pool/python-Flask-Security-Too
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
python-Flask-Security-Too/python-Flask-Security-Too.spec

116 lines
4.4 KiB
RPMSpec
Raw Normal View History

Accepting request 788170 from home:alarrosa:branches:devel:languages:python:flask New package python-Flask-Security-Too OBS-URL: https://build.opensuse.org/request/show/788170 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=1
2020-03-25 12:00:22 +00:00
#
# spec file for package python-Flask-Security-Too
#
- Add patch support-Flask-SQLAlchemy-3.0.patch: * Support Flask-SQLAlchemy >= 3.0 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=25
2023-01-06 03:54:53 +00:00
# Copyright (c) 2023 SUSE LLC
Accepting request 788170 from home:alarrosa:branches:devel:languages:python:flask New package python-Flask-Security-Too OBS-URL: https://build.opensuse.org/request/show/788170 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=1
2020-03-25 12:00:22 +00:00
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
- Update to 3.4.0: * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication. * (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support. * (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code. * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required). * (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85) - Enable the testing - Add patch to not require mongodb during testing: * no-mongodb.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=3
2020-04-05 08:37:47 +00:00
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Accepting request 788170 from home:alarrosa:branches:devel:languages:python:flask New package python-Flask-Security-Too OBS-URL: https://build.opensuse.org/request/show/788170 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=1
2020-03-25 12:00:22 +00:00
Name: python-Flask-Security-Too
- Update to 5.1.1: * Fix 2 Flask apps in same thread with USERNAME_ENABLE set. There was a too aggressive config check. * Fix json/flask backwards compatibility hack. * Fix unified signup when two-factor not enabled. (sebdroid) * Add dependency on setuptools (pkg_resources). (hroncok) * Option to encrypt recovery codes. * Support for authentication via 'social' oauth. * Support for Python 3.11 * Fixes for Flask-SQLAlchemy 3.0.0. (jrast) * Fixes for sqlalchemy 2.0.0 (jrast) * Webauthn and Unified signin features now properly take into account blueprint prefixes. * Properly propagate ?next=/xx - the verify, webauthn, and unified signin endpoints, that had multiple redirects, needed fixes. * Two factor redirects ignored url_prefix. Added a SECURITY_TWO_FACTOR_ERROR_VIEW configuration option. * Add configurations for static folder/URL and make sure templates reference blueprint relative static folder. * Send entire context to MailUtil::send_mail (patrickyan) * Support for Flask-Babel 3.0.0 * Add configuration option SECURITY_TWO_FACTOR_POST_SETUP_VIEW which is redirected to upon successful change of a two factor method. * The ability to pass in a LoginManager instance which was deprecated in 5.0 has been removed. - Drop patch support-Flask-SQLAlchemy-3.0.patch, now included upstream. - Refresh all other patches. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=27
2023-03-03 06:22:07 +00:00
Version: 5.1.1
Accepting request 788170 from home:alarrosa:branches:devel:languages:python:flask New package python-Flask-Security-Too OBS-URL: https://build.opensuse.org/request/show/788170 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=1
2020-03-25 12:00:22 +00:00
Release: 0
Summary: Security for Flask apps
- Update to 3.4.0: * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication. * (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support. * (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code. * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required). * (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85) - Enable the testing - Add patch to not require mongodb during testing: * no-mongodb.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=3
2020-04-05 08:37:47 +00:00
License: MIT
- Upate to 5.0.2: * Role permissions backwards compatibility bug. * Fix Change Password regression. * Support for WebAuthn. * Support Two-factor recovery codes. * Provide option to prevent user enumeration (i.e. Generic Responses). * Support for Python 3.10. * Support for Flask >= 2.2. * Add custom HTML attributes to improve user experience. * Make the required zxcvbn complexity score configurable. * Get rid of Flask-Mail. Flask-Mailman is now the default preferred email package. * A delete option has been added to us-setup (form and view). * Improve username support - the LoginForm now has a separate field for username. * Fix test and other failures with newer Flask-Login/Werkzeug versions. * Fix test failures with newer Flask versions. - Drop patch endswith-assert.patch: * Included upstream. - Rebase patches no-mongodb.patch and use-pyqrcodeng.patch - Update {Build,}Requires versions. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=23
2022-09-30 06:53:24 +00:00
URL: https://github.com/Flask-Middleware/flask-security
Accepting request 788170 from home:alarrosa:branches:devel:languages:python:flask New package python-Flask-Security-Too OBS-URL: https://build.opensuse.org/request/show/788170 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=1
2020-03-25 12:00:22 +00:00
Source: https://files.pythonhosted.org/packages/source/F/Flask-Security-Too/Flask-Security-Too-%{version}.tar.gz
- Update to 3.4.0: * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication. * (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support. * (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code. * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required). * (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85) - Enable the testing - Add patch to not require mongodb during testing: * no-mongodb.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=3
2020-04-05 08:37:47 +00:00
Patch0: no-mongodb.patch
- Add patch support-Flask-SQLAlchemy-3.0.patch: * Support Flask-SQLAlchemy >= 3.0 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=25
