FAQ | This is a LIVE service | Changelog

fix(deps): update dependency requests-auth to v8 - autoclosed

uis-devops-renovatebotrequested to merge
renovate/requests-auth-8.x into main

This MR contains the following updates:

Package Change Age Confidence
requests-auth (changelog) >=5.3.0,<5.4.0 -> >=8.0.0,<8.1.0 age confidence

Release Notes

Colin-b/requests_auth (requests-auth)

v8.0.0

Compare Source

Added
  • Adding explicit support for Python 3.12.
  • Publicly expose requests_auth.SupportMultiAuth, allowing multiple authentication support for every requests authentication class that exists.
  • Publicly expose requests_auth.TokenMemoryCache, allowing to create custom Oauth2 token cache based on this default implementation.
  • You can now provide your own HTML success (success_html) and failure (failure_html) display via the new OAuth2.display shared setting. Refer to documentation for more details.
  • Thanks to the new redirect_uri_domain parameter on Authorization code (with and without PKCE) and Implicit flows, you can now provide the FQDN to use in the redirect_uri when localhost (the default) is not allowed.
  • requests_auth.WakaTimeAuthorizationCode handling access to the WakaTime API.
Changed
  • Except for requests_auth.testing, only direct access via requests_auth. was considered publicly exposed. This is now explicit, as inner packages are now using private prefix (_). If you were relying on some classes or functions that are now internal, feel free to open an issue.
  • requests_auth.JsonTokenFileCache and requests_auth.TokenMemoryCache get_token method does not handle kwargs anymore, the on_missing_token callable does not expect any arguments anymore.
  • requests_auth.JsonTokenFileCache does not expose tokens_path or last_save_time attributes anymore and is also allowing pathlib.Path instances as cache location.
  • requests_auth.TokenMemoryCache does not expose forbid_concurrent_cache_access or forbid_concurrent_missing_token_function_call attributes anymore.
  • Browser display settings have been moved to a shared setting, see documentation for more information on requests_auth.OAuth2.display. The failure page will be displayed for 10 seconds by default instead of 5 seconds previously. As a result the following classes no longer expose success_display_time and failure_display_time parameters.
    • requests_auth.OAuth2AuthorizationCode.
    • requests_auth.OktaAuthorizationCode.
    • requests_auth.WakaTimeAuthorizationCode.
    • requests_auth.OAuth2AuthorizationCodePKCE.
    • requests_auth.OktaAuthorizationCodePKCE.
    • requests_auth.OAuth2Implicit.
    • requests_auth.AzureActiveDirectoryImplicit.
    • requests_auth.AzureActiveDirectoryImplicitIdToken.
    • requests_auth.OktaImplicit.
    • requests_auth.OktaImplicitIdToken.
  • The authentication success and failure displayed in the browser were revamped to be more user-friendly. requests_auth.testing was modified to accommodate this change:
    • tab.assert_success expected_message parameter was removed.
    • tab.assert_failure expected_message parameter should not be prefixed with Unable to properly perform authentication: anymore and \n in the message should be replaced with <br>.
  • Exceptions issued by requests_auth are now inheriting from requests_auth.RequestsAuthException, itself inheriting from requests.RequestException, instead of Exception.
Fixed
  • Type information is now provided following PEP 561.
  • Remove deprecation warnings due to usage of utcnow and utcfromtimestamp.
  • requests_auth.OktaClientCredentials scope parameter is now mandatory and does not default to openid anymore.
  • requests_auth.OktaClientCredentials will now display a more user-friendly error message in case Okta instance is not provided.
  • Tokens cache DEBUG logs will not display tokens anymore.
  • Handle text/html; charset=utf-8 content-type in token responses.
Removed
  • Removing support for Python 3.7.
  • Deprecated requests_auth.Auths class has been removed.

