohe (#169)

v2.3.3

Release notes

• Version sync @rohe (#168)
• Use configuration classes from oidcmsg
• keys can not be used as attribute name for key information since Configuration is a subclass of dict.

v2.3.2

Release notes

• Use configuration classes from oidcmsg. @rohe (#166)

v2.3.1

Release notes

• Check if token exists @nsklikas (#163)

Full Changelog: v2.3.0...v2.3.1

v2.3.0

Release notes

• OIDC Certification and FAPI profile @peppelinux @rohe @nsklikas (#158)
• README: PAR @peppelinux (#152)
• docs: add prompt to refresh token requirements @melanger (#148)
• feat: add RawID to session manager @melanger (#149)
• chore: README badges @peppelinux (#146)

Changes that this PR accomplish:

• If response_type == id_token return userinfo that normally would be returned from the userinfo endpoint in the id_token.
• Don't run parse_cookie twice. One after the other.
• Allow for different claims release policies to be in effect simultaneously (typically id_token+userinfo).
• Error response when response_mode == form_post not handled correctly. return_uri needed.
• Use extra info in ValueError exception instance to return correct error code.
• Allow endpoints to have their own request verification error handler.
• Having session ID in ID Token instance simplifies things.
• Finding the last issued token of a specific type is useful.
• Should check if client session is revoked.
• Revoked all grants issued to a user/client pair.
• Merged the two ClaimsInterface versions.
• Removed tests using method that was removed and incomplete test.
• Client registration endpoint should return a 201 HTTP response code on successful registration.
• Default token lifetime should not be 0 (zero). Changed to be 30 minutes (1800 seconds).
• Authorization error response MUST contain 'state' if it is present in the request.
• Check cookie age.
• Revoke tokens that has been minted using a code that then is used once more.
• prompt==login forces re-authentication.
• prompt attribute is a list.
• FAPI OP example project

Full Changelog: v2.2.1...v2.3.0

v2.2.1

Release notes

• v2.2.1 @peppelinux (#145)
• fix Add claims by scope configuration option name @melanger (#143)
• chore: warning message on unknown configuration params (f361dc5)
• fix: session_params (8690a2b)
• chore: unit tests speed up with default http timeout + warning on unknow conf param (0123d25 )

What's Changed

• fix Add claims by scope configuration option name by @melanger in #143
• v2.2.1 by @peppelinux in #145

New Contributors

• @melanger made their first contribution in #143

Full Changelog: v2.2.0...v2.2.1