2015-03-05 16:12:18 +00:00
|
|
|
# CHANGELOG
|
|
|
|
|
|
|
|
|
|
All notable changes to this project will be documented in this file.
|
|
|
|
|
|
2018-02-20 02:41:38 +00:00
|
|
|
### Unreleased
|
2015-09-30 16:09:51 +00:00
|
|
|
|
2017-08-23 13:30:47 +00:00
|
|
|
##### Added
|
2018-03-22 15:28:02 +00:00
|
|
|
- Add pep8 compliance and checker.
|
|
|
|
|
|
|
|
|
|
##### Changed
|
|
|
|
|
- Test suit now uses pytest.
|
|
|
|
|
|
2018-03-09 20:03:25 +00:00
|
|
|
### [0.5.3] - 2018-03-09
|
|
|
|
|
|
2018-02-01 17:00:57 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- Update project to support Django 2.0
|
2017-08-22 15:36:18 +00:00
|
|
|
|
|
|
|
|
### [0.5.2] - 2017-08-22
|
|
|
|
|
|
|
|
|
|
##### Fixed
|
2017-08-23 12:01:32 +00:00
|
|
|
- Fix infinite login loop if "prompt=login" (#198)
|
2018-03-09 20:03:25 +00:00
|
|
|
- Fix Django 2.0 deprecation warnings (#185)
|
2017-08-22 15:36:18 +00:00
|
|
|
|
2017-07-11 05:29:24 +00:00
|
|
|
### [0.5.1] - 2017-07-11
|
|
|
|
|
|
|
|
|
|
##### Changed
|
2017-07-11 14:44:24 +00:00
|
|
|
- Documentation template changed to `Read The Docs`.
|
2017-07-11 05:29:24 +00:00
|
|
|
|
|
|
|
|
##### Fixed
|
|
|
|
|
- `install_requires` has not longer pinned versions.
|
2017-07-11 14:44:24 +00:00
|
|
|
- Removed infinity loop during authorization stage when `prompt=login` has been send.
|
2017-07-11 05:29:24 +00:00
|
|
|
- Changed `prompt` handling as set of options instead of regular string.
|
2017-07-11 14:44:24 +00:00
|
|
|
- Redirect URI must match exactly with given in query parameter.
|
|
|
|
|
- Stored user consent are useful for public clients too.
|
2017-07-11 05:29:24 +00:00
|
|
|
- Fixed documentation for custom scopes handling.
|
2017-07-11 14:44:24 +00:00
|
|
|
- Scopes during refresh and code exchange are being taken from authorization request and not from query parameters.
|
2017-07-11 05:29:24 +00:00
|
|
|
|
2017-05-19 02:49:06 +00:00
|
|
|
### [0.5.0] - 2017-05-18
|
|
|
|
|
|
2016-12-01 19:22:19 +00:00
|
|
|
##### Added
|
|
|
|
|
- Signals when user accept/decline the authorization page.
|
2017-05-19 02:49:06 +00:00
|
|
|
- `OIDC_AFTER_END_SESSION_HOOK` setting for additional business logic.
|
|
|
|
|
- Feature granttype password.
|
2017-03-31 16:34:03 +00:00
|
|
|
- require_consent and reuse_consent are added to Client model.
|
|
|
|
|
|
|
|
|
|
##### Changed
|
|
|
|
|
- OIDC_SKIP_CONSENT_ALWAYS and OIDC_SKIP_CONSENT_ENABLE are removed from settings.
|
2016-12-01 19:22:19 +00:00
|
|
|
|
2016-11-30 16:25:06 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- Timestamps with unixtime (instead of django timezone).
|
2016-12-13 15:46:45 +00:00
|
|
|
- Field refresh_token cannot be primary key if null.
|
2017-05-19 02:49:06 +00:00
|
|
|
- `create_uri_exceptions` are now being logged at `Exception` level not `DEBUG`.
|
2016-11-30 16:25:06 +00:00
|
|
|
|
2016-11-29 20:37:07 +00:00
|
|
|
### [0.4.4] - 2016-11-29
|
|
|
|
|
|
2016-11-04 18:41:51 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- Bug in Session Management middleware when using Python 3.
|
2016-11-29 20:37:07 +00:00
|
|
|
- Translations handling.
