.. _changelog:

Changelog
#########

All notable changes to this project will be documented in this file.

Unreleased
==========

**Added**

* Add pep8 compliance and checker.

**Changed**

* Test suit now uses pytest.

**Fixed**

* Infinite callback loop in the check-session iframe.

0.5.3
=====

*2018-03-09*

**Fixed**

* Update project to support Django 2.0

0.5.2
=====

*2017-08-22*

**Fixed**

* Fix infinite login loop if "prompt=login" (#198)
* Fix Django 2.0 deprecation warnings (#185)

0.5.1
=====

*2017-07-11*

**Changed**

* Documentation template changed to `Read The Docs`.

**Fixed**

* `install_requires` has not longer pinned versions.
* Removed infinity loop during authorization stage when `prompt=login` has been send.
* Changed `prompt` handling as set of options instead of regular string.
* Redirect URI must match exactly with given in query parameter.
* Stored user consent are useful for public clients too.
* Fixed documentation for custom scopes handling.
* Scopes during refresh and code exchange are being taken from authorization request and not from query parameters.

0.5.0
=====

*2017-05-18*

**Added**

* Signals when user accept/decline the authorization page.
* `OIDC_AFTER_END_SESSION_HOOK` setting for additional business logic.
* Feature granttype password.
* require_consent and reuse_consent are added to Client model.

**Changed**

* OIDC_SKIP_CONSENT_ALWAYS and OIDC_SKIP_CONSENT_ENABLE are removed from settings.

**Fixed**

* Timestamps with unixtime (instead of django timezone).
* Field refresh_token cannot be primary key if null.
* `create_uri_exceptions` are now being logged at `Exception` level not `DEBUG`.

0.4.4
=====

*2016-11-29*

**Fixed**

* Bug in Session Management middleware when using Python 3.
* Translations handling.

0.4.3
=====

*2016-11-02*

**Added**

* Session Management 1.0 support.
* post_logout_redirect_uris into admin.

**Changed**

* Package url names.
* Rename /logout/ url to /end-session/.

**Fixed**

* Bug when trying authorize with response_type id_token without openid scope.

0.4.2
=====

*2016-10-13*

**Added**

* Support for client redirect URIs with query strings.

**Fixed**

* Bug when generating secret_key value using admin.

**Changed**

* Client is available to OIDC_EXTRA_SCOPE_CLAIMS implementations via `self.client`.
* The constructor signature for `ScopeClaims` has changed, it now is called with the `Token` as its single argument.

0.4.1
=====

*2016-10-03*

**Changed**

* Update pyjwkest to version 1.3.0.
* Use Cryptodome instead of Crypto lib.

0.4.0
=====

*2016-09-12*

**Added**

* Support for Hybrid Flow.
* New attributes for Clients: Website url, logo, contact email, terms url.
* Polish translations.
* Examples section in documentation.

**Fixed**

* CORS in discovery and userinfo endpoint.
* Client type public bug when created using the admin.
* Missing OIDC_TOKEN_EXPIRE setting on implicit flow.

0.3.7
=====

*2016-08-31*

**Added**

* Support for Django 1.10.
* Initial translation files (ES, FR).
* Support for at_hash parameter.

**Fixed**

* Empty address dict in userinfo response.

0.3.6
=====

*2016-07-07*

**Changed**

* OIDC_USERINFO setting.

0.3.5
=====

*2016-06-21*

**Added**

* Field date_given in UserConsent model.
* Verbose names to all model fields.
* Customize scopes names and descriptions on authorize template.

**Changed**

* OIDC_EXTRA_SCOPE_CLAIMS setting.

0.3.4
=====

*2016-06-10*

**Changed**

* Make SITE_URL setting optional.

**Fixed**

* Missing migration.

0.3.3
=====

*2016-05-03*

**Fixed**

* Important bug with PKCE and form submit in Auth Request.

0.3.2
=====

*2016-04-26*

**Added**

* Choose type of client on creation.
* Implement Proof Key for Code Exchange by OAuth Public Clients.
* Support for prompt parameter.
* Support for different client JWT tokens algorithm.

**Fixed**

* Not auto-approve requests for non-confidential clients (publics).

0.3.1
=====

*2016-03-09*

**Fixed**

* response_type was not being validated (OpenID request).