2023-01-06 03:54:53 +00:00
# PATCH-FIX-OPENSUSE Use pyqrcodeng, we do not ship qrcode in OpenSUSE.
- Update to 4.1.2: * default_reauthn_handler doesn't honor SECURITY_URL_PREFIX * Add public API and CLI command to change a user's password. * Add type hints. Please note that many of the packages that flask-security * Add first-class support for using username for signing in. * Possible open redirect vulnerability. * Improve cookie handling and default ``samesite`` to ``Strict``. * Email validation confusion - added documentation. * Add documentation on how to override specific error messages. * Don't install global-scope tests. * Add Blinker as explicit dependency, improve/fix celery usage docs, don't require pyqrcode unless authenticator configured, improve SMS configuration variables documentation. * Your UserModel must contain ``fs_uniquifier`` * Removal of python 2.7 and <3.6 support * Remove two-factor `/tf-confirm` endpoint and use generic `freshness` mechanism. * Remove ``SECURITY_BACKWARDS_COMPAT_AUTH_TOKEN_INVALID(ATE)``. In addition to not making sense - the documentation has never been correct. * Add 2FA Validity Window so an application can configure how often the second factor has to be entered. * Add HTML5 Email input types to email fields. - Refresh no-mongodb.patch - Drop patches: * no-setup-dependencies.patch * fix-dependencies.patch * 0001-Do-not-raise-a-TypeError-exception-if-phone.data-is-.patch - Add patch use-pyqrcodeng.patch: * Use pyqrcodeng rather than pyqrcode. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=14
2022-02-28 06:21:54 +00:00
Patch1: use-pyqrcodeng.patch
- Update to 5.1.1: * Fix 2 Flask apps in same thread with USERNAME_ENABLE set. There was a too aggressive config check. * Fix json/flask backwards compatibility hack. * Fix unified signup when two-factor not enabled. (sebdroid) * Add dependency on setuptools (pkg_resources). (hroncok) * Option to encrypt recovery codes. * Support for authentication via 'social' oauth. * Support for Python 3.11 * Fixes for Flask-SQLAlchemy 3.0.0. (jrast) * Fixes for sqlalchemy 2.0.0 (jrast) * Webauthn and Unified signin features now properly take into account blueprint prefixes. * Properly propagate ?next=/xx - the verify, webauthn, and unified signin endpoints, that had multiple redirects, needed fixes. * Two factor redirects ignored url_prefix. Added a SECURITY_TWO_FACTOR_ERROR_VIEW configuration option. * Add configurations for static folder/URL and make sure templates reference blueprint relative static folder. * Send entire context to MailUtil::send_mail (patrickyan) * Support for Flask-Babel 3.0.0 * Add configuration option SECURITY_TWO_FACTOR_POST_SETUP_VIEW which is redirected to upon successful change of a two factor method. * The ability to pass in a LoginManager instance which was deprecated in 5.0 has been removed. - Drop patch support-Flask-SQLAlchemy-3.0.patch, now included upstream. - Refresh all other patches. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=27
2023-03-03 06:22:07 +00:00
BuildRequires: %{python_module Babel >= 2.10.0}
Accepting request 959654 from home:apersaud:branches:devel:languages:python:flask update to latest version OBS-URL: https://build.opensuse.org/request/show/959654 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=15
2022-03-06 07:24:48 +00:00
BuildRequires: %{python_module Flask >= 1.1.1}
- Upate to 5.0.2: * Role permissions backwards compatibility bug. * Fix Change Password regression. * Support for WebAuthn. * Support Two-factor recovery codes. * Provide option to prevent user enumeration (i.e. Generic Responses). * Support for Python 3.10. * Support for Flask >= 2.2. * Add custom HTML attributes to improve user experience. * Make the required zxcvbn complexity score configurable. * Get rid of Flask-Mail. Flask-Mailman is now the default preferred email package. * A delete option has been added to us-setup (form and view). * Improve username support - the LoginForm now has a separate field for username. * Fix test and other failures with newer Flask-Login/Werkzeug versions. * Fix test failures with newer Flask versions. - Drop patch endswith-assert.patch: * Included upstream. - Rebase patches no-mongodb.patch and use-pyqrcodeng.patch - Update {Build,}Requires versions. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=23
2022-09-30 06:53:24 +00:00
BuildRequires: %{python_module Flask-Babel >= 2.0.0}
- Update to 3.4.0: * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication. * (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support. * (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code. * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required). * (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85) - Enable the testing - Add patch to not require mongodb during testing: * no-mongodb.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=3
2020-04-05 08:37:47 +00:00
BuildRequires: %{python_module Flask-Login >= 0.4.1}
- Upate to 5.0.2: * Role permissions backwards compatibility bug. * Fix Change Password regression. * Support for WebAuthn. * Support Two-factor recovery codes. * Provide option to prevent user enumeration (i.e. Generic Responses). * Support for Python 3.10. * Support for Flask >= 2.2. * Add custom HTML attributes to improve user experience. * Make the required zxcvbn complexity score configurable. * Get rid of Flask-Mail. Flask-Mailman is now the default preferred email package. * A delete option has been added to us-setup (form and view). * Improve username support - the LoginForm now has a separate field for username. * Fix test and other failures with newer Flask-Login/Werkzeug versions. * Fix test failures with newer Flask versions. - Drop patch endswith-assert.patch: * Included upstream. - Rebase patches no-mongodb.patch and use-pyqrcodeng.patch - Update {Build,}Requires versions. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=23
2022-09-30 06:53:24 +00:00
BuildRequires: %{python_module Flask-Mailman >= 0.3.0}
- Update to 3.4.0: * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication. * (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support. * (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code. * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required). * (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85) - Enable the testing - Add patch to not require mongodb during testing: * no-mongodb.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=3
