All Versions
44
Latest Version
Avg Release Cycle
78 days
Latest Release
942 days ago
Changelog History
Page 2
Changelog History
Page 2
-
v1.4.1 Changes
March 12, 2021๐ Changed
- ๐ #925 OAuth2TokenMiddleware converted to new style middleware, and no longer extends MiddlewareMixin.
โ Removed
- ๐ #936 Remove support for Python 3.5
-
v1.4.0 Changes
February 08, 2021โ Added
- ๐ #917 Documentation improvement for Access Token expiration.
- ๐ #916 (for DOT contributors) Added
tox -e livedocs
which launches a local web server onlocahost:8000
to display Sphinx documentation with live updates as you edit. - โ #891 (for DOT contributors) Added details on how best to contribute to this project.
- ๐ #884 Added support for Python 3.9
- #898 Added the ability to customize classes for django admin
- ๐ #690 Added pt-PT translations to HTML templates. This enables adding additional translations.
๐ Fixed
- #906 Made token revocation not apply a limit to the
select_for_update
statement (impacts Oracle 12c database). - #903 Disable
redirect_uri
field length limit forAbstractGrant
-
v1.3.3 Changes
October 16, 2020โ Added
- โ added
select_related
in intospect view for better query performance - #831 Authorization token creation now can receive an expire date
- #831 Added a method to override Grant creation
- #825 Bump oauthlib to 3.1.0 to introduce PKCE
- ๐ Support for Django 3.1
๐ Fixed
- #847: Fix inappropriate message when response from authentication server is not OK.
๐ Changed
- ๐ few smaller improvements to remove older django version compatibility #830, #861, #862, #863
- โ added
-
v1.3.2 Changes
March 24, 2020๐ Fixed
- ๐ Fixes: 1.3.1 inadvertently uploaded to pypi with an extra migration (0003...) from a dev branch.
-
v1.3.1 Changes
March 23, 2020 -
v1.3.0 Changes
March 02, 2020From the CHANGELOG:
[1.3.0] 2020-03-02
โ Added
- โ Add support for Python 3.7 & 3.8
- โ Add support for Django>=2.1,<3.1
- โ Add requirement for oauthlib>=3.0.1
- โ Add support for Proof Key for Code Exchange (PKCE, RFC 7636).
- โ Add support for custom token generators (e.g. to create JWT tokens).
- โ Add new
OAUTH2_PROVIDER
settings:ACCESS_TOKEN_GENERATOR
to override the default access token generator.REFRESH_TOKEN_GENERATOR
to override the default refresh token generator.EXTRA_SERVER_KWARGS
options dictionary for oauthlib's Server class.PKCE_REQUIRED
to require PKCE.
- โ Add
createapplication
management command to create an application. - โ Add
id
in toolkit admin console applications list. - โ Add nonstandard Google support for [urn:ietf:wg:oauth:2.0:oob]
redirect_uri
for Google OAuth2 "manual copy/paste".
N.B. this feature appears to be deprecated and replaced with methods described in
RFC 8252: OAuth2 for Native Apps and may be deprecated and/or removed
๐ from a future release of Django-oauth-toolkit.
๐ Changed
- ๐ Change this change log to use Keep a Changelog format.
- Backwards-incompatible squashed migrations:
๐ If you are currently on a release < 1.2.0, you will need to first install 1.2.0 thenmanage.py migrate
before
โฌ๏ธ upgrading to >= 1.3.0. - ๐ Improved the tutorial.
โ Removed
- โ Remove support for Python 3.4
- โ Remove support for Django<=2.0
- โ Remove requirement for oauthlib<3.0
๐ Fixed
- ๐ Fix a race condition in creation of AccessToken with external oauth2 server.
- ๐ Fix several concurrency issues. (#638)
- ๐ Fix to pass
request
todjango.contrib.auth.authenticate()
(#636) - ๐ป Fix missing
oauth2_error
property exception oauthlib_core.verify_request method raises exceptions in authenticate.
(#633) - ๐ Fix "django.db.utils.NotSupportedError: FOR UPDATE cannot be applied to the nullable side of an outer join" for postgresql.
(#714) - ๐ Fix to return a new refresh token during grace period rather than the recently-revoked one.
(#702) - ๐ Fix a bug in refresh token revocation.
(#625)
-
v1.2.0 Changes
June 03, 2018- Compatibility: Python 3.4 is the new minimum required version.
- Compatibility: Django 2.0 is the new minimum required version.
- ๐ New feature: Added TokenMatchesOASRequirements Permissions.
- โก๏ธ validators.URIValidator has been updated to match URLValidator behaviour more closely.
- ๐ Moved
redirect_uris
validation to the application clean() method.
-
v1.1.3
October 12, 2018 -
v1.1.2 Changes
May 12, 2018- Return state with Authorization Denied error (RFC6749 section 4.1.2.1)
- ๐ Fix a crash with malformed base64 authentication headers
- ๐ Fix a crash with malformed IPv6 redirect URIs
-
v1.1.1 Changes
May 08, 2018- ๐ Critical: Django OAuth Toolkit 1.1.0 contained a migration that would revoke all existing
RefreshTokens (
0006_auto_20171214_2232
). This release corrects the migration. If you have already ran it in production, please see the following issue for more details: https://github.com/jazzband/django-oauth-toolkit/issues/589
- ๐ Critical: Django OAuth Toolkit 1.1.0 contained a migration that would revoke all existing
RefreshTokens (