All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Now works with the new Okta Touchstone flow, for applications that use the Shibboleth proxy.
- The library can now be run as a module (python -m touchstone_auth) for debugging purposes.
- Library updated to be compatible with the new "universal" Duo prompt, which,
among other things, involves a new
/exitendpoint to get back to Touchstone.
- Duo updated to use a second POST instead of a redirect to load some params. Library updated to be compatible with this new approach
- Added explicit Kerberos post-auth request to accommodate Touchstone changes.
- Switched to using a Firefox user-agent, and added XSRF token GET call.
- Updated the version of requests-pkcs12 we rely on to avoid deprecation warnings.
- Added the ability to control cookiejar saving. Autosave can be disabled and the session cookies can now be saved at any time, not just on close.
- Added the ability to do initial authentication with username/password or with Kerberos tickets.
- Passing the certfile/cert password as their own arguments is now deprecated.
Use the new
auth_typeargument to pass authentication information.
- Nickolai Zeldovich (zeldovich)
- Added the ability to load a wider variety of Bearer tokens (Tim tickets)
- Added the ability to use phone-call second factor.
- Added additional constructor argument to select between available second factor options.
- Added typing-extensions to dependencies to properly support Python 3.6 and Python 3.7
- First working version of the touchstone auth.