pool/python-Authlib
SHA256
17
0
Fork 3
Code Issues Pull Requests Activity

Compare commits

base: pool:factory
Branches Tags
pool:factory pool:leap-16.0 pool:leap-16.1 python:main
..
compare: python:main
Branches Tags
python:main pool:factory pool:leap-16.0 pool:leap-16.1

25 Commits
factory ... main

Author SHA256 Message Date
Dominique Leuenberger
cc502ad0c2 Accepting request 1298827 from devel:languages:python 
OBS-URL: https://build.opensuse.org/request/show/1298827
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Authlib?expand=0&rev=25
 2025-08-12 15:04:06 +00:00
Nico Krapp
6e3369027b Accepting request 1298801 from home:glaubitz:branches:devel:languages:python 
- Update to 1.6.1
  * Filter key set with additional "alg" and "use" parameters.
- Fix bogus version number in previous changelog entry
- Rename README.rst to README.md in %files section

- Update to 1.6.0

OBS-URL: https://build.opensuse.org/request/show/1298801
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=52
 2025-08-11 12:30:53 +00:00
Ana Guerrero
ede6d3851a Accepting request 1282354 from devel:languages:python 
Forwarded request #1282104 from glaubitz

- Update to 1.6.2
    * Fix issue when RFC9207 is enabled and the authorization endpoint
      response is not a redirection. pull request #733
    * Fix missing state parameter in authorization error responses.
      issue #525
    * Support for acr and amr claims in id_token. issue #734
    * Support for the none JWS algorithm.
    * Fix response_types strict order during dynamic client
      registration. issue #760
    * Implement RFC9101 The OAuth 2.0 Authorization Framework:
      JWT-Secured Authorization Request (JAR). issue #723
    * OIDC UserInfo endpoint support. issue #459
  - Drop 767-skip-xc20p-tests.patch, merged upstream

OBS-URL: https://build.opensuse.org/request/show/1282354
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Authlib?expand=0&rev=24
 2025-06-03 15:57:40 +00:00
Nico Krapp
9ebafa80e9 Accepting request 1282104 from home:glaubitz:branches:devel:languages:python 
- Update to 1.6.2
  * Fix issue when RFC9207 is enabled and the authorization endpoint
    response is not a redirection. pull request #733
  * Fix missing state parameter in authorization error responses.
    issue #525
  * Support for acr and amr claims in id_token. issue #734
  * Support for the none JWS algorithm.
  * Fix response_types strict order during dynamic client
    registration. issue #760
  * Implement RFC9101 The OAuth 2.0 Authorization Framework:
    JWT-Secured Authorization Request (JAR). issue #723
  * OIDC UserInfo endpoint support. issue #459
- Drop 767-skip-xc20p-tests.patch, merged upstream

OBS-URL: https://build.opensuse.org/request/show/1282104
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=50
 2025-06-03 13:47:52 +00:00
Dominique Leuenberger
b0cb148d3e Accepting request 1274078 from devel:languages:python 
- Add 767-skip-xc20p-tests.patch to skip unavailable tests
  (gh#authlib/authlib#456).

OBS-URL: https://build.opensuse.org/request/show/1274078
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Authlib?expand=0&rev=23
 2025-05-03 18:59:15 +00:00
Matej Cepl
cd362f7e05 Try tests 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=48
 2025-05-02 22:02:10 +00:00
Matej Cepl
e6b3001848 - Add 767-skip-xc20p-tests.patch to skip unavailable tests 
(gh#authlib/authlib#456).

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=47
 2025-05-02 21:30:36 +00:00
Ana Guerrero
4949c93d6c Accepting request 1272263 from devel:languages:python 
OBS-URL: https://build.opensuse.org/request/show/1272263
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Authlib?expand=0&rev=22
 2025-04-24 15:25:46 +00:00
Matej Cepl
8e56f7f750 Accepting request 1272151 from home:glaubitz:branches:devel:languages:python 
- Update to 1.5.2
  * Forbid fragments in ``redirect_uris``. :issue:`714`
  * Fix invalid characters in ``error_description``. :issue:`720`
  * Add ``claims_cls``` parameter for client's ``parse_id_token``
    method. :issue:`725`

OBS-URL: https://build.opensuse.org/request/show/1272151
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=45
 2025-04-23 20:23:29 +00:00
Ana Guerrero
7dab8cd027 Accepting request 1269067 from devel:languages:python 
- Support both lowercased and unnormalized metadata directory names.

- Lowercase metadata directory name.

