You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Added
Publicly expose httpx_auth.SupportMultiAuth, allowing multiple authentication support for every httpx authentication class that exists.
Publicly expose httpx_auth.TokenMemoryCache, allowing to create custom Oauth2 token cache based on this default implementation.
You can now provide your own HTML success (success_html) and failure (failure_html) display via the new OAuth2.display shared setting. Refer to documentation for more details.
Support for refresh tokens in the Resource Owner Password Credentials flow.
Support for refresh tokens in the Authorization code (with and without PKCE) flow.
Thanks to the new redirect_uri_domain parameter on Authorization code (with and without PKCE) and Implicit flows, you can now provide the FQDN to use in the redirect_uri when localhost (the default) is not allowed.
Changed
Except for httpx_auth.testing, only direct access via httpx_auth. was considered publicly exposed. This is now explicit, as inner packages are now using private prefix (_).
If you were relying on some classes or functions that are now internal, feel free to open an issue.
Browser display settings have been moved to a shared setting, see documentation for more information on httpx_auth.OAuth2.display.
The failure page will be displayed for 10 seconds by default instead of 5 seconds previously.
As a result the following classes no longer expose success_display_time and failure_display_time parameters.
httpx_auth.OAuth2AuthorizationCode.
httpx_auth.OktaAuthorizationCode.
httpx_auth.WakaTimeAuthorizationCode.
httpx_auth.OAuth2AuthorizationCodePKCE.
httpx_auth.OktaAuthorizationCodePKCE.
httpx_auth.OAuth2Implicit.
httpx_auth.AzureActiveDirectoryImplicit.
httpx_auth.AzureActiveDirectoryImplicitIdToken.
httpx_auth.OktaImplicit.
httpx_auth.OktaImplicitIdToken.
The authentication success and failure displayed in the browser were revamped to be more user-friendly. httpx_auth.testing was modified to accommodate this change:
tab.assert_successexpected_message parameter was removed.
tab.assert_failureexpected_message parameter should not be prefixed with Unable to properly perform authentication: anymore and \n in the message should be replaced with <br>.
httpx_auth.JsonTokenFileCache does not expose tokens_path or last_save_time attributes anymore and is also allowing pathlib.Path instances as cache location.
httpx_auth.TokenMemoryCache does not expose forbid_concurrent_cache_access or forbid_concurrent_missing_token_function_call attributes anymore.
httpx_auth.JsonTokenFileCache and httpx_auth.TokenMemoryCacheget_token method now handles a new optional parameter named on_expired_token.
Fixed
httpx_auth.OktaClientCredentialsscope parameter is now mandatory and does not default to openid anymore.
httpx_auth.OktaClientCredentials will now display a more user-friendly error message in case Okta instance is not provided.
Tokens cache DEBUG logs will not display tokens anymore.
