Releases: authlib/authlib
Releases · authlib/authlib
v1.7.0
What's Changed
- Authorization and token endpoints request empty scope parameter management by @azmeuk in #847
- Support from Python 3.10 to 3.14 by @azmeuk in #850
- Allow composition of AuthorizationServerMetadata by @azmeuk in #853
- Make require_oauth parenthesis optional by @azmeuk in #855
- Fix
expires_atbehavior when its value is 0 by @azmeuk in #854 - Migration to joserfc by @lepture in #852
- RP-initiated logout by @frohrlich in #849
- Fix
get_jwt_configby @lepture in #858 - chore(ci): Update PyPy version from 3.10 to 3.11 by @cclauss in #863
- fix: remove "none" from default authlib.jose.jwt algorithms by @lepture in #860
- fix: normalize resolve_client_public_key method by @lepture in #861
- Implement rfc9700 PKCE downgrade countermeasure by @azmeuk in #864
- Use correct syntax for tox.requires in tox.ini by @alex-ball in #868
- Set client session User-Agent when fetching server metadata and JWKs by @alex-ball in #867
- fix: use the real application object for Flask by @nblock in #869
- Accept the issuer URL as a valid audience by @azmeuk in #865
- Don't nest InvalidTokenError extra attribute by @azmeuk in #872
- Documentation overhaul by @azmeuk in #875
- Update README.md docs.authlib.org/en/latest => docs.authlib.org/en/stable by @guillett in #876
- Merge release/1.6 branch by @lepture in #877
New Contributors
- @frohrlich made their first contribution in #849
- @cclauss made their first contribution in #863
- @alex-ball made their first contribution in #868
- @nblock made their first contribution in #869
- @guillett made their first contribution in #876
Full Changelog: v1.6.10...v1.7.0
Contributors
azmeuk, nblock, and 5 other contributors
Assets 2
v1.6.11
v1.6.10
v1.6.9
Full Changelog: v1.6.8...v1.6.9
Changes in jose module
- Not using header's
jwkautomatically - Add
ES256Kinto default jwt algorithms - Remove deprecated algorithm from default registry
- Generate random
cekwhenceklength doesn't match
v1.6.8
v1.6.7
v1.6.6
What's Changed
- fix(ClientAuth): fix incorrect signature when Content-Type is x-www-form-urlencoded by @shc261392 in #778
- Fix: Use
expires_inwhenexpires_atis unparsable by @bendavis78 in #842 get_jwt_configtakes aclientparameter. by @azmeuk in #844
New Contributors
- @shc261392 made their first contribution in #778
- @bendavis78 made their first contribution in #842
Full Changelog: v1.6.5...v1.6.6
Contributors
azmeuk, bendavis78, and shc261392
Assets 2
v1.6.5
What's Changed
- Add a
requestparam to RFC7591generate_client_infoandgenerate_client_secretmethods by @azmeuk in #825 - feat: support list params in prepare_grant_uri by @lisongmin in #827
- chore(deps): bump SonarSource/sonarqube-scan-action from 5 to 6 in /.github/workflows by @dependabot[bot] in #828
- fix(jose): add max size for JWE zip=DEF decompression by @lepture in #830
New Contributors
- @lisongmin made their first contribution in #827
- @dependabot[bot] made their first contribution in #828
Full Changelog: v1.6.4...v1.6.5
Contributors
azmeuk, lepture, and 2 other contributors
Assets 2
v1.6.4
What's Changed
- fix(jose): prevent public/unprotected header overwriting protected header by @lepture in #809
- Fix
InsecureTransportErrorraising by @azmeuk in #810 - Add conventional-commits pre-commit hook by @azmeuk in #811
- Fix response_mode=form_post with Starlette client by @azmeuk in #812
- Specify README.md as project long description by @EpicWink in #817
- Migrate tests to pytest paradigm by @azmeuk in #813
- jose/jws: Reject unprotected ‘crit’ and enforce type; add tests by @AL-Cybision in #823
- Use explicit *.test urls in unit tests by @azmeuk in #824
New Contributors
- @EpicWink made their first contribution in #817
- @AL-Cybision made their first contribution in #823
Full Changelog: v1.6.3...v1.6.4
Contributors
azmeuk, lepture, and 2 other contributors
Assets 2
Version 1.6.3
Contributors
azmeuk