------------------------------------------------------------------- Wed Jul 2 02:36:22 UTC 2025 - Steve Kowalik - Switch to pyproject macros. - Update {Build,}Requires to reflect current requirements. ------------------------------------------------------------------- Tue May 14 07:17:29 UTC 2024 - Markéta Machová - Update to 1.7.0 * Fix test for new requests version by @tpazderka in #841 * Fix typing for Cryptodomex by @tpazderka in #843 * Don't throw exception for token error response. by @zamzterz in #844 * Fix links after repo move by @tpazderka in #846 * Pass timeout to all requests by @tpazderka in #848 * Improve settings by using pydantic by @tpazderka in #847 * Correct OpenID Connect Core specification URL in doc by @hlin in #850 * Add authn_method to Consumer.complete() by @stinovlas in #852 * Use session_state to backup consumer state if available by @gbip in #854 * Repair some oauth_examples and get rid of the outdated jquery file by @schlenk in #857 * Pin autodoc_pydantic to >=2.0.0 by @schlenk in #863 * Remove Python 3.7 by @schlenk in #870 * Fix logging without format string by @schlenk in #871 * Bump jinja2 from 2.11.3 to 3.1.3 in /oidc_example/simple_op by @dependabot in #865 * OSSF Scorecard & Badge by @schlenk in #874 * Update scorecard.yml by @schlenk in #875 - Drop fix-scheme-message.patch ------------------------------------------------------------------- Mon Feb 6 08:42:48 UTC 2023 - Daniel Garcia - Update patch fix-scheme-message.patch with upstream change gh#OpenIDC/pyoidc@6fa769a59b8b - Update to 1.5.0: * Try to fix the generic response parsing and handling by @schlenk in #817 * Remove travis config by @schlenk in #819 * Remove Client.grant_from_state() by @schlenk in #820 * move beaker to an optional/extras requirement under 'examples' by @biyeun in #823 * Added support for python 3.11 by @tpazderka in #828 * Fixed RP-Initiated Logout To Accept id_token_hint by @infohash in #829 * fix for some provider return birthdate:null in userInfo by @pkking in #831 * Fix mypy errors with no_implicit_optional=True by @schlenk in #832 * Schedule daily CI run by @tpazderka in #833 * Simplified Http Request by @infohash in #836 * Fix tox config for v4 by @tpazderka in #837 - Update to 1.4.0: * Toolfix by @schlenk in #802 * docs: Fix a few typos by @timgates42 in #794 * Drop python 3.6 by @tpazderka in #810 * Moved from pyldap to python-ldap by @infohash in #814 ------------------------------------------------------------------- Wed Feb 23 05:49:15 UTC 2022 - Steve Kowalik - Update to 1.3.0: * Drop python 3.5 support * Support for dict in Client.parse_response formats * Better error message for providers which return HTTP Error 405 on userinfo * Add settings class to handle settings related to Client and Server - Add patch fix-scheme-message.patch ------------------------------------------------------------------- Fri Apr 30 18:17:14 UTC 2021 - Ben Greiner - Update to 1.2.1 * Fixed several client vulnerabilities (CVE-2020-26244) ------------------------------------------------------------------- Tue Feb 2 13:21:27 UTC 2021 - Dirk Müller - use update-alternatives for multi-python3-flavor build ------------------------------------------------------------------- Thu Mar 26 13:34:44 UTC 2020 - pgajdos@suse.com - version update to 1.2.0 ## 1.2.0 [2020-02-05] ### Fixed - [#727] OAuth client request using Client Credentials grant ### Added - [#719] Add support for JWT registration tokens - [#728] OAuth client request using Extension grant - [#731] Session cookie need to be visible to OP IFrame. ## 1.1.2 [2019-11-23] ### Fixed - [#711] Deal with no post_logout_redirect_uri - [#712] Set Content-Type on BackChannel logout POST. - [#717] Missing OP logout metadata. ## 1.1.1 [2019-11-04] ### Fixed - [#708] Wants the original non-parsed JWT and not an IDToken instance. ## 1.1.0 [2019-10-25] ### Changed - [#688] Second stage of adding logout support. - [#700] Third stage of adding logout support, provider side ### Fixed - [#602] Fixed uncaught error on unpacking of message - [#679] Make `state` optional in `EndSessionRequest` - [#683] Fix basic_auth with client password - [#698] `state` in `EndSessionRequest` request args and kwargs different ### Removed - [#671] Removed deprecated request/response_cls kwargs from Provider/Client methods - [#677] Removed more deprecated code ------------------------------------------------------------------- Tue Jul 30 10:23:47 UTC 2019 - pgajdos@suse.com - version update to 1.0.1 ### Fixed - [#341] Using constant time comparison for password verification - [#598] Move alabaster from runtime dependencies to docs - [#398] Do not echo cookies that do not belong to us - [#607] Fixed key recovery on encryption of payload - [#618] Prettified `client_management.py` CLI and wrapped it as a setup.py console script `oic-client-management` - [#615] Fix ROPC grant in the extensions provider - [#640] Use more secure random generator for client_secret - [#639] Make sure symmetric keys are available after server restart - [#146] Make SessionDB storage conductive with multi-session ### Changed - [#578] Dropped python 2.7 support - [#612] Dropped python 3.4 support - [#588] Switch to defusedxml for XML parsing - [#605] Message.c_param dictionary values have to be a ParamDefinition namedtuple type - [#56] Updated README, CLI help texts, pip requirements.txt and such for OP2, making it into a stand-alone example easy for beginners to take on - [#624] token_endpoint implementation and kwargs have been changed - [#629] Duplicated methods in oic.oic classes were removed. - [#642] Deprecated `bearer_auth` method. - [#631] Refactored message type handling in Client/Provider. - [#644] refresh_db kwarg in SessionDB has been deprecated ### Added - [#655] Host can be forced on webfinger discovery - [#441] CookieDealer now accepts secure and httponly params - [#638] Moved `providerinfo_endpoint` from `oic.extensions` to `oic.oauth2` - [#664] Messages needed for Single-Sign-Out Support * python3 only package ------------------------------------------------------------------- Thu Apr 18 14:36:12 UTC 2019 - Jan Engelhardt - Make it so the description has proper SVO sentences. ------------------------------------------------------------------- Thu Apr 11 11:09:31 UTC 2019 - John Vandenberg - Activate test suite, using GitHub archive for the tests - Add missing runtime dependencies - Use fdupes and fix hashbangs - Add %license - Remove build dependency on devel ------------------------------------------------------------------- Fri Apr 5 15:53:48 UTC 2019 - Michael Ströder - updated project URL - update to 0.15.1 (way too many changes to be listed here) ------------------------------------------------------------------- Fri Jul 21 19:38:37 UTC 2017 - michael@stroeder.com - initial package of upstream release 0.12.0 (Python Singlespec)