-
Notifications
You must be signed in to change notification settings - Fork 19
/
Copy pathCHANGES.txt
201 lines (122 loc) · 4.71 KB
/
CHANGES.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
CHANGELOG
#########
This document describes changes between each past release.
0.7.9 (2024-09-26)
==================
- Python3 support
- Add support for v2 password hashes
- Updated to pyproject.toml
- Updated libraries
0.7.8 (2024-03-14)
==================
- Add retries to the APIClient session
0.7.7 (2020-07-17)
==================
- Fix incorrect validation of JWKs passed to oauth.Client constructor,
which was actually *preventing* the caller from setting a correct value
rather than checking that they did so.
0.7.6 (2020-07-10)
==================
- Add ability to configure a fixed list of JWT access token keys,
by passing them as an argument to `oauth.Client()` rather than
fetching them at runtime from the server.
- Fix verification of JWT access token `typ` header.
(Thankfully it was failing closed rather than failing open).
- Fix verification of `scope` list obtained from a JWT access token.
(Thankfully it was failing closed rather than failing open).
0.7.5 (2020-07-06)
==================
- Add support for `reason` and `verification_method` keyword arguments
to the `login` method.
0.7.4 (2020-06-10)
==================
- Perform more complete checking of the `state` parameter when authorizing
an OAuth code.
- When verifying OAuth access tokens, try to verify them locally as a JWT
rather than passing them to the remote verification endpoint.
0.7.3 (2019-07-26)
==================
- Allow specifying a `ttl` when redeeming an authorization code.
0.7.2 (2019-06-03)
==================
- Several cleans for Python3 compatibility; thanks Tomáš Chvátal!
- Fix a bug could accidentally introduce multiple slashes into
the result of oauth.Client.get_redirect_url.
0.7.1 (2019-03-18)
==================
- Fix test bustage due to session verification.
0.7.0 (2019-03-18)
==================
- Add support for TOTP.
0.6.0 (2018-05-04)
==================
- Add support for PKCE challenge and response in the OAuth flow.
- Add ability to supply `keys_jwk` when starting an OAuth flow.
- Improve scope-matching logic based on new FxA testcases,
including handling of URL-format scopes.
0.5.0 (2018-01-12)
==================
- Add ability to login with unblock codes.
- Tell testrunners to ignore some test helper utilities.
0.4.0 (2017-??-??)
==================
- Use `pkg_resources` to handle package version. (#45)
- Add a shortcut for authorizing oauth codes directly from a core.Session,
rater than requiring the caller to explicitly create an assertion.
0.3.0 (2016-09-07)
==================
- Add a ``verify_email_code(uid, code)`` method to the ``core.Client`` (#43).
0.2.0 (2016-05-11)
==================
- Make sure fxa.tests.utils can be used without installing PyFxA tests dependencies. (#41)
0.1.3 (2016-04-22)
==================
- Update the User-Agent so that we can detect PyFxA calls. (#40)
0.1.2 (2016-04-21)
==================
- Correctly send request to the Auth server.
0.1.1 (2016-01-13)
==================
- Correctly configure cert duration while generating BrowserID Assertion (#39)
0.1.0 (2016-01-07)
==================
- Add fxa-client CLI tool (#36)
- Remove support for Python 2.6 (#38)
0.0.9 (2015-08-15)
==================
- Remove the mention stating that PyFxA is still highly experimental (#31)
- Do not rely on the package to be installed in order to be used (#32)
0.0.8 (2015-08-14)
==================
- Update setup.py to handle utf-8 characters in README and CHANGES files (#29)
- Add cache functionality to the Auth plugins (#30)
0.0.7 (2015-07-23)
==================
- Use grequests if available to use PyFxA with the gevent ecosystem.
- Add the oauth /destroy operation.
- Profile fetch skips fields you don't have permission to read.
- Add the BrowserID requests Auth module and related HTTPie plugin.
- Add the BearerToken requests Auth module and related HTTPie plugin.
- Add PyOpenSSL support for secure SSL requests handling with Python 2.
0.0.6 (2015-03-20)
==================
- Expose unicode in oauth cache, not bytestrings.
0.0.5 (2015-03-19)
==================
- Specify minimum required version of `requests` dependency.
0.0.4 (2015-03-11)
==================
- Add a basic API for retrieving profile information
with an OAuth token.
0.0.3 (2015-02-20)
==================
- Refacotor oauth.Client to take id/secret as constructor args.
- Add basic caching on oauth token verification.
- Accept option "/v1" suffix on server URLs.
- Add get_identity_assertion() method to core.Session.
- Add methods to oauth.Client for authorizing codes and tokens.
- Add a new error hierarchy for trust-related errors.
- Additional sanity-checking in oauth scope checks.
0.0.2 (2015-01-05)
==================
- Initial release; includes basic auth and oauth functionality.