2020-04-05 08:37:47 +00:00
BuildRequires: %{python_module Flask-Principal >= 0.4.0}
- Update to 5.1.1: * Fix 2 Flask apps in same thread with USERNAME_ENABLE set. There was a too aggressive config check. * Fix json/flask backwards compatibility hack. * Fix unified signup when two-factor not enabled. (sebdroid) * Add dependency on setuptools (pkg_resources). (hroncok) * Option to encrypt recovery codes. * Support for authentication via 'social' oauth. * Support for Python 3.11 * Fixes for Flask-SQLAlchemy 3.0.0. (jrast) * Fixes for sqlalchemy 2.0.0 (jrast) * Webauthn and Unified signin features now properly take into account blueprint prefixes. * Properly propagate ?next=/xx - the verify, webauthn, and unified signin endpoints, that had multiple redirects, needed fixes. * Two factor redirects ignored url_prefix. Added a SECURITY_TWO_FACTOR_ERROR_VIEW configuration option. * Add configurations for static folder/URL and make sure templates reference blueprint relative static folder. * Send entire context to MailUtil::send_mail (patrickyan) * Support for Flask-Babel 3.0.0 * Add configuration option SECURITY_TWO_FACTOR_POST_SETUP_VIEW which is redirected to upon successful change of a two factor method. * The ability to pass in a LoginManager instance which was deprecated in 5.0 has been removed. - Drop patch support-Flask-SQLAlchemy-3.0.patch, now included upstream. - Refresh all other patches. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=27
2023-03-03 06:22:07 +00:00
BuildRequires: %{python_module Flask-SQLAlchemy >= 3.0.2}
Accepting request 959654 from home:apersaud:branches:devel:languages:python:flask update to latest version OBS-URL: https://build.opensuse.org/request/show/959654 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=15
2022-03-06 07:24:48 +00:00
BuildRequires: %{python_module Flask-WTF >= 0.14.3}
- Update to 3.4.0: * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication. * (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support. * (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code. * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required). * (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85) - Enable the testing - Add patch to not require mongodb during testing: * no-mongodb.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=3
2020-04-05 08:37:47 +00:00
BuildRequires: %{python_module PyQRCode >= 1.2}
- Update to 5.1.1: * Fix 2 Flask apps in same thread with USERNAME_ENABLE set. There was a too aggressive config check. * Fix json/flask backwards compatibility hack. * Fix unified signup when two-factor not enabled. (sebdroid) * Add dependency on setuptools (pkg_resources). (hroncok) * Option to encrypt recovery codes. * Support for authentication via 'social' oauth. * Support for Python 3.11 * Fixes for Flask-SQLAlchemy 3.0.0. (jrast) * Fixes for sqlalchemy 2.0.0 (jrast) * Webauthn and Unified signin features now properly take into account blueprint prefixes. * Properly propagate ?next=/xx - the verify, webauthn, and unified signin endpoints, that had multiple redirects, needed fixes. * Two factor redirects ignored url_prefix. Added a SECURITY_TWO_FACTOR_ERROR_VIEW configuration option. * Add configurations for static folder/URL and make sure templates reference blueprint relative static folder. * Send entire context to MailUtil::send_mail (patrickyan) * Support for Flask-Babel 3.0.0 * Add configuration option SECURITY_TWO_FACTOR_POST_SETUP_VIEW which is redirected to upon successful change of a two factor method. * The ability to pass in a LoginManager instance which was deprecated in 5.0 has been removed. - Drop patch support-Flask-SQLAlchemy-3.0.patch, now included upstream. - Refresh all other patches. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=27
2023-03-03 06:22:07 +00:00
BuildRequires: %{python_module SQLAlchemy >= 1.4.35}
Accepting request 970479 from home:mcepl:branches:devel:languages:python:flask - Add endswith-assert.patch to overcome incompatibilities with WTForms >= 3.0.0 (gh#Flask-Middleware/flask-security#605). OBS-URL: https://build.opensuse.org/request/show/970479 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=19
2022-04-16 23:06:35 +00:00
BuildRequires: %{python_module WTForms-lang}
BuildRequires: %{python_module WTForms}
Accepting request 805559 from home:alarrosa:branches:devel:languages:python:flask - Decrease dependencies which aren't really required so we can build in SLE/Leap: * Werkzeug 0.15.5 requirement decreased to 0.14.1 * cryptography 2.3.1 requirement decreased to 2.1.4 * bcrypt 3.1.5 requirement decreased to 3.1.4 * peewee 3.11.2 requirement decreased to 3.7.1 * Remove python-pony requirement - Add patch that applies previous dependency changes: * fix-dependencies.patch OBS-URL: https://build.opensuse.org/request/show/805559 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=8
2020-05-14 10:21:18 +00:00
BuildRequires: %{python_module Werkzeug >= 0.14.1}
- Update to 3.4.0: * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication. * (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support. * (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code. * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required). * (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85) - Enable the testing - Add patch to not require mongodb during testing: * no-mongodb.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=3
2020-04-05 08:37:47 +00:00
BuildRequires: %{python_module argon2_cffi >= 19.1.0}
