authlib v0.6 Release Notes

Release Date: 2018-03-20 // over 3 years ago
  • From alpha to beta. This is a huge release with lots of deprecating changes and some breaking changes. And finally, OpenID Connect server is supported by now, because Authlib has added these specifications:

    • ๐ŸŒ RFC7515: JSON Web Signature (JWS)
    • ๐ŸŒ RFC7517: JSON Web Key (JWK)
    • ๐ŸŒ RFC7518: JSON Web Algorithms (JWA)
    • ๐ŸŒ RFC7519: JSON Web Token (JWT)

    The specifications are not completed yet, but they are ready to use. The missing RFC7516 (JWE) is going to be implemented in next version. Open ID Connect 1.0 is added with:

    Besides that, there are more changes:

    • Implementation of RFC7662: OAuth 2.0 Token Introspection via #36.
    • Use the token_endpoint_auth_method concept defined in RFC7591.
    • ๐Ÿšฆ Signal feature for Flask integration of OAuth 2.0 server.
    • ๐Ÿ› Bug fixes for OAuth client parts, thanks for the instruction by Lukas Schink.

    ๐Ÿ’ฅ Breaking Changes:

    โฌ†๏ธ 1. the columns in authlib.flask.oauth2.sqla has been changed a lot. If you are using it, you need to upgrade your database.

    1. use register_token_validator on ResourceProtector.
    2. authlib.client.oauth1.OAuth1 has been renamed to authlib.client.oauth1.OAuth1Auth.

    ๐Ÿ—„ Deprecate Changes: find how to solve the deprecate issues via https://git.io/vAAUK

    Code Changes: v0.5.1...v0.6