All Versions
44
Latest Version
Avg Release Cycle
78 days
Latest Release
942 days ago

Changelog History
Page 2

  • v1.4.1 Changes

    March 12, 2021

    ๐Ÿ”„ Changed

    • ๐Ÿ’… #925 OAuth2TokenMiddleware converted to new style middleware, and no longer extends MiddlewareMixin.

    โœ‚ Removed

    • ๐Ÿšš #936 Remove support for Python 3.5

  • v1.4.0 Changes

    February 08, 2021

    โž• Added

    • ๐Ÿ“š #917 Documentation improvement for Access Token expiration.
    • ๐ŸŒ #916 (for DOT contributors) Added tox -e livedocs which launches a local web server on locahost:8000 to display Sphinx documentation with live updates as you edit.
    • โœ… #891 (for DOT contributors) Added details on how best to contribute to this project.
    • ๐Ÿ‘ #884 Added support for Python 3.9
    • #898 Added the ability to customize classes for django admin
    • ๐ŸŒ #690 Added pt-PT translations to HTML templates. This enables adding additional translations.

    ๐Ÿ›  Fixed

    • #906 Made token revocation not apply a limit to the select_for_update statement (impacts Oracle 12c database).
    • #903 Disable redirect_uri field length limit for AbstractGrant

  • v1.3.3 Changes

    October 16, 2020

    โž• Added

    • โž• added select_related in intospect view for better query performance
    • #831 Authorization token creation now can receive an expire date
    • #831 Added a method to override Grant creation
    • #825 Bump oauthlib to 3.1.0 to introduce PKCE
    • ๐Ÿ‘Œ Support for Django 3.1

    ๐Ÿ›  Fixed

    • #847: Fix inappropriate message when response from authentication server is not OK.

    ๐Ÿ”„ Changed

    • ๐Ÿšš few smaller improvements to remove older django version compatibility #830, #861, #862, #863

  • v1.3.2 Changes

    March 24, 2020

    ๐Ÿ›  Fixed

    • ๐Ÿ›  Fixes: 1.3.1 inadvertently uploaded to pypi with an extra migration (0003...) from a dev branch.

  • v1.3.1 Changes

    March 23, 2020

    โž• Added

    • ๐Ÿ‘ #725: HTTP Basic Auth support for introspection (Fix issue #709)

    ๐Ÿ›  Fixed

    • โช #812: Reverts #643 pass wrong request object to authenticate function.
    • ๐Ÿ›  Fix concurrency issue with refresh token requests (#810)
    • ๐Ÿ“š #817: Reverts #734 tutorial documentation error.

  • v1.3.0 Changes

    March 02, 2020

    From the CHANGELOG:

    [1.3.0] 2020-03-02

    โž• Added

    • โž• Add support for Python 3.7 & 3.8
    • โž• Add support for Django>=2.1,<3.1
    • โž• Add requirement for oauthlib>=3.0.1
    • โž• Add support for Proof Key for Code Exchange (PKCE, RFC 7636).
    • โž• Add support for custom token generators (e.g. to create JWT tokens).
    • โž• Add new OAUTH2_PROVIDER settings:
      • ACCESS_TOKEN_GENERATOR to override the default access token generator.
      • REFRESH_TOKEN_GENERATOR to override the default refresh token generator.
      • EXTRA_SERVER_KWARGS options dictionary for oauthlib's Server class.
      • PKCE_REQUIRED to require PKCE.
    • โž• Add createapplication management command to create an application.
    • โž• Add id in toolkit admin console applications list.
    • โž• Add nonstandard Google support for [urn:ietf:wg:oauth:2.0:oob] redirect_uri
      for Google OAuth2 "manual copy/paste".
      N.B. this feature appears to be deprecated and replaced with methods described in
      RFC 8252: OAuth2 for Native Apps and may be deprecated and/or removed
      ๐Ÿš€ from a future release of Django-oauth-toolkit.

    ๐Ÿ”„ Changed

    • ๐Ÿ”„ Change this change log to use Keep a Changelog format.
    • Backwards-incompatible squashed migrations:
      ๐Ÿš€ If you are currently on a release < 1.2.0, you will need to first install 1.2.0 then manage.py migrate before
      โฌ†๏ธ upgrading to >= 1.3.0.
    • ๐Ÿ‘Œ Improved the tutorial.

    โœ‚ Removed

    • โœ‚ Remove support for Python 3.4
    • โœ‚ Remove support for Django<=2.0
    • โœ‚ Remove requirement for oauthlib<3.0

    ๐Ÿ›  Fixed

    • ๐Ÿ›  Fix a race condition in creation of AccessToken with external oauth2 server.
    • ๐Ÿ›  Fix several concurrency issues. (#638)
    • ๐Ÿ›  Fix to pass request to django.contrib.auth.authenticate() (#636)
    • ๐Ÿ‘ป Fix missing oauth2_error property exception oauthlib_core.verify_request method raises exceptions in authenticate.
      (#633)
    • ๐Ÿ›  Fix "django.db.utils.NotSupportedError: FOR UPDATE cannot be applied to the nullable side of an outer join" for postgresql.
      (#714)
    • ๐Ÿ›  Fix to return a new refresh token during grace period rather than the recently-revoked one.
      (#702)
    • ๐Ÿ›  Fix a bug in refresh token revocation.
      (#625)

  • v1.2.0 Changes

    June 03, 2018
    • Compatibility: Python 3.4 is the new minimum required version.
    • Compatibility: Django 2.0 is the new minimum required version.
    • ๐Ÿ†• New feature: Added TokenMatchesOASRequirements Permissions.
    • โšก๏ธ validators.URIValidator has been updated to match URLValidator behaviour more closely.
    • ๐Ÿšš Moved redirect_uris validation to the application clean() method.

  • v1.1.3

    October 12, 2018

  • v1.1.2 Changes

    May 12, 2018
    • Return state with Authorization Denied error (RFC6749 section 4.1.2.1)
    • ๐Ÿ›  Fix a crash with malformed base64 authentication headers
    • ๐Ÿ›  Fix a crash with malformed IPv6 redirect URIs

  • v1.1.1 Changes

    May 08, 2018
    • ๐Ÿš‘ Critical: Django OAuth Toolkit 1.1.0 contained a migration that would revoke all existing RefreshTokens (0006_auto_20171214_2232). This release corrects the migration. If you have already ran it in production, please see the following issue for more details: https://github.com/jazzband/django-oauth-toolkit/issues/589