- Update to 5.1.1: * Fix 2 Flask apps in same thread with USERNAME_ENABLE set. There was a too aggressive config check. * Fix json/flask backwards compatibility hack. * Fix unified signup when two-factor not enabled. (sebdroid) * Add dependency on setuptools (pkg_resources). (hroncok) * Option to encrypt recovery codes. * Support for authentication via 'social' oauth. * Support for Python 3.11 * Fixes for Flask-SQLAlchemy 3.0.0. (jrast) * Fixes for sqlalchemy 2.0.0 (jrast) * Webauthn and Unified signin features now properly take into account blueprint prefixes. * Properly propagate ?next=/xx - the verify, webauthn, and unified signin endpoints, that had multiple redirects, needed fixes. * Two factor redirects ignored url_prefix. Added a SECURITY_TWO_FACTOR_ERROR_VIEW configuration option. * Add configurations for static folder/URL and make sure templates reference blueprint relative static folder. * Send entire context to MailUtil::send_mail (patrickyan) * Support for Flask-Babel 3.0.0 * Add configuration option SECURITY_TWO_FACTOR_POST_SETUP_VIEW which is redirected to upon successful change of a two factor method. * The ability to pass in a LoginManager instance which was deprecated in 5.0 has been removed. - Drop patch support-Flask-SQLAlchemy-3.0.patch, now included upstream. - Refresh all other patches. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=27
2023-03-03 06:22:07 +00:00
BuildRequires: %{python_module bcrypt >= 4.0.1}
BuildRequires: %{python_module bleach >= 5.0.0}
- Update to 4.1.2: * default_reauthn_handler doesn't honor SECURITY_URL_PREFIX * Add public API and CLI command to change a user's password. * Add type hints. Please note that many of the packages that flask-security * Add first-class support for using username for signing in. * Possible open redirect vulnerability. * Improve cookie handling and default ``samesite`` to ``Strict``. * Email validation confusion - added documentation. * Add documentation on how to override specific error messages. * Don't install global-scope tests. * Add Blinker as explicit dependency, improve/fix celery usage docs, don't require pyqrcode unless authenticator configured, improve SMS configuration variables documentation. * Your UserModel must contain ``fs_uniquifier`` * Removal of python 2.7 and <3.6 support * Remove two-factor `/tf-confirm` endpoint and use generic `freshness` mechanism. * Remove ``SECURITY_BACKWARDS_COMPAT_AUTH_TOKEN_INVALID(ATE)``. In addition to not making sense - the documentation has never been correct. * Add 2FA Validity Window so an application can configure how often the second factor has to be entered. * Add HTML5 Email input types to email fields. - Refresh no-mongodb.patch - Drop patches: * no-setup-dependencies.patch * fix-dependencies.patch * 0001-Do-not-raise-a-TypeError-exception-if-phone.data-is-.patch - Add patch use-pyqrcodeng.patch: * Use pyqrcodeng rather than pyqrcode. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=14
2022-02-28 06:21:54 +00:00
BuildRequires: %{python_module blinker >= 1.4}
- Update to 3.4.0: * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication. * (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support. * (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code. * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required). * (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85) - Enable the testing - Add patch to not require mongodb during testing: * no-mongodb.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=3
2020-04-05 08:37:47 +00:00
BuildRequires: %{python_module cachetools >= 3.1.0}
- Update to 5.1.1: * Fix 2 Flask apps in same thread with USERNAME_ENABLE set. There was a too aggressive config check. * Fix json/flask backwards compatibility hack. * Fix unified signup when two-factor not enabled. (sebdroid) * Add dependency on setuptools (pkg_resources). (hroncok) * Option to encrypt recovery codes. * Support for authentication via 'social' oauth. * Support for Python 3.11 * Fixes for Flask-SQLAlchemy 3.0.0. (jrast) * Fixes for sqlalchemy 2.0.0 (jrast) * Webauthn and Unified signin features now properly take into account blueprint prefixes. * Properly propagate ?next=/xx - the verify, webauthn, and unified signin endpoints, that had multiple redirects, needed fixes. * Two factor redirects ignored url_prefix. Added a SECURITY_TWO_FACTOR_ERROR_VIEW configuration option. * Add configurations for static folder/URL and make sure templates reference blueprint relative static folder. * Send entire context to MailUtil::send_mail (patrickyan) * Support for Flask-Babel 3.0.0 * Add configuration option SECURITY_TWO_FACTOR_POST_SETUP_VIEW which is redirected to upon successful change of a two factor method. * The ability to pass in a LoginManager instance which was deprecated in 5.0 has been removed. - Drop patch support-Flask-SQLAlchemy-3.0.patch, now included upstream. - Refresh all other patches. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=27
2023-03-03 06:22:07 +00:00
BuildRequires: %{python_module cryptography >= 37.0.4}
- Upate to 5.0.2: * Role permissions backwards compatibility bug. * Fix Change Password regression. * Support for WebAuthn. * Support Two-factor recovery codes. * Provide option to prevent user enumeration (i.e. Generic Responses). * Support for Python 3.10. * Support for Flask >= 2.2. * Add custom HTML attributes to improve user experience. * Make the required zxcvbn complexity score configurable. * Get rid of Flask-Mail. Flask-Mailman is now the default preferred email package. * A delete option has been added to us-setup (form and view). * Improve username support - the LoginForm now has a separate field for username. * Fix test and other failures with newer Flask-Login/Werkzeug versions. * Fix test failures with newer Flask versions. - Drop patch endswith-assert.patch: * Included upstream. - Rebase patches no-mongodb.patch and use-pyqrcodeng.patch - Update {Build,}Requires versions. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=23
2022-09-30 06:53:24 +00:00
BuildRequires: %{python_module dateutil}
- Use email-validator, not email_validator package name. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=21
2022-09-08 06:45:39 +00:00
BuildRequires: %{python_module email-validator >= 1.1.1}
- Update to 3.4.0: * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication. * (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support. * (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code. * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required). * (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85) - Enable the testing - Add patch to not require mongodb during testing: * no-mongodb.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=3
