Compare commits
25 Commits
| Author | SHA256 | Date | |
|---|---|---|---|
| cc502ad0c2 | |||
| 6e3369027b | |||
| ede6d3851a | |||
| 9ebafa80e9 | |||
| b0cb148d3e | |||
| cd362f7e05 | |||
| e6b3001848 | |||
| 4949c93d6c | |||
| 8e56f7f750 | |||
| 7dab8cd027 | |||
| f126d0cae4 | |||
| e9c06c04aa | |||
| d5fa0ead53 | |||
| 01174be1b7 | |||
| b6908f0d83 | |||
| ab34919e9f | |||
| 8457578d5b | |||
| 4b3a7ba671 | |||
| a6e5e686f3 | |||
| 0ee18569d9 | |||
| bb5cd918a6 | |||
| a61a7fb097 | |||
| 66b2daf2b5 | |||
| 1dc21d8487 | |||
| 7f80687269 |
3
authlib-1.6.1.tar.gz
Normal file
3
authlib-1.6.1.tar.gz
Normal file
@@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:d714698f818fd478161666c319e275f9ffedee3259b9a259360462734c24b5a2
|
||||
size 341053
|
||||
@@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:0c06b18e667033c3ed5c640bcc52d1bd7d8b285c2babc3e974bbb376b0b0b1c1
|
||||
size 329249
|
||||
@@ -1,48 +1,3 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Jan 9 08:29:28 UTC 2026 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
|
||||
|
||||
- Update to 1.6.6 (bsc#1256414, CVE-2025-68158)
|
||||
* ``get_jwt_config`` takes a ``client`` parameter, #844.
|
||||
* Fix incorrect signature when ``Content-Type`` is x-www-form-urlencoded
|
||||
for OAuth 1.0 Client, #778.
|
||||
* Use ``expires_in`` in ``OAuth2Token`` when ``expires_at`` is unparsable, #842.
|
||||
* Always track ``state`` in session for OAuth client integrations.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Oct 13 08:51:01 UTC 2025 - Nico Krapp <nico.krapp@suse.com>
|
||||
|
||||
- Update to 1.6.5 (fixes CVE-2025-61920, bsc#1251921)
|
||||
* RFC7591 generate_client_info and generate_client_secret take a request
|
||||
parameter.
|
||||
* Add size limitation when decode JWS/JWE to prevent DoS.
|
||||
* Add size limitation for DEF JWE zip algorithm.
|
||||
- Update to 1.6.4
|
||||
* fix(jose): prevent public/unprotected header overwriting protected header
|
||||
by @lepture in #809
|
||||
* Fix InsecureTransportError raising by @azmeuk in #810
|
||||
* Add conventional-commits pre-commit hook by @azmeuk in #811
|
||||
* Fix response_mode=form_post with Starlette client by @azmeuk in #812
|
||||
* Specify README.md as project long description by @EpicWink in #817
|
||||
* Migrate tests to pytest paradigm by @azmeuk in #813
|
||||
* jose/jws: Reject unprotected ‘crit’ and enforce type; add tests
|
||||
by @AL-Cybision in #823
|
||||
* Use explicit *.test urls in unit tests by @azmeuk in #824
|
||||
- Update to 1.6.3
|
||||
* Add diff-cover check in GHA by @azmeuk in #803
|
||||
* Run GHA unit tests with uv by @azmeuk in #805
|
||||
* Move from pre-commit to prek by @azmeuk in #804
|
||||
* Sign OIDC id_token according to id_token_signed_response_alg client
|
||||
metadata by @azmeuk in #802
|
||||
- Update to 1.6.2
|
||||
* Allow insecure transport for 127.0.0.1 for debugging
|
||||
by @geigerzaehler in #788
|
||||
* Raise a MissingCodeError when code parameter is missing by @lepture in #786
|
||||
* Temporarily restore OAuth2Request body parameter by @azmeuk in #791
|
||||
* Raise MissingCodeException when code parameter is missing
|
||||
by @lepture in #794
|
||||
* Fix id_token generation with EdDSA alg by @azmeuk in #800
|
||||
- Update test requirements
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 5 07:34:40 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package python-Authlib
|
||||
#
|
||||
# Copyright (c) 2026 SUSE LLC and contributors
|
||||
# Copyright (c) 2025 SUSE LLC and contributors
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@@ -19,7 +19,7 @@
|
||||
%define modname authlib
|
||||
%{?sle15_python_module_pythons}
|
||||
Name: python-Authlib
|
||||
Version: 1.6.6
|
||||
Version: 1.6.1
|
||||
Release: 0
|
||||
Summary: Python library for building OAuth and OpenID Connect servers
|
||||
License: BSD-3-Clause
|
||||
@@ -41,9 +41,7 @@ BuildRequires: %{python_module cachelib}
|
||||
BuildRequires: %{python_module cryptography}
|
||||
BuildRequires: %{python_module httpx}
|
||||
BuildRequires: %{python_module pytest-asyncio}
|
||||
BuildRequires: %{python_module pytest-django}
|
||||
BuildRequires: %{python_module pytest}
|
||||
BuildRequires: %{python_module python-multipart}
|
||||
BuildRequires: %{python_module requests}
|
||||
BuildRequires: %{python_module starlette}
|
||||
BuildRequires: %{python_module typing_extensions}
|
||||
@@ -77,9 +75,10 @@ $python -mpytest tests/flask
|
||||
# gh#lepture/authlib#456
|
||||
# $python -mpytest tests/jose -k 'not (test_dir_alg_xc20p or test_xc20p_content_encryption_decryption)'
|
||||
$python -mpytest tests/jose
|
||||
export DJANGO_SETTINGS_MODULE=tests.django_settings
|
||||
export DJANGO_SETTINGS_MODULE=tests.clients.test_django.settings
|
||||
$python -mpytest tests/clients
|
||||
$python -mpytest tests/django
|
||||
# export DJANGO_SETTINGS_MODULE=tests.django.settings
|
||||
# $python -mpytest tests/django
|
||||
}
|
||||
|
||||
%files %{python_files}
|
||||
|
||||
Reference in New Issue
Block a user