|
2016-11-04 18:41:51 +00:00
|
|
|
|
2016-11-02 15:26:56 +00:00
|
|
|
### [0.4.3] - 2016-11-02
|
|
|
|
|
|
2016-10-31 20:07:06 +00:00
|
|
|
##### Added
|
|
|
|
|
- Session Management 1.0 support.
|
2016-11-02 15:26:56 +00:00
|
|
|
- post_logout_redirect_uris into admin.
|
|
|
|
|
|
|
|
|
|
##### Changed
|
|
|
|
|
- Package url names.
|
|
|
|
|
- Rename /logout/ url to /end-session/.
|
2016-10-31 20:07:06 +00:00
|
|
|
|
|
|
|
|
##### Fixed
|
|
|
|
|
- Bug when trying authorize with response_type id_token without openid scope.
|
|
|
|
|
|
2016-10-13 14:31:33 +00:00
|
|
|
### [0.4.2] - 2016-10-13
|
|
|
|
|
|
2016-10-11 16:32:28 +00:00
|
|
|
##### Added
|
|
|
|
|
- Support for client redirect URIs with query strings.
|
|
|
|
|
|
2016-10-12 14:11:04 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- Bug when generating secret_key value using admin.
|
|
|
|
|
|
2016-10-12 19:23:57 +00:00
|
|
|
##### Changed
|
|
|
|
|
- Client is available to OIDC_EXTRA_SCOPE_CLAIMS implementations via `self.client`.
|
|
|
|
|
- The constructor signature for `ScopeClaims` has changed, it now is called with the `Token` as its single argument.
|
|
|
|
|
|
2016-10-03 15:57:39 +00:00
|
|
|
### [0.4.1] - 2016-10-03
|
|
|
|
|
|
|
|
|
|
##### Changed
|
|
|
|
|
- Update pyjwkest to version 1.3.0.
|
|
|
|
|
- Use Cryptodome instead of Crypto lib.
|
|
|
|
|
|
2016-09-12 16:19:35 +00:00
|
|
|
### [0.4.0] - 2016-09-12
|
|
|
|
|
|
2016-09-06 14:36:19 +00:00
|
|
|
##### Added
|
2016-09-08 20:34:46 +00:00
|
|
|
- Support for Hybrid Flow.
|
2016-09-09 18:59:17 +00:00
|
|
|
- New attributes for Clients: Website url, logo, contact email, terms url.
|
2016-09-06 14:36:19 +00:00
|
|
|
- Polish translations.
|
2016-09-06 18:38:52 +00:00
|
|
|
- Examples section in documentation.
|
|
|
|
|
|
|
|
|
|
##### Fixed
|
|
|
|
|
- CORS in discovery and userinfo endpoint.
|
2016-09-07 15:32:03 +00:00
|
|
|
- Client type public bug when created using the admin.
|
2016-09-09 16:10:12 +00:00
|
|
|
- Missing OIDC_TOKEN_EXPIRE setting on implicit flow.
|
2016-09-06 14:36:19 +00:00
|
|
|
|
2016-08-31 19:57:41 +00:00
|
|
|
### [0.3.7] - 2016-08-31
|
|
|
|
|
|
2016-08-05 16:25:28 +00:00
|
|
|
##### Added
|
|
|
|
|
- Support for Django 1.10.
|
2016-08-08 16:18:39 +00:00
|
|
|
- Initial translation files (ES, FR).
|
2016-08-10 21:37:00 +00:00
|
|
|
- Support for at_hash parameter.
|
2016-08-05 16:25:28 +00:00
|
|
|
|
2016-08-30 15:46:44 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- Empty address dict in userinfo response.
|
|
|
|
|
|
2016-07-07 15:52:32 +00:00
|
|
|
### [0.3.6] - 2016-07-07
|
|
|
|
|
|
|
|
|
|
##### Changed
|
|
|
|
|
- OIDC_USERINFO setting.
|
|
|
|
|
|
2016-06-21 15:30:15 +00:00
|
|
|
### [0.3.5] - 2016-06-21
|
|
|
|
|
|
2016-06-13 15:16:48 +00:00
|
|
|
##### Added
|
|
|
|
|
- Field date_given in UserConsent model.
|
|
|
|
|
- Verbose names to all model fields.
|
2016-06-16 20:21:57 +00:00
|
|
|
- Customize scopes names and descriptions on authorize template.
|
|
|
|
|
|
|
|
|
|
##### Changed
|
|
|
|
|
- OIDC_EXTRA_SCOPE_CLAIMS setting.
