Commits · renovate/all-minor-patch · Information Services / DevOps / Django Libraries / API Gateway Auth

Mar 04, 2024
- chore: version 0.0.7 · 1ecc32b1
  Robin Goodall authored 1 year ago
  
  1ecc32b1
Feb 06, 2024

fix: change ..._VERIFY_TOKEN setting to _ENFORCE_ID_TOKEN_VERIFICATION · 5259d6f9

Change the enforcement setting's semantics. Now the incoming token is
*always* verified but only a warning is printed to the logs unless
API_GATEWAY_AUTH_ENFORCE_IF_TOKEN_VERIFICATION is True.

5259d6f9

Oct 17, 2023

feat: verify API Gateway id token in request · e7255d7c

Dr Rich Wareham authored 1 year ago

Add verification for the Authorization header for incoming requests. The
defaults are to verify that the request is appropriately authenticated
with a Google service account corresponding to the API Gateway.

Expected issuer, authorised parties, issuer certificate URLs, etc can be
customised via settings. This is unlikely to be used in production but
is useful when combined with the API Gateway emulator for local
development.

Verification can be disabled entirely by setting an appropriately
dire-named setting.

Tests have been updated to exercise verification assuming that the
Google verification library works as documented.

Closes #4

e7255d7c

Sep 21, 2023
- feat: update README and CHANGELOG to note new poetry-based packaging · 8cd9ce7f
  Dr Rich Wareham authored 1 year ago
  
  8cd9ce7f
Jun 29, 2023
- chore:setup.py: bump version and changelog · c5e5ce1a
  Dr Rich Wareham authored 1 year ago
  
  c5e5ce1a
- chore:setup.py: bump version number · d548a18b
  Dr Rich Wareham authored 1 year ago
  
  Update (or, more correctly, create) the changelog in the process.
  d548a18b

Admin message