« Changelog History


django-oauth-toolkit v1.3.0 Release Notes

Release Date: 2020-03-02 // about 4 years ago

  • From the CHANGELOG:

    [1.3.0] 2020-03-02

    ➕ Added

    • ➕ Add support for Python 3.7 & 3.8
    • ➕ Add support for Django>=2.1,<3.1
    • ➕ Add requirement for oauthlib>=3.0.1
    • ➕ Add support for Proof Key for Code Exchange (PKCE, RFC 7636).
    • ➕ Add support for custom token generators (e.g. to create JWT tokens).
    • ➕ Add new OAUTH2_PROVIDER settings:
      • ACCESS_TOKEN_GENERATOR to override the default access token generator.
      • REFRESH_TOKEN_GENERATOR to override the default refresh token generator.
      • EXTRA_SERVER_KWARGS options dictionary for oauthlib's Server class.
      • PKCE_REQUIRED to require PKCE.
    • ➕ Add createapplication management command to create an application.
    • ➕ Add id in toolkit admin console applications list.
    • ➕ Add nonstandard Google support for [urn:ietf:wg:oauth:2.0:oob] redirect_uri
      for Google OAuth2 "manual copy/paste".
      N.B. this feature appears to be deprecated and replaced with methods described in
      RFC 8252: OAuth2 for Native Apps and may be deprecated and/or removed
      🚀 from a future release of Django-oauth-toolkit.

    🔄 Changed

    • 🔄 Change this change log to use Keep a Changelog format.
    • Backwards-incompatible squashed migrations:
      🚀 If you are currently on a release < 1.2.0, you will need to first install 1.2.0 then manage.py migrate before
      ⬆️ upgrading to >= 1.3.0.
    • 👌 Improved the tutorial.

    ✂ Removed

    • ✂ Remove support for Python 3.4
    • ✂ Remove support for Django<=2.0
    • ✂ Remove requirement for oauthlib<3.0

    🛠 Fixed

    • 🛠 Fix a race condition in creation of AccessToken with external oauth2 server.
    • 🛠 Fix several concurrency issues. (#638)
    • 🛠 Fix to pass request to django.contrib.auth.authenticate() (#636)
    • 👻 Fix missing oauth2_error property exception oauthlib_core.verify_request method raises exceptions in authenticate.
      (#633)
    • 🛠 Fix "django.db.utils.NotSupportedError: FOR UPDATE cannot be applied to the nullable side of an outer join" for postgresql.
      (#714)
    • 🛠 Fix to return a new refresh token during grace period rather than the recently-revoked one.
      (#702)
    • 🛠 Fix a bug in refresh token revocation.
      (#625)