|
2016-06-13 15:16:48 +00:00
|
|
|
|
2016-06-10 15:27:36 +00:00
|
|
|
### [0.3.4] - 2016-06-10
|
|
|
|
|
|
2016-05-26 20:06:06 +00:00
|
|
|
##### Changed
|
|
|
|
|
- Make SITE_URL setting optional.
|
|
|
|
|
|
2016-06-10 15:27:36 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- Missing migration.
|
|
|
|
|
|
2016-05-03 15:17:22 +00:00
|
|
|
### [0.3.3] - 2016-05-03
|
|
|
|
|
|
|
|
|
|
##### Fixed
|
|
|
|
|
- Important bug with PKCE and form submit in Auth Request.
|
|
|
|
|
|
2016-04-26 20:33:43 +00:00
|
|
|
### [0.3.2] - 2016-04-26
|
|
|
|
|
|
2016-04-04 20:25:28 +00:00
|
|
|
##### Added
|
|
|
|
|
- Choose type of client on creation.
|
2016-04-06 21:12:19 +00:00
|
|
|
- Implement Proof Key for Code Exchange by OAuth Public Clients.
|
2016-04-15 14:35:23 +00:00
|
|
|
- Support for prompt parameter.
|
2016-04-25 20:33:52 +00:00
|
|
|
- Support for different client JWT tokens algorithm.
|
2016-04-04 20:25:28 +00:00
|
|
|
|
2016-04-08 21:11:51 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- Not auto-approve requests for non-confidential clients (publics).
|
|
|
|
|
|
2016-03-09 15:11:59 +00:00
|
|
|
### [0.3.1] - 2016-03-09
|
|
|
|
|
|
|
|
|
|
##### Fixed
|
|
|
|
|
- response_type was not being validated (OpenID request).
|
|
|
|
|
|
2016-02-23 18:31:07 +00:00
|
|
|
### [0.3.0] - 2016-02-23
|
|
|
|
|
|
2016-02-12 18:01:21 +00:00
|
|
|
##### Added
|
2016-02-18 19:52:30 +00:00
|
|
|
- Support OAuth2 requests.
|
|
|
|
|
- Decorator for protecting views with OAuth2.
|
2016-02-12 18:01:21 +00:00
|
|
|
- Setting OIDC_IDTOKEN_PROCESSING_HOOK.
|
|
|
|
|
|
2016-02-03 19:00:02 +00:00
|
|
|
### [0.2.5] - 2016-02-03
|
|
|
|
|
|
2016-02-01 17:34:39 +00:00
|
|
|
##### Added
|
|
|
|
|
- Setting OIDC_SKIP_CONSENT_ALWAYS.
|
|
|
|
|
|
2016-01-25 20:53:57 +00:00
|
|
|
##### Changed
|
|
|
|
|
- Removing OIDC_RSA_KEY_FOLDER setting. Moving RSA Keys to the database.
|
2016-02-03 19:00:02 +00:00
|
|
|
- Update pyjwkest to version 1.1.0.
|
2016-01-25 20:53:57 +00:00
|
|
|
|
2016-01-20 20:19:23 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- Nonce parameter missing on the decide form.
|
|
|
|
|
- Set Allow-Origin header to jwks endpoint.
|
|
|
|
|
|
2016-01-20 17:11:19 +00:00
|
|
|
### [0.2.4] - 2016-01-20
|
|
|
|
|
|
2016-01-11 19:11:03 +00:00
|
|
|
##### Added
|
|
|
|
|
- Auto-generation of client ID and SECRET using the admin.
|
2016-01-19 20:47:43 +00:00
|
|
|
- Validate nonce parameter when using Implicit Flow.
|
2016-01-11 19:11:03 +00:00
|
|
|
|
2016-01-11 01:01:21 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- Fixed generating RSA key by ignoring value of OIDC_RSA_KEY_FOLDER.
|
2016-01-19 20:46:48 +00:00
|
|
|
- Make OIDC_AFTER_USERLOGIN_HOOK and OIDC_IDTOKEN_SUB_GENERATOR to be lazy imported by the location of the function.
|
2016-01-18 13:32:56 +00:00
|
|
|
- Problem with a function that generate urls for the /.well-known/openid-configuration/ endpoint.