OBS-URL: https://build.opensuse.org/request/show/1269067
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Authlib?expand=0&rev=21
 2025-04-14 10:59:26 +00:00
Steve Kowalik
f126d0cae4 - Support both lowercased and unnormalized metadata directory names. 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=43
 2025-04-14 05:42:59 +00:00
Steve Kowalik
e9c06c04aa - Lowercase metadata directory name. 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=42
 2025-03-26 00:26:47 +00:00
Ana Guerrero
d5fa0ead53 Accepting request 1255455 from devel:languages:python 
- update to 1.5.1:
  * Fix RFC9207 iss parameter.
  * Fix token introspection auth method for clients.
  * Optional typ claim in JWT tokens.
  * JWT validation leeway.
  * Implement server-side :rfc:`RFC9207 <9207>`.
  * generate_id_token can take a kid parameter.
  * More detailed InvalidClientError.
  * OpenID Connect Dynamic Client Registration implementation.

OBS-URL: https://build.opensuse.org/request/show/1255455
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Authlib?expand=0&rev=20
 2025-03-24 12:31:55 +00:00
Dirk Mueller
01174be1b7 - update to 1.5.1: 
* Fix RFC9207 iss parameter.
  * Fix token introspection auth method for clients.
  * Optional typ claim in JWT tokens.
  * JWT validation leeway.
  * Implement server-side :rfc:`RFC9207 <9207>`.
  * generate_id_token can take a kid parameter.
  * More detailed InvalidClientError.
  * OpenID Connect Dynamic Client Registration implementation.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=40
 2025-03-23 21:42:41 +00:00
Ana Guerrero
b6908f0d83 Accepting request 1244113 from devel:languages:python 
OBS-URL: https://build.opensuse.org/request/show/1244113
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Authlib?expand=0&rev=19
 2025-02-07 22:07:01 +00:00
Markéta Machová
ab34919e9f Accepting request 1243614 from home:glaubitz:branches:devel:languages:python 
- Update to 1.4.1
  * Improve garbage collection on OAuth clients. (#698)
  * Fix client parameters for httpx. (#694)

OBS-URL: https://build.opensuse.org/request/show/1243614
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=38
 2025-02-07 10:41:08 +00:00
Ana Guerrero
8457578d5b Accepting request 1240304 from devel:languages:python 
OBS-URL: https://build.opensuse.org/request/show/1240304
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Authlib?expand=0&rev=18
 2025-01-27 19:52:26 +00:00
Matej Cepl
4b3a7ba671 Accepting request 1240203 from home:ecsos:python 
- Update to 1.4.0
  * Fix id_token decoding when kid is null. :pr:`659`
  * Support for Python 3.13. :pr:`682`
  * Force login if the prompt parameter value is login. :pr:`637`
  * Support for httpx 0.28, :pr:`695`
  * Breaking changes:
    - Stop support for Python 3.8. :pr:`682`
- Drop py313-tests.patch, because now in upstream.
- Drop httpx028.patch, because now in upstream.

OBS-URL: https://build.opensuse.org/request/show/1240203
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=36
 2025-01-25 20:55:26 +00:00
Ana Guerrero
a6e5e686f3 Accepting request 1232630 from devel:languages:python 
OBS-URL: https://build.opensuse.org/request/show/1232630
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Authlib?expand=0&rev=17
 2024-12-19 20:42:15 +00:00
Nico Krapp
0ee18569d9 Accepting request 1232567 from home:mcalabkova:branches:devel:languages:python 
- Add httpx028.patch to add compatibility with new httpx

OBS-URL: https://build.opensuse.org/request/show/1232567
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=34
 2024-12-19 15:37:31 +00:00
Dominique Leuenberger
bb5cd918a6 Accepting request 1219795 from devel:languages:python 
- add py313-tests.patch
- modernize spec file

OBS-URL: https://build.opensuse.org/request/show/1219795
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Authlib?expand=0&rev=16
 2024-10-31 15:10:05 +00:00
Dirk Mueller
a61a7fb097 - modernize spec file 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=32
 2024-10-31 09:14:35 +00:00
Dirk Mueller
66b2daf2b5 - add py313-tests.patch 
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=31
 2024-10-31 09:13:33 +00:00
Ana Guerrero
1dc21d8487 Accepting request 1204401 from devel:languages:python 
- update to 1.3.2:
  * Prevent ever-growing session size for OAuth clients.
  * Revert quote client id and secret.
  * unquote basic auth header for authorization server.

OBS-URL: https://build.opensuse.org/request/show/1204401
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Authlib?expand=0&rev=15
 2024-09-30 13:38:23 +00:00
Dirk Mueller
7f80687269 - update to 1.3.2: 
* Prevent ever-growing session size for OAuth clients.
  * Revert quote client id and secret.
  * unquote basic auth header for authorization server.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=29
 2024-09-28 20:04:14 +00:00
4 changed files with 8 additions and 54 deletions
Expand all files Collapse all files

3
authlib-1.6.1.tar.gz Normal file
View File

@@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d714698f818fd478161666c319e275f9ffedee3259b9a259360462734c24b5a2
size 341053

3
authlib-1.6.6.tar.gz
View File

@@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0c06b18e667033c3ed5c640bcc52d1bd7d8b285c2babc3e974bbb376b0b0b1c1
size 329249

