Releases: ByteInternet/drf-oidc-auth
Dropped python3.4 support, added AuthenticationTestCaseMixin and configurable user endpoint
Dropped python3.4 support since it is end of life and tests failed for it
Add a AuthenticationTestCaseMixin which allows you to better integration test authentication/tokens in your tests. See the README for more information.
Add configurable user endpoint for cases where you can't find the user endpoint with the OpenID connect metadata endpoint. Will still show an error if the provided endpoint could not be found (and not metadata endpoint).
Replace jwkest with authlib
Replace the deprecated jwkest library with the maintained authlib library. Note that this is not backwards compatible, but this might not be immediately obvious. You have to adjust your settings, i.e. OIDC_AUDIENCES is deprecated and replaced by:
'OIDC_CLAIMS_OPTIONS': {
'aud': {
'values': ['my_audience'],
'essential': True,
}
}
Please note the addition of essential: True in this dict. If you leave this out it will mean that any audience will have access to your API. This is probably not what you want, so please make sure you add this to your settings if you're coming from a previous version.
Also note that cryptography needs to be a least version 2.6 to work with the new authlib library.
0.10.0: Merge pull request #33 from alexsdutton/django-cache
Use the built-in Django cache instead of a bespoke one