|
2016-01-11 01:01:21 +00:00
|
|
|
|
2016-01-06 17:18:15 +00:00
|
|
|
### [0.2.3] - 2016-01-06
|
2015-12-04 17:07:19 +00:00
|
|
|
|
2015-11-11 19:06:33 +00:00
|
|
|
##### Added
|
|
|
|
|
- Make user and client unique on UserConsent model.
|
2015-12-02 20:30:28 +00:00
|
|
|
- Support for URL's without end slash.
|
|
|
|
|
|
|
|
|
|
##### Changed
|
|
|
|
|
- Upgrade pyjwkest to version 1.0.8.
|
2015-11-11 19:06:33 +00:00
|
|
|
|
2015-11-02 20:05:50 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- String format error in models.
|
2015-11-12 20:16:28 +00:00
|
|
|
- Redirect to non http urls fail (for Mobile Apps).
|
2015-11-02 20:05:50 +00:00
|
|
|
|
2015-10-21 20:26:29 +00:00
|
|
|
### [0.2.1] - 2015-10-21
|
|
|
|
|
|
2015-09-30 16:09:51 +00:00
|
|
|
##### Added
|
|
|
|
|
- Refresh token flow.
|
|
|
|
|
|
|
|
|
|
##### Changed
|
2015-10-19 19:38:16 +00:00
|
|
|
- Upgrade pyjwkest to version >= 1.0.6.
|
|
|
|
|
|
|
|
|
|
##### Fixed
|
|
|
|
|
- Unicode error in Client model.
|
2015-10-21 20:26:29 +00:00
|
|
|
- Bug in creatersakey command (when using Python 3).
|
2015-10-19 19:38:16 +00:00
|
|
|
- Bug when updating pyjwkest version.
|
2015-09-30 16:09:51 +00:00
|
|
|
|
2015-09-25 20:24:58 +00:00
|
|
|
### [0.2.0] - 2015-09-25
|
|
|
|
|
|
|
|
|
|
##### Changed
|
|
|
|
|
- UserInfo model was removed. Now you can add your own model using OIDC_USERINFO setting.
|
2015-03-06 17:15:54 +00:00
|
|
|
|
2015-08-14 23:13:25 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- ID token does NOT contain kid.
|
|
|
|
|
|
2015-08-03 18:27:28 +00:00
|
|
|
### [0.1.2] - 2015-08-04
|
|
|
|
|
|
2015-07-31 18:22:13 +00:00
|
|
|
##### Added
|
|
|
|
|
- Add token_endpoint_auth_methods_supported to discovery.
|
|
|
|
|
|
2015-08-03 02:46:15 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- Missing commands folder in setup file.
|
|
|
|
|
|
2015-07-30 19:00:54 +00:00
|
|
|
### [0.1.1] - 2015-07-31
|
|
|
|
|
|
2015-07-27 21:33:34 +00:00
|
|
|
##### Added
|
|
|
|
|
- Sending access_token as query string parameter in UserInfo Endpoint.
|
2015-07-30 19:00:54 +00:00
|
|
|
- Support HTTP Basic client authentication.
|
2015-07-27 21:33:34 +00:00
|
|
|
|
2015-07-21 15:30:20 +00:00
|
|
|
##### Changed
|
|
|
|
|
- Use models setting instead of User.
|
|
|
|
|
|
2015-07-27 19:05:33 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- In python 2: "aud" and "nonce" parameters didn't appear in id_token.
|
|
|
|
|
|
2015-07-17 14:56:39 +00:00
|
|
|
### [0.1.0] - 2015-07-17
|
|
|
|
|
|
|
|
|
|
##### Added
|
|
|
|
|
- Now id tokens are signed/encrypted with RS256.
|
|
|
|
|
- Command for easily generate random RSA key.
|
|
|
|
|
- Jwks uri to discovery endpoint.
|
|
|
|
|
- id_token_signing_alg_values_supported to discovery endpoint.
|
|
|
|
|
|
2015-07-16 19:44:23 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- Nonce support for both Code and Implicit flow.
|
|
|
|
|
|
2015-07-06 21:29:29 +00:00
|
|
|
### [0.0.7] - 2015-07-06
|
|
|
|
|
|
2015-06-22 21:41:07 +00:00
|
|
|
##### Added
|
2015-07-01 20:33:46 +00:00
|
|
|
- Support for Python 3.
