Skip to content

Releases: Colin-b/httpx_auth

0.23.1 (2025-01-07)

07 Jan 18:48
3693b11
Compare
Choose a tag to compare

Fixed

  • Test suite should now run even if port 5000 is used by another process. Thanks to commonism.

0.23.0 (2025-01-07)

07 Jan 11:41
f4c70b2
Compare
Choose a tag to compare

Fixed

  • Bearer tokens with nested JSON string are now properly handled. Thanks to Patrick Rodrigues.
  • Client credentials auth instances will now use credentials (client_id and client_secret) as well to distinguish tokens. This was an issue when the only parameters changing were the credentials.

Changed

  • Requires httpx==0.28.*
  • Exceptions issued by httpx_auth are now inheriting from httpx_auth.HttpxAuthException, itself inheriting from httpx.HTTPError, instead of Exception.

Added

  • Explicit support for python 3.13.

0.22.0 (2024-03-02)

02 Mar 12:10
aec4e38
Compare
Choose a tag to compare

Changed

  • Requires httpx==0.27.*
  • httpx_auth.JsonTokenFileCache and httpx_auth.TokenMemoryCache get_token method does not handle kwargs anymore, the on_missing_token callable does not expect any arguments anymore.

0.21.0 (2024-02-19)

18 Feb 23:40
22ff327
Compare
Choose a tag to compare

Added

  • Publicly expose httpx_auth.SupportMultiAuth, allowing multiple authentication support for every httpx authentication class that exists.
  • Publicly expose httpx_auth.TokenMemoryCache, allowing to create custom Oauth2 token cache based on this default implementation.
  • You can now provide your own HTML success (success_html) and failure (failure_html) display via the new OAuth2.display shared setting. Refer to documentation for more details.
  • Support for refresh tokens in the Resource Owner Password Credentials flow.
  • Support for refresh tokens in the Authorization code (with and without PKCE) flow.
  • Thanks to the new redirect_uri_domain parameter on Authorization code (with and without PKCE) and Implicit flows, you can now provide the FQDN to use in the redirect_uri when localhost (the default) is not allowed.

Changed

  • Except for httpx_auth.testing, only direct access via httpx_auth. was considered publicly exposed. This is now explicit, as inner packages are now using private prefix (_).
    If you were relying on some classes or functions that are now internal, feel free to open an issue.
  • Browser display settings have been moved to a shared setting, see documentation for more information on httpx_auth.OAuth2.display.
    The failure page will be displayed for 10 seconds by default instead of 5 seconds previously.
    As a result the following classes no longer expose success_display_time and failure_display_time parameters.
    • httpx_auth.OAuth2AuthorizationCode.
    • httpx_auth.OktaAuthorizationCode.
    • httpx_auth.WakaTimeAuthorizationCode.
    • httpx_auth.OAuth2AuthorizationCodePKCE.
    • httpx_auth.OktaAuthorizationCodePKCE.
    • httpx_auth.OAuth2Implicit.
    • httpx_auth.AzureActiveDirectoryImplicit.
    • httpx_auth.AzureActiveDirectoryImplicitIdToken.
    • httpx_auth.OktaImplicit.
    • httpx_auth.OktaImplicitIdToken.
  • The authentication success and failure displayed in the browser were revamped to be more user-friendly. httpx_auth.testing was modified to accommodate this change:
    • tab.assert_success expected_message parameter was removed.
    • tab.assert_failure expected_message parameter should not be prefixed with Unable to properly perform authentication: anymore and \n in the message should be replaced with <br>.
  • httpx_auth.JsonTokenFileCache does not expose tokens_path or last_save_time attributes anymore and is also allowing pathlib.Path instances as cache location.
  • httpx_auth.TokenMemoryCache does not expose forbid_concurrent_cache_access or forbid_concurrent_missing_token_function_call attributes anymore.
  • httpx_auth.JsonTokenFileCache and httpx_auth.TokenMemoryCache get_token method now handles a new optional parameter named on_expired_token.

Fixed

  • httpx_auth.OktaClientCredentials scope parameter is now mandatory and does not default to openid anymore.
  • httpx_auth.OktaClientCredentials will now display a more user-friendly error message in case Okta instance is not provided.
  • Tokens cache DEBUG logs will not display tokens anymore.

0.20.0 (2024-02-12)

12 Feb 00:30
0704228
Compare
Choose a tag to compare

Fixed

  • Remove deprecation warnings due to usage of utcnow and utcfromtimestamp. Thanks to Raphael Krupinski.
  • httpx_auth.AWS4Auth.default_include_headers value kept growing in size every time a new httpx_auth.AWS4Auth instance was created with security_token parameter provided. Thanks to Miikka Koskinen.
  • httpx_auth.AWS4Auth is now based almost entirely on AWS documentation, diverging from the original implementation based on requests-aws4auth and solving implementation issues in the process.
    • As the AWS documentation might be wrong or not exhaustive enough, feel free to open issues, should you encounter edge cases.

Changed

  • httpx_auth.AWS4Auth.default_include_headers is not available anymore, use httpx_auth.AWS4Auth include_headers parameter instead to include additional headers if the default does not fit your need (refer to documentation for an exhaustive list).
  • httpx_auth.AWS4Auth include_headers values will not be stripped anymore, meaning that you can now include headers prefixed and/or suffixed with blank spaces.
  • httpx_auth.AWS4Auth does not includes date header by default anymore. You will have to provide it via include_headers yourself if you need to.
    • Note that it should not be required as httpx_auth.AWS4Auth is sending x-amz-date by default and AWS documentation states that the request date can be specified by using either the HTTP Date or the x-amz-date header. If both headers are present, x-amz-date takes precedence.
  • httpx_auth.AWS4Auth include_headers does not needs to include host, content-type or x-amz-* anymore as those headers will always be included. It is now expected to be provided as a list of additional headers.
  • httpx_auth.AWS4Auth will not modify the headers values spaces when computing the canonical headers, only trim leading and trailing whitespaces as per AWS documentation.

0.19.0 (2024-01-09)

09 Jan 10:39
5def556
Compare
Choose a tag to compare

Added

  • Explicit support for Python 3.12

Changed

  • Requires httpx==0.26.*
    • Note that this changes the signature sent via AWS auth for URLs containing %. Feel free to open an issue if this is one.

0.18.0 (2023-09-11)

11 Sep 18:54
be26e3e
Compare
Choose a tag to compare

Changed

Removed

  • Python 3.8 is no longer supported.

0.17.0 (2023-04-26)

26 Apr 16:15
53e063c
Compare
Choose a tag to compare

Changed

  • httpx_auth.OAuth2ResourceOwnerPasswordCredentials does not send basic authentication by default.

Added

  • client_auth as a parameter of httpx_auth.OAuth2ResourceOwnerPasswordCredentials. Allowing to provide any kind of optional authentication.
  • httpx_auth.OktaResourceOwnerPasswordCredentials providing Okta resource owner password credentials flow easy setup.

0.16.0 (2023-04-25)

25 Apr 13:30
e1fa635
Compare
Choose a tag to compare

Changed

Fixed

  • Handle text/html; charset=utf-8 content-type in token responses. Thanks to Marcelo Trylesinski.

Added

  • httpx_auth.WakaTimeAuthorizationCode handling access to the WakaTime API.

Removed

  • Python 3.7 is no longer supported.

0.15.0 (2022-06-01)

01 Jun 09:34
531ef81
Compare
Choose a tag to compare

Changed