You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Added
Adding explicit support for Python 3.12.
Publicly expose requests_auth.SupportMultiAuth, allowing multiple authentication support for every requests authentication class that exists.
Publicly expose requests_auth.TokenMemoryCache, allowing to create custom Oauth2 token cache based on this default implementation.
You can now provide your own HTML success (success_html) and failure (failure_html) display via the new OAuth2.display shared setting. Refer to documentation for more details.
Thanks to the new redirect_uri_domain parameter on Authorization code (with and without PKCE) and Implicit flows, you can now provide the FQDN to use in the redirect_uri when localhost (the default) is not allowed.
requests_auth.WakaTimeAuthorizationCode handling access to the WakaTime API.
Changed
Except for requests_auth.testing, only direct access via requests_auth. was considered publicly exposed. This is now explicit, as inner packages are now using private prefix (_).
If you were relying on some classes or functions that are now internal, feel free to open an issue.
requests_auth.JsonTokenFileCache and requests_auth.TokenMemoryCacheget_token method does not handle kwargs anymore, the on_missing_token callable does not expect any arguments anymore.
requests_auth.JsonTokenFileCache does not expose tokens_path or last_save_time attributes anymore and is also allowing pathlib.Path instances as cache location.
requests_auth.TokenMemoryCache does not expose forbid_concurrent_cache_access or forbid_concurrent_missing_token_function_call attributes anymore.
Browser display settings have been moved to a shared setting, see documentation for more information on requests_auth.OAuth2.display.
The failure page will be displayed for 10 seconds by default instead of 5 seconds previously.
As a result the following classes no longer expose success_display_time and failure_display_time parameters.
The authentication success and failure displayed in the browser were revamped to be more user-friendly. requests_auth.testing was modified to accommodate this change:
tab.assert_successexpected_message parameter was removed.
tab.assert_failureexpected_message parameter should not be prefixed with Unable to properly perform authentication: anymore and \n in the message should be replaced with <br>.
Exceptions issued by requests_auth are now inheriting from requests_auth.RequestsAuthException, itself inheriting from requests.RequestException, instead of Exception.
Fixed
Type information is now provided following PEP 561.
Remove deprecation warnings due to usage of utcnow and utcfromtimestamp.
requests_auth.OktaClientCredentialsscope parameter is now mandatory and does not default to openid anymore.
requests_auth.OktaClientCredentials will now display a more user-friendly error message in case Okta instance is not provided.
Tokens cache DEBUG logs will not display tokens anymore.
Handle text/html; charset=utf-8 content-type in token responses.
Removed
Removing support for Python 3.7.
Deprecated requests_auth.Auths class has been removed.