2020-04-05 08:37:47 +00:00
BuildRequires: %{python_module itsdangerous >= 1.1.0}
Accepting request 959654 from home:apersaud:branches:devel:languages:python:flask update to latest version OBS-URL: https://build.opensuse.org/request/show/959654 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=15
2022-03-06 07:24:48 +00:00
BuildRequires: %{python_module passlib >= 1.7.2}
Accepting request 805559 from home:alarrosa:branches:devel:languages:python:flask - Decrease dependencies which aren't really required so we can build in SLE/Leap: * Werkzeug 0.15.5 requirement decreased to 0.14.1 * cryptography 2.3.1 requirement decreased to 2.1.4 * bcrypt 3.1.5 requirement decreased to 3.1.4 * peewee 3.11.2 requirement decreased to 3.7.1 * Remove python-pony requirement - Add patch that applies previous dependency changes: * fix-dependencies.patch OBS-URL: https://build.opensuse.org/request/show/805559 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=8
2020-05-14 10:21:18 +00:00
BuildRequires: %{python_module peewee >= 3.7.1}
- Upate to 5.0.2: * Role permissions backwards compatibility bug. * Fix Change Password regression. * Support for WebAuthn. * Support Two-factor recovery codes. * Provide option to prevent user enumeration (i.e. Generic Responses). * Support for Python 3.10. * Support for Flask >= 2.2. * Add custom HTML attributes to improve user experience. * Make the required zxcvbn complexity score configurable. * Get rid of Flask-Mail. Flask-Mailman is now the default preferred email package. * A delete option has been added to us-setup (form and view). * Improve username support - the LoginForm now has a separate field for username. * Fix test and other failures with newer Flask-Login/Werkzeug versions. * Fix test failures with newer Flask versions. - Drop patch endswith-assert.patch: * Included upstream. - Rebase patches no-mongodb.patch and use-pyqrcodeng.patch - Update {Build,}Requires versions. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=23
2022-09-30 06:53:24 +00:00
BuildRequires: %{python_module phonenumbers >= 8.12.18}
Accepting request 970479 from home:mcepl:branches:devel:languages:python:flask - Add endswith-assert.patch to overcome incompatibilities with WTForms >= 3.0.0 (gh#Flask-Middleware/flask-security#605). OBS-URL: https://build.opensuse.org/request/show/970479 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=19
2022-04-16 23:06:35 +00:00
BuildRequires: %{python_module pony}
Accepting request 959654 from home:apersaud:branches:devel:languages:python:flask update to latest version OBS-URL: https://build.opensuse.org/request/show/959654 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=15
2022-03-06 07:24:48 +00:00
BuildRequires: %{python_module pytest >= 6.2.5}
- Update to 3.4.0: * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication. * (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support. * (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code. * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required). * (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85) - Enable the testing - Add patch to not require mongodb during testing: * no-mongodb.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=3
2020-04-05 08:37:47 +00:00
BuildRequires: %{python_module setuptools}
BuildRequires: %{python_module zxcvbn >= 4.4.28}
Accepting request 788170 from home:alarrosa:branches:devel:languages:python:flask New package python-Flask-Security-Too OBS-URL: https://build.opensuse.org/request/show/788170 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=1
2020-03-25 12:00:22 +00:00
BuildRequires: fdupes
- Update to 3.4.0: * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a recent authentication. * (:issue:`99`, :issue:`195`) Support pluggable password validators. Provide a default validator that offers complexity and breached support. * (:issue:`266`) Provide interface to two-factor send_token so that applications can provide error mitigation. Defaults to returning errors if can't send the verification code. * (:pr:`247`) Updated all-inclusive data models (fsqlaV2). Add fields necessary for the new unified sign in feature and changed 'username' to be unique (but not required). * (:pr:`245`) Use fs_uniquifier as the default Flask-Login 'alternative token'. Basically this means that changing the fs_uniquifier will cause outstanding auth tokens, session and remember me cookies to be invalidated. So if an account gets compromised, an admin can easily stop access. Prior to this cookies were storing the 'id' which is the user's primary key - difficult to change! (kishi85) - Enable the testing - Add patch to not require mongodb during testing: * no-mongodb.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=3
2020-04-05 08:37:47 +00:00
BuildRequires: python-rpm-macros
Accepting request 959654 from home:apersaud:branches:devel:languages:python:flask update to latest version OBS-URL: https://build.opensuse.org/request/show/959654 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=15
2022-03-06 07:24:48 +00:00
Requires: python-Flask >= 1.1.1
- Upate to 5.0.2: * Role permissions backwards compatibility bug. * Fix Change Password regression. * Support for WebAuthn. * Support Two-factor recovery codes. * Provide option to prevent user enumeration (i.e. Generic Responses). * Support for Python 3.10. * Support for Flask >= 2.2. * Add custom HTML attributes to improve user experience. * Make the required zxcvbn complexity score configurable. * Get rid of Flask-Mail. Flask-Mailman is now the default preferred email package. * A delete option has been added to us-setup (form and view). * Improve username support - the LoginForm now has a separate field for username. * Fix test and other failures with newer Flask-Login/Werkzeug versions. * Fix test failures with newer Flask versions. - Drop patch endswith-assert.patch: * Included upstream. - Rebase patches no-mongodb.patch and use-pyqrcodeng.patch - Update {Build,}Requires versions. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=23
2022-09-30 06:53:24 +00:00
Requires: python-Flask-Babel >= 2.0.0
Accepting request 788170 from home:alarrosa:branches:devel:languages:python:flask New package python-Flask-Security-Too OBS-URL: https://build.opensuse.org/request/show/788170 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=1
