factory
- update to 5.0.2:
* LINE backend now validates callback state before exchanging
authorization codes, preventing login CSRF.
* Shopify backend now sends and validates OAuth state,
preventing login CSRF.
* Updated the Google OAuth documentation link.
* Externally resumable partial request links now require
confirmation even in the browser session that created the
partial, preventing validation links from being consumed by a
plain GET.
* LoginRadius backend now validates callback state to prevent
login CSRF.
* Odnoklassniki app backend now ignores untrusted callback API
hosts and validates returned user details.
* Partial pipeline resume now requires session ownership or
explicit external resume confirmation to prevent login CSRF.
* SAML responses are now validated against the original
AuthnRequest when possible.
* Twilio backend now preserves HTTPS callback URLs and
validates callback state to prevent login CSRF.
* Auth0 OpenID Connect configuration now uses the correct base
URLs.
* Authentication now handles invalid email addresses without
crashing.
* Vend OAuth user IDs are now scoped by shop.
* VK app authentication now requires an auth key.
OBS-URL: https://build.opensuse.org/request/show/1362191
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-social-auth-core?expand=0&rev=33
Description
No description provided
Languages
RPM Spec
100%