Closed Colin-b closed 6 months ago
Failed conditions
2 Security Hotspots
39.4% Duplication on New Code (required ≤ 3%)
E Security Rating on New Code (required ≥ A)
See analysis details on SonarCloud
Catch issues before they fail your Quality Gate with our IDE extension SonarLint
Added
httpx_auth.SupportMultiAuth
, allowing multiple authentication support for everyhttpx
authentication class that exists.httpx_auth.TokenMemoryCache
, allowing to create custom Oauth2 token cache based on this default implementation.success_html
) and failure (failure_html
) display via the newOAuth2.display
shared setting. Refer to documentation for more details.redirect_uri_domain
parameter on Authorization code (with and without PKCE) and Implicit flows, you can now provide the FQDN to use in theredirect_uri
whenlocalhost
(the default) is not allowed.Changed
httpx_auth.testing
, only direct access viahttpx_auth.
was considered publicly exposed. This is now explicit, as inner packages are now using private prefix (_
). If you were relying on some classes or functions that are now internal, feel free to open an issue.httpx_auth.OAuth2.display
. The failure page will be displayed for 10 seconds by default instead of 5 seconds previously. As a result the following classes no longer exposesuccess_display_time
andfailure_display_time
parameters.httpx_auth.OAuth2AuthorizationCode
.httpx_auth.OktaAuthorizationCode
.httpx_auth.WakaTimeAuthorizationCode
.httpx_auth.OAuth2AuthorizationCodePKCE
.httpx_auth.OktaAuthorizationCodePKCE
.httpx_auth.OAuth2Implicit
.httpx_auth.AzureActiveDirectoryImplicit
.httpx_auth.AzureActiveDirectoryImplicitIdToken
.httpx_auth.OktaImplicit
.httpx_auth.OktaImplicitIdToken
.httpx_auth.testing
was modified to accommodate this change:tab.assert_success
expected_message
parameter was removed.tab.assert_failure
expected_message
parameter should not be prefixed withUnable to properly perform authentication:
anymore and\n
in the message should be replaced with<br>
.httpx_auth.JsonTokenFileCache
does not exposetokens_path
orlast_save_time
attributes anymore and is also allowingpathlib.Path
instances as cache location.httpx_auth.TokenMemoryCache
does not exposeforbid_concurrent_cache_access
orforbid_concurrent_missing_token_function_call
attributes anymore.httpx_auth.JsonTokenFileCache
andhttpx_auth.TokenMemoryCache
get_token
method now handles a new optional parameter namedon_expired_token
.Fixed
httpx_auth.OktaClientCredentials
scope
parameter is now mandatory and does not default toopenid
anymore.httpx_auth.OktaClientCredentials
will now display a more user-friendly error message in case Okta instance is not provided.DEBUG
logs will not display tokens anymore.