django-oauth-toolkit v2.1.0 Release Notes

Release Date: 2022-06-19 // about 2 years ago
  • โš  WARNING

    ๐Ÿš€ Issues caused by Release 2.0.0 breaking changes continue to be logged. Please make sure to carefully read these release notes before โฌ†๏ธ performing a MAJOR upgrade to 2.x.

    These issues both result in {"error": "invalid_client"}:

    1. The application client secret is now hashed upon save. You must copy it before it is saved. Using the hashed value will fail.

    0๏ธโƒฃ 2. PKCE_REQUIRED is now True by default. You should use PKCE with your client or set PKCE_REQUIRED=False if you are unable to fix the client.

    โž• Added

    • ๐Ÿ‘ #1164 Support prompt=login for the OIDC Authorization Code Flow end user Authentication Request.
    • ๐ŸŒ #1163 Add French (fr) translations.
    • ๐ŸŒ #1166 Add Spanish (es) translations.

    ๐Ÿ”„ Changed

    • #1152 createapplication management command enhanced to display an auto-generated secret before it gets hashed.
    • ๐Ÿ“š #1172, #1159, #1158 documentation improvements.

    ๐Ÿ›  Fixed

    • ๐Ÿ›  #1147 Fixed 2.0.0 implementation of hashed client secret to work with swapped models.