- Update to 1.6.5 (fixes CVE-2025-61920, bsc#1251921)
* RFC7591 generate_client_info and generate_client_secret take a request
parameter.
* Add size limitation when decode JWS/JWE to prevent DoS.
* Add size limitation for DEF JWE zip algorithm.
- Update to 1.6.4
* fix(jose): prevent public/unprotected header overwriting protected header
by @lepture in #809
* Fix InsecureTransportError raising by @azmeuk in #810
* Add conventional-commits pre-commit hook by @azmeuk in #811
* Fix response_mode=form_post with Starlette client by @azmeuk in #812
* Specify README.md as project long description by @EpicWink in #817
* Migrate tests to pytest paradigm by @azmeuk in #813
* jose/jws: Reject unprotected ‘crit’ and enforce type; add tests
by @AL-Cybision in #823
* Use explicit *.test urls in unit tests by @azmeuk in #824
- Update to 1.6.3
* Add diff-cover check in GHA by @azmeuk in #803
* Run GHA unit tests with uv by @azmeuk in #805
* Move from pre-commit to prek by @azmeuk in #804
* Sign OIDC id_token according to id_token_signed_response_alg client
metadata by @azmeuk in #802
- Update to 1.6.2
* Allow insecure transport for 127.0.0.1 for debugging
by @geigerzaehler in #788
* Raise a MissingCodeError when code parameter is missing by @lepture in #786
* Temporarily restore OAuth2Request body parameter by @azmeuk in #791
* Raise MissingCodeException when code parameter is missing
by @lepture in #794
* Fix id_token generation with EdDSA alg by @azmeuk in #800
- Update test requirements (forwarded request 1311035 from nkrapp)
OBS-URL: https://build.opensuse.org/request/show/1311065
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Authlib?expand=0&rev=26
* RFC7591 generate_client_info and generate_client_secret take a request
parameter.
* Add size limitation when decode JWS/JWE to prevent DoS.
* Add size limitation for DEF JWE zip algorithm.
- Update to 1.6.4
* fix(jose): prevent public/unprotected header overwriting protected header
by @lepture in #809
* Fix InsecureTransportError raising by @azmeuk in #810
* Add conventional-commits pre-commit hook by @azmeuk in #811
* Fix response_mode=form_post with Starlette client by @azmeuk in #812
* Specify README.md as project long description by @EpicWink in #817
* Migrate tests to pytest paradigm by @azmeuk in #813
* jose/jws: Reject unprotected ‘crit’ and enforce type; add tests
by @AL-Cybision in #823
* Use explicit *.test urls in unit tests by @azmeuk in #824
- Update to 1.6.3
* Add diff-cover check in GHA by @azmeuk in #803
* Run GHA unit tests with uv by @azmeuk in #805
* Move from pre-commit to prek by @azmeuk in #804
* Sign OIDC id_token according to id_token_signed_response_alg client
metadata by @azmeuk in #802
- Update to 1.6.2
* Allow insecure transport for 127.0.0.1 for debugging
by @geigerzaehler in #788
* Raise a MissingCodeError when code parameter is missing by @lepture in #786
* Temporarily restore OAuth2Request body parameter by @azmeuk in #791
* Raise MissingCodeException when code parameter is missing
by @lepture in #794
* Fix id_token generation with EdDSA alg by @azmeuk in #800
- Update test requirements
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=54
Forwarded request #1282104 from glaubitz
- Update to 1.6.2
* Fix issue when RFC9207 is enabled and the authorization endpoint
response is not a redirection. pull request #733
* Fix missing state parameter in authorization error responses.
issue #525
* Support for acr and amr claims in id_token. issue #734
* Support for the none JWS algorithm.
* Fix response_types strict order during dynamic client
registration. issue #760
* Implement RFC9101 The OAuth 2.0 Authorization Framework:
JWT-Secured Authorization Request (JAR). issue #723
* OIDC UserInfo endpoint support. issue #459
- Drop 767-skip-xc20p-tests.patch, merged upstream
OBS-URL: https://build.opensuse.org/request/show/1282354
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Authlib?expand=0&rev=24
* Fix issue when RFC9207 is enabled and the authorization endpoint
response is not a redirection. pull request #733
* Fix missing state parameter in authorization error responses.
issue #525
* Support for acr and amr claims in id_token. issue #734
* Support for the none JWS algorithm.
* Fix response_types strict order during dynamic client
registration. issue #760
* Implement RFC9101 The OAuth 2.0 Authorization Framework:
JWT-Secured Authorization Request (JAR). issue #723
* OIDC UserInfo endpoint support. issue #459
- Drop 767-skip-xc20p-tests.patch, merged upstream
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=50
* Fix id_token decoding when kid is null. :pr:`659`
* Support for Python 3.13. :pr:`682`
* Force login if the prompt parameter value is login. :pr:`637`
* Support for httpx 0.28, :pr:`695`
* Breaking changes:
- Stop support for Python 3.8. :pr:`682`
- Drop py313-tests.patch, because now in upstream.
- Drop httpx028.patch, because now in upstream.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=36
- update to 1.3.0:
* Restore AuthorizationServer.create_authorization_response
behavior, via :PR:`558`
* Include leeway in validate_iat() for JWT, via :PR:`565`
* Fix encode_client_secret_basic, via :PR:`594`
* Use single key in JWK if JWS does not specify kid, via
:PR:`596`
* Fix error when RFC9068 JWS has no scope field, via :PR:`598`
* Get werkzeug version using importlib, via :PR:`591`
* New features:
* RFC9068 implementation, via :PR:`586`, by @azmeuk.
* Breaking changes:
* End support for python 3.7
- Update to version 1.2.0
* Fix Starlette OAuth client for cache store, via PR#478.
- Remove unneeded BuildRequires on mock.
OBS-URL: https://build.opensuse.org/request/show/1137639
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Authlib?expand=0&rev=12
* Restore AuthorizationServer.create_authorization_response
behavior, via :PR:`558`
* Include leeway in validate_iat() for JWT, via :PR:`565`
* Fix encode_client_secret_basic, via :PR:`594`
* Use single key in JWK if JWS does not specify kid, via
:PR:`596`
* Fix error when RFC9068 JWS has no scope field, via :PR:`598`
* Get werkzeug version using importlib, via :PR:`591`
* New features:
* RFC9068 implementation, via :PR:`586`, by @azmeuk.
* Breaking changes:
* End support for python 3.7
- Update to version 1.2.0
* Fix Starlette OAuth client for cache store, via PR#478.
- Remove unneeded BuildRequires on mock.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=23
* Apply headers in ``ClientSecretJWT.sign`` method
* Allow falsy but non-None grant uri params
* Fixed ``authorize_redirect`` for Starlette v0.26.0
* Removed ``has_client_secret`` method and documentation
* Removed ``request_invalid`` and ``token_revoked`` remaining
occurences and documentation.
* Fixed RFC7591 ``grant_types`` and ``response_types`` default
values
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Authlib?expand=0&rev=21