v7.0.0

Compare Source

Changed
  • requests_auth.OAuth2ResourceOwnerPasswordCredentials does not send basic authentication by default.
Added
  • session_auth as a parameter of requests_auth.OAuth2ResourceOwnerPasswordCredentials. Allowing to provide any kind of optional authentication.
  • requests_auth.OktaResourceOwnerPasswordCredentials providing Okta resource owner password credentials flow easy setup.
  • Explicit support for Python 3.11.
Removed
  • Explicit support for Python 3.6.

v6.0.0

Compare Source

Changed
  • requests_auth.oauth2_tokens.TokenMemoryCache.get_token method now requires arguments to be named.
  • requests_auth.oauth2_tokens.TokenMemoryCache.get_token method on_missing_token arguments must now be named (switched from args to kwargs).
  • requests_auth.JsonTokenFileCache.get_token method now requires arguments to be named.
  • requests_auth.JsonTokenFileCache.get_token method on_missing_token arguments must now be named (switched from args to kwargs).
  • requests_auth.testing now requires pyjwt==2.*.
Added
  • requests_auth.oauth2_tokens.TokenMemoryCache.get_token now allows to specify a custom early_expiry in seconds (default to 30).
  • requests_auth.JsonTokenFileCache.get_token now allows to specify a custom early_expiry in seconds (default to 30).
  • requests_auth.OAuth2ResourceOwnerPasswordCredentials contains a new early_expiry parameter allowing to tweak the number of seconds before actual token expiry where the token will be considered as already expired. Default to 30s.
  • requests_auth.OAuth2ClientCredentials contains a new early_expiry parameter allowing to tweak the number of seconds before actual token expiry where the token will be considered as already expired. Default to 30s.
  • requests_auth.OktaClientCredentials contains a new early_expiry parameter allowing to tweak the number of seconds before actual token expiry where the token will be considered as already expired. Default to 30s.
  • requests_auth.OAuth2AuthorizationCode contains a new early_expiry parameter allowing to tweak the number of seconds before actual token expiry where the token will be considered as already expired. Default to 30s.
  • requests_auth.OktaAuthorizationCode contains a new early_expiry parameter allowing to tweak the number of seconds before actual token expiry where the token will be considered as already expired. Default to 30s.
  • requests_auth.OAuth2AuthorizationCodePKCE contains a new early_expiry parameter allowing to tweak the number of seconds before actual token expiry where the token will be considered as already expired. Default to 30s.
  • requests_auth.OktaAuthorizationCodePKCE contains a new early_expiry parameter allowing to tweak the number of seconds before actual token expiry where the token will be considered as already expired. Default to 30s.
  • requests_auth.OAuth2Implicit contains a new early_expiry parameter allowing to tweak the number of seconds before actual token expiry where the token will be considered as already expired. Default to 30s.
  • requests_auth.AzureActiveDirectoryImplicit contains a new early_expiry parameter allowing to tweak the number of seconds before actual token expiry where the token will be considered as already expired. Default to 30s.
  • requests_auth.AzureActiveDirectoryImplicitIdToken contains a new early_expiry parameter allowing to tweak the number of seconds before actual token expiry where the token will be considered as already expired. Default to 30s.
  • requests_auth.OktaImplicit contains a new early_expiry parameter allowing to tweak the number of seconds before actual token expiry where the token will be considered as already expired. Default to 30s.
  • requests_auth.OktaImplicitIdToken contains a new early_expiry parameter allowing to tweak the number of seconds before actual token expiry where the token will be considered as already expired. Default to 30s.
Removed
  • requests_auth.oauth2_tokens.is_expired is not available anymore.
  • requests_auth.oauth2_tokens.decode_base64 is not available anymore.
  • requests_auth.oauth2_tokens.TokenMemoryCache.add_bearer_token is not available anymore.
  • requests_auth.oauth2_tokens.TokenMemoryCache.add_access_token is not available anymore.
Fixed
  • OAuth2 token will now be considered as expired 30 seconds before actual expiry. To ensure it is still valid when received by the actual server.

Configuration

📅 Schedule: Branch creation - Monday through Friday ( * * * * 1-5 ) in timezone Europe/London, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Edited by uis-devops-renovatebot

Merge request reports