2020-03-25 12:00:22 +00:00
Requires: python-Flask-Login >= 0.4.1
Requires: python-Flask-Principal >= 0.4.0
Accepting request 959654 from home:apersaud:branches:devel:languages:python:flask update to latest version OBS-URL: https://build.opensuse.org/request/show/959654 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=15
2022-03-06 07:24:48 +00:00
Requires: python-Flask-WTF >= 0.14.3
Accepting request 805559 from home:alarrosa:branches:devel:languages:python:flask - Decrease dependencies which aren't really required so we can build in SLE/Leap: * Werkzeug 0.15.5 requirement decreased to 0.14.1 * cryptography 2.3.1 requirement decreased to 2.1.4 * bcrypt 3.1.5 requirement decreased to 3.1.4 * peewee 3.11.2 requirement decreased to 3.7.1 * Remove python-pony requirement - Add patch that applies previous dependency changes: * fix-dependencies.patch OBS-URL: https://build.opensuse.org/request/show/805559 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=8
2020-05-14 10:21:18 +00:00
Requires: python-Werkzeug >= 0.14.1
- Update to 5.1.1: * Fix 2 Flask apps in same thread with USERNAME_ENABLE set. There was a too aggressive config check. * Fix json/flask backwards compatibility hack. * Fix unified signup when two-factor not enabled. (sebdroid) * Add dependency on setuptools (pkg_resources). (hroncok) * Option to encrypt recovery codes. * Support for authentication via 'social' oauth. * Support for Python 3.11 * Fixes for Flask-SQLAlchemy 3.0.0. (jrast) * Fixes for sqlalchemy 2.0.0 (jrast) * Webauthn and Unified signin features now properly take into account blueprint prefixes. * Properly propagate ?next=/xx - the verify, webauthn, and unified signin endpoints, that had multiple redirects, needed fixes. * Two factor redirects ignored url_prefix. Added a SECURITY_TWO_FACTOR_ERROR_VIEW configuration option. * Add configurations for static folder/URL and make sure templates reference blueprint relative static folder. * Send entire context to MailUtil::send_mail (patrickyan) * Support for Flask-Babel 3.0.0 * Add configuration option SECURITY_TWO_FACTOR_POST_SETUP_VIEW which is redirected to upon successful change of a two factor method. * The ability to pass in a LoginManager instance which was deprecated in 5.0 has been removed. - Drop patch support-Flask-SQLAlchemy-3.0.patch, now included upstream. - Refresh all other patches. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=27
2023-03-03 06:22:07 +00:00
Requires: python-bcrypt >= 4.0.1
Requires: python-bleach >= 5.0.0
- Update to 4.1.2: * default_reauthn_handler doesn't honor SECURITY_URL_PREFIX * Add public API and CLI command to change a user's password. * Add type hints. Please note that many of the packages that flask-security * Add first-class support for using username for signing in. * Possible open redirect vulnerability. * Improve cookie handling and default ``samesite`` to ``Strict``. * Email validation confusion - added documentation. * Add documentation on how to override specific error messages. * Don't install global-scope tests. * Add Blinker as explicit dependency, improve/fix celery usage docs, don't require pyqrcode unless authenticator configured, improve SMS configuration variables documentation. * Your UserModel must contain ``fs_uniquifier`` * Removal of python 2.7 and <3.6 support * Remove two-factor `/tf-confirm` endpoint and use generic `freshness` mechanism. * Remove ``SECURITY_BACKWARDS_COMPAT_AUTH_TOKEN_INVALID(ATE)``. In addition to not making sense - the documentation has never been correct. * Add 2FA Validity Window so an application can configure how often the second factor has to be entered. * Add HTML5 Email input types to email fields. - Refresh no-mongodb.patch - Drop patches: * no-setup-dependencies.patch * fix-dependencies.patch * 0001-Do-not-raise-a-TypeError-exception-if-phone.data-is-.patch - Add patch use-pyqrcodeng.patch: * Use pyqrcodeng rather than pyqrcode. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=14
2022-02-28 06:21:54 +00:00
Requires: python-blinker >= 1.4
- Update to 5.1.1: * Fix 2 Flask apps in same thread with USERNAME_ENABLE set. There was a too aggressive config check. * Fix json/flask backwards compatibility hack. * Fix unified signup when two-factor not enabled. (sebdroid) * Add dependency on setuptools (pkg_resources). (hroncok) * Option to encrypt recovery codes. * Support for authentication via 'social' oauth. * Support for Python 3.11 * Fixes for Flask-SQLAlchemy 3.0.0. (jrast) * Fixes for sqlalchemy 2.0.0 (jrast) * Webauthn and Unified signin features now properly take into account blueprint prefixes. * Properly propagate ?next=/xx - the verify, webauthn, and unified signin endpoints, that had multiple redirects, needed fixes. * Two factor redirects ignored url_prefix. Added a SECURITY_TWO_FACTOR_ERROR_VIEW configuration option. * Add configurations for static folder/URL and make sure templates reference blueprint relative static folder. * Send entire context to MailUtil::send_mail (patrickyan) * Support for Flask-Babel 3.0.0 * Add configuration option SECURITY_TWO_FACTOR_POST_SETUP_VIEW which is redirected to upon successful change of a two factor method. * The ability to pass in a LoginManager instance which was deprecated in 5.0 has been removed. - Drop patch support-Flask-SQLAlchemy-3.0.patch, now included upstream. - Refresh all other patches. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=27
2023-03-03 06:22:07 +00:00
Requires: python-cryptography >= 37.0.4
- Use email-validator, not email_validator package name. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=21
2022-09-08 06:45:39 +00:00
Requires: python-email-validator >= 1.1.1
Accepting request 788170 from home:alarrosa:branches:devel:languages:python:flask New package python-Flask-Security-Too OBS-URL: https://build.opensuse.org/request/show/788170 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=1
2020-03-25 12:00:22 +00:00
Requires: python-itsdangerous >= 1.1.0
Accepting request 959654 from home:apersaud:branches:devel:languages:python:flask update to latest version OBS-URL: https://build.opensuse.org/request/show/959654 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=15