45
python-Authlib.changes
View File

@@ -1,48 +1,3 @@
-------------------------------------------------------------------
Fri Jan 9 08:29:28 UTC 2026 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
- Update to 1.6.6 (bsc#1256414, CVE-2025-68158)
* ``get_jwt_config`` takes a ``client`` parameter, #844.
* Fix incorrect signature when ``Content-Type`` is x-www-form-urlencoded
for OAuth 1.0 Client, #778.
* Use ``expires_in`` in ``OAuth2Token`` when ``expires_at`` is unparsable, #842.
* Always track ``state`` in session for OAuth client integrations.
-------------------------------------------------------------------
Mon Oct 13 08:51:01 UTC 2025 - Nico Krapp <nico.krapp@suse.com>
- Update to 1.6.5 (fixes CVE-2025-61920, bsc#1251921)
* RFC7591 generate_client_info and generate_client_secret take a request
parameter.
* Add size limitation when decode JWS/JWE to prevent DoS.
* Add size limitation for DEF JWE zip algorithm.
- Update to 1.6.4
* fix(jose): prevent public/unprotected header overwriting protected header
by @lepture in #809
* Fix InsecureTransportError raising by @azmeuk in #810
* Add conventional-commits pre-commit hook by @azmeuk in #811
* Fix response_mode=form_post with Starlette client by @azmeuk in #812
* Specify README.md as project long description by @EpicWink in #817
* Migrate tests to pytest paradigm by @azmeuk in #813
* jose/jws: Reject unprotected crit and enforce type; add tests
by @AL-Cybision in #823
* Use explicit *.test urls in unit tests by @azmeuk in #824
- Update to 1.6.3
* Add diff-cover check in GHA by @azmeuk in #803
* Run GHA unit tests with uv by @azmeuk in #805
* Move from pre-commit to prek by @azmeuk in #804
* Sign OIDC id_token according to id_token_signed_response_alg client
metadata by @azmeuk in #802
- Update to 1.6.2
* Allow insecure transport for 127.0.0.1 for debugging
by @geigerzaehler in #788
* Raise a MissingCodeError when code parameter is missing by @lepture in #786
* Temporarily restore OAuth2Request body parameter by @azmeuk in #791
* Raise MissingCodeException when code parameter is missing
by @lepture in #794
* Fix id_token generation with EdDSA alg by @azmeuk in #800
- Update test requirements
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Aug 5 07:34:40 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com> Tue Aug 5 07:34:40 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>

11
python-Authlib.spec
View File

@@ -1,7 +1,7 @@
# #
# spec file for package python-Authlib # spec file for package python-Authlib
# #
# Copyright (c) 2026 SUSE LLC and contributors # Copyright (c) 2025 SUSE LLC and contributors
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@@ -19,7 +19,7 @@
%define modname authlib %define modname authlib
%{?sle15_python_module_pythons} %{?sle15_python_module_pythons}
Name: python-Authlib Name: python-Authlib
Version: 1.6.6 Version: 1.6.1
Release: 0 Release: 0
Summary: Python library for building OAuth and OpenID Connect servers Summary: Python library for building OAuth and OpenID Connect servers
License: BSD-3-Clause License: BSD-3-Clause
@@ -41,9 +41,7 @@ BuildRequires: %{python_module cachelib}
BuildRequires: %{python_module cryptography} BuildRequires: %{python_module cryptography}
BuildRequires: %{python_module httpx} BuildRequires: %{python_module httpx}
BuildRequires: %{python_module pytest-asyncio} BuildRequires: %{python_module pytest-asyncio}
BuildRequires: %{python_module pytest-django}
BuildRequires: %{python_module pytest} BuildRequires: %{python_module pytest}
BuildRequires: %{python_module python-multipart}
BuildRequires: %{python_module requests} BuildRequires: %{python_module requests}
BuildRequires: %{python_module starlette} BuildRequires: %{python_module starlette}
BuildRequires: %{python_module typing_extensions} BuildRequires: %{python_module typing_extensions}
@@ -77,9 +75,10 @@ $python -mpytest tests/flask
# gh#lepture/authlib#456 # gh#lepture/authlib#456
# $python -mpytest tests/jose -k 'not (test_dir_alg_xc20p or test_xc20p_content_encryption_decryption)' # $python -mpytest tests/jose -k 'not (test_dir_alg_xc20p or test_xc20p_content_encryption_decryption)'
$python -mpytest tests/jose $python -mpytest tests/jose
export DJANGO_SETTINGS_MODULE=tests.django_settings export DJANGO_SETTINGS_MODULE=tests.clients.test_django.settings
$python -mpytest tests/clients $python -mpytest tests/clients
$python -mpytest tests/django # export DJANGO_SETTINGS_MODULE=tests.django.settings
# $python -mpytest tests/django
} }
%files %{python_files} %files %{python_files}