0.3.0
=====

*2016-02-23*

**Added**

* Support OAuth2 requests.
* Decorator for protecting views with OAuth2.
* Setting OIDC_IDTOKEN_PROCESSING_HOOK.

0.2.5
=====

*2016-02-03*

**Added**

* Setting OIDC_SKIP_CONSENT_ALWAYS.

**Changed**

* Removing OIDC_RSA_KEY_FOLDER setting. Moving RSA Keys to the database.
* Update pyjwkest to version 1.1.0.

**Fixed**

* Nonce parameter missing on the decide form.
* Set Allow-Origin header to jwks endpoint.

0.2.4
=====

*2016-01-20*

**Added**

* Auto-generation of client ID and SECRET using the admin.
* Validate nonce parameter when using Implicit Flow.

**Fixed**

* Fixed generating RSA key by ignoring value of OIDC_RSA_KEY_FOLDER.
* Make OIDC_AFTER_USERLOGIN_HOOK and OIDC_IDTOKEN_SUB_GENERATOR to be lazy imported by the location of the function.
* Problem with a function that generate urls for the /.well-known/openid-configuration/ endpoint.

0.2.3
=====

*2016-01-06*

**Added**

* Make user and client unique on UserConsent model.
* Support for URL's without end slash.

**Changed**

* Upgrade pyjwkest to version 1.0.8.

**Fixed**

* String format error in models.
* Redirect to non http urls fail (for Mobile Apps).

0.2.1
=====

*2015-10-21*

**Added**

* Refresh token flow.

**Changed**

* Upgrade pyjwkest to version >= 1.0.6.

**Fixed**

* Unicode error in Client model.
* Bug in creatersakey command (when using Python 3).
* Bug when updating pyjwkest version.

0.2.0
=====

*2015-09-25*

**Changed**

* UserInfo model was removed. Now you can add your own model using OIDC_USERINFO setting.

**Fixed**

* ID token does NOT contain kid.

0.1.2
=====

*2015-08-04*

**Added**

* Add token_endpoint_auth_methods_supported to discovery.

**Fixed**

* Missing commands folder in setup file.

0.1.1
=====

*2015-07-31*

**Added**

* Sending access_token as query string parameter in UserInfo Endpoint.
* Support HTTP Basic client authentication.

**Changed**

* Use models setting instead of User.

**Fixed**

* In python 2: "aud" and "nonce" parameters didn't appear in id_token.

0.1.0
=====

*2015-07-17*

**Added**

* Now id tokens are signed/encrypted with RS256.
* Command for easily generate random RSA key.
* Jwks uri to discovery endpoint.
* id_token_signing_alg_values_supported to discovery endpoint.

**Fixed**

* Nonce support for both Code and Implicit flow.

0.0.7
=====

*2015-07-06*

**Added**

* Support for Python 3.
* Way of remember user consent and skipt it (OIDC_SKIP_CONSENT_ENABLE).
* Setting OIDC_SKIP_CONSENT_EXPIRE.

**Changed**

* Now OIDC_EXTRA_SCOPE_CLAIMS must be a string, to be lazy imported.

0.0.6
=====

*2015-06-16*

**Added**

* Better naming for models in the admin.

**Changed**

* Now tests run without the need of a project configured.

**Fixed**

* Error when returning address_formatted claim.

0.0.5
=====

*2015-05-09*

**Added**

* Support for Django 1.8.

**Fixed**

* Validation of scope in UserInfo endpoint.

0.0.4
=====

*2015-04-22*

**Added**

* Initial migrations.

**Fixed**

* Important bug with id_token when using implicit flow.
* Validate Code expiration in Auth Code Flow.
* Validate Access Token expiration in UserInfo endpoint.

0.0.3
=====

*2015-04-15*

**Added**

* Normalize gender field in UserInfo.

**Changed**

* Make address_formatted a property inside UserInfo.

**Fixed**

* Important bug in claims response.

0.0.2
=====

*2015-03-26*

**Added**

* Setting OIDC_AFTER_USERLOGIN_HOOK.

**Fixed**

* Tests failing because an incorrect tag in one template.

0.0.1
=====

*2015-03-13*

**Added**

* Provider Configuration Information endpoint.
* Setting OIDC_IDTOKEN_SUB_GENERATOR.

**Changed**

* Now use setup in OIDC_EXTRA_SCOPE_CLAIMS setting.

0.0.0
=====

*2015-02-26*