Skip to content

Latest commit

 

History

History
executable file
·
139 lines (108 loc) · 5.56 KB

CHANGELOG.md

File metadata and controls

executable file
·
139 lines (108 loc) · 5.56 KB

Change Log

All notable changes to this project will be documented in this file.

The format is based on the KeepAChangeLog project.

0.13.0 [Unreleased]

Fixed

  • #430 Skip keys that are of unknown type or under defined.
  • #430 Audience of a client assertion is endpoint dependent.
  • #427 Made matching for response_types order independent for authorization requests
  • #399 Matching response_types for authz requests is too strict

0.12.0 [2017-09-25]

Fixed

  • #419: Inconsistent release numbers/tags
  • #420: Distributed claims

0.11.1.0 [2017-08-26]

Fixed

  • #405: Fix generation of endpoint urls
  • #411: Empty lists not indexable
  • #413: Fix error when wrong response_mode requested
  • #418: Made phone_number_claim be boolean and fixed a bug when importing JSON (non-boolean where boolean expected)

0.11.0.0 [2017-07-07]

Changed

  • #318: oic.utils.authn.saml raises ImportError on import if optional saml2 dependency is not present.
  • #324: Make the Provider symkey argument optional.
  • #325: oic.oic.claims_match implementation refactored.
  • #368: oic.oauth2.Client.construct_AccessTokenRequest() as well as oic.oic.Client are now able to perform proper Resource Owner Password Credentials Grant
  • #374: Made the to_jwe/from_jwe methods of Message accept list of keys value of parameter keys.
  • #387: Refactored the oic.utils.sdb.SessionDB constructor API.
  • #380: Made cookie_path and cookie_domain configurable via Provider like the cookie_name.
  • #386: An exception will now be thrown if a sub claim received from the userinfo endpoint is not the same as a sub claim previously received in an ID Token.
  • #392: Made sid creation simpler and faster

Fixed

  • #317: Resolved an AttibuteError exception under Python 2.
  • #313: Catch exception correctly
  • #319: Fix sanitize on strings starting with "B" or "U"
  • #330: Fix client_management user input being eval'd under Python 2
  • #358: Fixed claims_match
  • #362: Fix bad package settings URL
  • #369: The AuthnEvent object is now serialized to JSON for the session.
  • #373: Made the standard way the default when dealing with signed JWTs without 'kid'. Added the possibility to override this behavior if necessary.
  • #401: Fixed message decoding and verifying errors.

Security

  • #349: Changed crypto algorithm used by oic.utils.sdb.Crypt for token encryption to Fernet. Old stored tokens are incompatible.
  • #363: Fixed IV reuse for CookieDealer class. Replaced the encrypt-then-mac construction with a proper AEAD (AES-SIV).

0.10.0.0 [2017-03-28]

Changed

  • #291: Testing more relevant Python versions.
  • #296: parse_qs import from future.backports to future.moves.
  • #188: Added future dependency, updated dependecies
  • #305: Some import were removed from oic.oauth2 and oic.oic.provider, please import them from respective modules (oic.oath2.message and oic.exception).

Removed

  • #294: Generating code indices in documentation.

Fixed

  • #295: Access token issuance and typo/exception handling.

0.9.5.0 [2017-03-22]

Added

  • #276: Use a Change log for change history.
  • #277: Use pip-tools for dependency management.

Removed

Changed

  • #273: Allow webfinger accept kwargs.

Fixed

  • #286: Account for missing code in the SessionDB.

0.9.4.0 [2016-12-22]

No change log folks. Sorry.