|
2015-06-24 15:40:00 +00:00
|
|
|
- Way of remember user consent and skipt it (OIDC_SKIP_CONSENT_ENABLE).
|
|
|
|
|
- Setting OIDC_SKIP_CONSENT_EXPIRE.
|
2015-06-22 21:41:07 +00:00
|
|
|
|
2015-06-19 18:21:35 +00:00
|
|
|
##### Changed
|
|
|
|
|
- Now OIDC_EXTRA_SCOPE_CLAIMS must be a string, to be lazy imported.
|
|
|
|
|
|
2015-06-16 19:10:39 +00:00
|
|
|
### [0.0.6] - 2015-06-16
|
|
|
|
|
|
|
|
|
|
##### Added
|
2015-06-01 22:20:17 +00:00
|
|
|
- Better naming for models in the admin.
|
|
|
|
|
|
2015-06-16 19:10:39 +00:00
|
|
|
##### Changed
|
|
|
|
|
- Now tests run without the need of a project configured.
|
|
|
|
|
|
|
|
|
|
##### Fixed
|
|
|
|
|
- Error when returning address_formatted claim.
|
|
|
|
|
|
2015-05-08 18:53:59 +00:00
|
|
|
### [0.0.5] - 2015-05-09
|
|
|
|
|
|
2015-06-16 19:10:39 +00:00
|
|
|
##### Added
|
2015-05-08 18:53:59 +00:00
|
|
|
- Support for Django 1.8.
|
|
|
|
|
|
2015-06-16 19:10:39 +00:00
|
|
|
##### Fixed
|
2015-05-07 20:16:24 +00:00
|
|
|
- Validation of scope in UserInfo endpoint.
|
|
|
|
|
|
2015-04-22 14:53:19 +00:00
|
|
|
### [0.0.4] - 2015-04-22
|
|
|
|
|
|
2015-06-16 19:10:39 +00:00
|
|
|
##### Added
|
2015-04-22 14:48:47 +00:00
|
|
|
- Initial migrations.
|
|
|
|
|
|
2015-04-18 20:36:11 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- Important bug with id_token when using implicit flow.
|
2015-04-21 18:27:02 +00:00
|
|
|
- Validate Code expiration in Auth Code Flow.
|
2015-04-21 20:29:41 +00:00
|
|
|
- Validate Access Token expiration in UserInfo endpoint.
|
2015-04-18 20:36:11 +00:00
|
|
|
|
2015-04-15 19:47:02 +00:00
|
|
|
### [0.0.3] - 2015-04-15
|
|
|
|
|
|
2015-03-27 18:07:49 +00:00
|
|
|
##### Added
|
|
|
|
|
- Normalize gender field in UserInfo.
|
|
|
|
|
|
2015-04-15 19:29:26 +00:00
|
|
|
##### Changed
|
|
|
|
|
- Make address_formatted a property inside UserInfo.
|
|
|
|
|
|
2015-03-31 18:45:45 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- Important bug in claims response.
|
|
|
|
|
|
2015-03-25 21:11:34 +00:00
|
|
|
### [0.0.2] - 2015-03-26
|
|
|
|
|
|
2015-03-19 17:04:32 +00:00
|
|
|
##### Added
|
|
|
|
|
- Setting OIDC_AFTER_USERLOGIN_HOOK.
|
|
|
|
|
|
2015-03-20 15:48:46 +00:00
|
|
|
##### Fixed
|
|
|
|
|
- Tests failing because an incorrect tag in one template.
|
|
|
|
|
|
2015-03-13 20:50:24 +00:00
|
|
|
### [0.0.1] - 2015-03-13
|
|
|
|
|
|
2015-03-05 17:30:29 +00:00
|
|
|
##### Added
|
2015-03-05 19:49:10 +00:00
|
|
|
- Provider Configuration Information endpoint.
|
2015-03-06 17:13:56 +00:00
|
|
|
- Setting OIDC_IDTOKEN_SUB_GENERATOR.
|
2015-03-06 17:15:54 +00:00
|
|
|
|
2015-03-06 17:13:56 +00:00
|
|
|
##### Changed
|
|
|
|
|
- Now use setup in OIDC_EXTRA_SCOPE_CLAIMS setting.
|
2015-03-05 16:12:18 +00:00
|
|
|
|
2015-03-05 17:30:29 +00:00
|
|
|
### [0.0.0] - 2015-02-26
|