2022-03-06 07:24:48 +00:00
Requires: python-passlib >= 1.7.2
Accepting request 801217 from home:alarrosa:branches:devel:languages:python:flask - Update to 3.4.2: * The flask-security repo was moved to a github organization Flask-Middleware. - Update to 3.4.1: * Fix a bunch of bugs in new unified sign in along with a couple other major issues. * (:issue:`298`) Alternative ID feature ran afoul of postgres/psycopg2 finickiness. * (:issue:`300`) JSON 401 responses had WWW-Authenticate Header attached - that caused browsers to pop up their own login/password form. Not what applications want. * (:issue:`280`) Allow admin/api to setup TFA (and unified sign in) out of band. Please see :meth:`.UserDatastore.tf_set`, :meth:`.UserDatastore.tf_reset`, :meth:`.UserDatastore.us_set`, :meth:`.UserDatastore.us_reset` and :meth:`.UserDatastore.reset_user_access`. * (:pr:`305`) We used form._errors which wasn't very pythonic, and it was removed in WTForms 2.3.0. * (:pr:`310`) WTForms 2.3.0 made email_validator optional, we need it. - Added Requires python-bcrypt and python-email_validator, Recommends python-PyQRCode, python-SQLAlchemy, python-zxcvbn and Suggests python-argon2_cffi and python-phonenumbers * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a OBS-URL: https://build.opensuse.org/request/show/801217 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=5
2020-05-07 17:13:58 +00:00
Recommends: python-PyQRCode >= 1.2
- Update to 5.1.1: * Fix 2 Flask apps in same thread with USERNAME_ENABLE set. There was a too aggressive config check. * Fix json/flask backwards compatibility hack. * Fix unified signup when two-factor not enabled. (sebdroid) * Add dependency on setuptools (pkg_resources). (hroncok) * Option to encrypt recovery codes. * Support for authentication via 'social' oauth. * Support for Python 3.11 * Fixes for Flask-SQLAlchemy 3.0.0. (jrast) * Fixes for sqlalchemy 2.0.0 (jrast) * Webauthn and Unified signin features now properly take into account blueprint prefixes. * Properly propagate ?next=/xx - the verify, webauthn, and unified signin endpoints, that had multiple redirects, needed fixes. * Two factor redirects ignored url_prefix. Added a SECURITY_TWO_FACTOR_ERROR_VIEW configuration option. * Add configurations for static folder/URL and make sure templates reference blueprint relative static folder. * Send entire context to MailUtil::send_mail (patrickyan) * Support for Flask-Babel 3.0.0 * Add configuration option SECURITY_TWO_FACTOR_POST_SETUP_VIEW which is redirected to upon successful change of a two factor method. * The ability to pass in a LoginManager instance which was deprecated in 5.0 has been removed. - Drop patch support-Flask-SQLAlchemy-3.0.patch, now included upstream. - Refresh all other patches. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=27
2023-03-03 06:22:07 +00:00
Recommends: python-SQLAlchemy >= 1.4.35
Accepting request 801217 from home:alarrosa:branches:devel:languages:python:flask - Update to 3.4.2: * The flask-security repo was moved to a github organization Flask-Middleware. - Update to 3.4.1: * Fix a bunch of bugs in new unified sign in along with a couple other major issues. * (:issue:`298`) Alternative ID feature ran afoul of postgres/psycopg2 finickiness. * (:issue:`300`) JSON 401 responses had WWW-Authenticate Header attached - that caused browsers to pop up their own login/password form. Not what applications want. * (:issue:`280`) Allow admin/api to setup TFA (and unified sign in) out of band. Please see :meth:`.UserDatastore.tf_set`, :meth:`.UserDatastore.tf_reset`, :meth:`.UserDatastore.us_set`, :meth:`.UserDatastore.us_reset` and :meth:`.UserDatastore.reset_user_access`. * (:pr:`305`) We used form._errors which wasn't very pythonic, and it was removed in WTForms 2.3.0. * (:pr:`310`) WTForms 2.3.0 made email_validator optional, we need it. - Added Requires python-bcrypt and python-email_validator, Recommends python-PyQRCode, python-SQLAlchemy, python-zxcvbn and Suggests python-argon2_cffi and python-phonenumbers * (:pr:`257`) Support a unified sign in feature. Please see :ref:`unified-sign-in`. * (:pr:`265`) Add phone number validation class. This is used in both unified sign in as well as two-factor when using sms. * (:pr:`274`) Add support for 'freshness' of caller's authentication. This permits endpoints to be additionally protected by ensuring a OBS-URL: https://build.opensuse.org/request/show/801217 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=5
2020-05-07 17:13:58 +00:00
Recommends: python-zxcvbn >= 4.4.28
Suggests: python-argon2_cffi >= 19.1.0
- Upate to 5.0.2: * Role permissions backwards compatibility bug. * Fix Change Password regression. * Support for WebAuthn. * Support Two-factor recovery codes. * Provide option to prevent user enumeration (i.e. Generic Responses). * Support for Python 3.10. * Support for Flask >= 2.2. * Add custom HTML attributes to improve user experience. * Make the required zxcvbn complexity score configurable. * Get rid of Flask-Mail. Flask-Mailman is now the default preferred email package. * A delete option has been added to us-setup (form and view). * Improve username support - the LoginForm now has a separate field for username. * Fix test and other failures with newer Flask-Login/Werkzeug versions. * Fix test failures with newer Flask versions. - Drop patch endswith-assert.patch: * Included upstream. - Rebase patches no-mongodb.patch and use-pyqrcodeng.patch - Update {Build,}Requires versions. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=23
2022-09-30 06:53:24 +00:00
Suggests: python-phonenumbers >= 8.12.18
Accepting request 788170 from home:alarrosa:branches:devel:languages:python:flask New package python-Flask-Security-Too OBS-URL: https://build.opensuse.org/request/show/788170 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=1
2020-03-25 12:00:22 +00:00
Conflicts: python-Flask-Security < 3.2.0
Obsoletes: python-Flask-Security < 3.2.0
Provides: python-Flask-Security = %{version}
BuildArch: noarch
%python_subpackages
%description
Flask-Security-Too is a Python module to add security features to a Flask
application. This is a independently maintained version of Flask-Security
based on the 3.0.0 version of the original.
%prep
- Update to 4.1.2: * default_reauthn_handler doesn't honor SECURITY_URL_PREFIX * Add public API and CLI command to change a user's password. * Add type hints. Please note that many of the packages that flask-security * Add first-class support for using username for signing in. * Possible open redirect vulnerability. * Improve cookie handling and default ``samesite`` to ``Strict``. * Email validation confusion - added documentation. * Add documentation on how to override specific error messages. * Don't install global-scope tests. * Add Blinker as explicit dependency, improve/fix celery usage docs, don't require pyqrcode unless authenticator configured, improve SMS configuration variables documentation. * Your UserModel must contain ``fs_uniquifier`` * Removal of python 2.7 and <3.6 support * Remove two-factor `/tf-confirm` endpoint and use generic `freshness` mechanism. * Remove ``SECURITY_BACKWARDS_COMPAT_AUTH_TOKEN_INVALID(ATE)``. In addition to not making sense - the documentation has never been correct. * Add 2FA Validity Window so an application can configure how often the second factor has to be entered. * Add HTML5 Email input types to email fields. - Refresh no-mongodb.patch - Drop patches: * no-setup-dependencies.patch * fix-dependencies.patch * 0001-Do-not-raise-a-TypeError-exception-if-phone.data-is-.patch - Add patch use-pyqrcodeng.patch: * Use pyqrcodeng rather than pyqrcode. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=14
2022-02-28 06:21:54 +00:00
%autosetup -p1 -n Flask-Security-Too-%{version}
Accepting request 788170 from home:alarrosa:branches:devel:languages:python:flask New package python-Flask-Security-Too OBS-URL: https://build.opensuse.org/request/show/788170 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=1
2020-03-25 12:00:22 +00:00
Accepting request 805559 from home:alarrosa:branches:devel:languages:python:flask - Decrease dependencies which aren't really required so we can build in SLE/Leap: * Werkzeug 0.15.5 requirement decreased to 0.14.1 * cryptography 2.3.1 requirement decreased to 2.1.4 * bcrypt 3.1.5 requirement decreased to 3.1.4 * peewee 3.11.2 requirement decreased to 3.7.1 * Remove python-pony requirement - Add patch that applies previous dependency changes: * fix-dependencies.patch OBS-URL: https://build.opensuse.org/request/show/805559 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=8
2020-05-14 10:21:18 +00:00
%if 0%{?suse_version} <= 1500
# test_trackable.py needs werkzeug.middleware.proxy_fix which is only available
# in newer werkzeug versions
rm tests/test_trackable.py
%endif
Accepting request 788170 from home:alarrosa:branches:devel:languages:python:flask New package python-Flask-Security-Too OBS-URL: https://build.opensuse.org/request/show/788170 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=1
2020-03-25 12:00:22 +00:00
%build
%python_build
%install
%python_install
%python_expand %fdupes %{buildroot}%{$python_sitelib}
%check
Accepting request 970479 from home:mcepl:branches:devel:languages:python:flask - Add endswith-assert.patch to overcome incompatibilities with WTForms >= 3.0.0 (gh#Flask-Middleware/flask-security#605). OBS-URL: https://build.opensuse.org/request/show/970479 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=19
2022-04-16 23:06:35 +00:00
# gh#Flask-Middleware/flask-security#605 for test_two_factor_flag
%pytest -k 'not test_two_factor_flag'
Accepting request 788170 from home:alarrosa:branches:devel:languages:python:flask New package python-Flask-Security-Too OBS-URL: https://build.opensuse.org/request/show/788170 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask-Security-Too?expand=0&rev=1
2020-03-25 12:00:22 +00:00
%files %{python_files}
%doc AUTHORS CHANGES.rst README.rst
%license LICENSE
%{python_sitelib}/flask_security
%{python_sitelib}/Flask_Security_Too-%{version}-py%{python_version}.egg-info
%changelog
Reference in New Issue Copy Permalink