forked from atlassian/asap-authentication-python
-
Notifications
You must be signed in to change notification settings - Fork 2
/
ChangeLog
152 lines (125 loc) · 5.37 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
CHANGES
=======
2.3.0
-----
* Added atlassian_jwt_auth.contrib.requests.JWTAuth
* Move test requirements out of setup.py and into test-requirements.txt
* Update pbr from version 1.0.1 to 1.8.1
* Support python 3.5.
2.2.0
-----
* Sem-Ver: bugfix upgrade cryptography from version 1.1.1 to 1.2.1
* Add the ability to accept JWT where the subject does not match the issuer
2.1.1
-----
* Sem-Ver: bugfix upgrade cryptography from version 1.1 to 1.1.1
* Sem-Ver: bugfix use a version of requests >= 2.8.1 but less than 3.0.0.
2.1.0
-----
* Sem-Ver: feature - Pass leeway param through to jwt.decode
2.0.0
-----
* Make use of new require_iat and require_exp options that PyJWT now accepts
* Sem-Ver: bugfix update the PyJWT dep from 1.3.0 to 1.4.0
* Sem-Ver: bugfix update the cryptography dep from 0.9.1 to 1.0.2
* Update the AUTHORS and the ChangeLog files
* Make the private key repository scanning actually work
* Clean up imports to follow google python style guides
* Support scanning for key file each time generate_jwt is called
* Sem-Ver: bugfix - update the build location information to reflect the build status of the master branch
* Sem-Ver: bugfix - update the build location information
* Sem-Ver: bugfix - update the installation instructions
* release 1.0.8
1.0.8
-----
* add the generated pbr changelog file changes in
* Add authors file
1.0.7
-----
* Add CI build information to the readme file
* Merged in update_cryptography_from_0.9_to_0.9.1 (pull request #4)
* Merged in use_supported_jwt_api_to_get_header (pull request #3)
* Use the new pyjwt api to get an verified header instead of calling their internal API
* update cryptography from 0.9 to 0.9.1
* Use pbr for setup configuration
* Add a mostly-generated Changelog file
1.0.6
-----
* Release version 1.0.6
* Merged in update_dependencies_28_05_2015 (pull request #2)
* Update PyJWT from version 1.1.0 to 1.3.0
* Upgrade CacheControl from version 0.11.2 to 0.11.5
* Upgrade cryptography from 0.8.2 to 0.9
1.0.5
-----
* release 1.0.5
* Merged in add_caching_for_key_retriever (pull request #1)
* update requests from 2.6.0 to 2.7.0
* Add caching to public key retrieval requests via cachecontrol
1.0.4
-----
* specify the version in setup.py from __init__.py - which now contains a __version__ field
1.0.3
-----
* bump the version to 1.0.3
* rename the private _key field of the JWTAuthSigner class to _private_key_pem
* s/signed_claims/a_jwt/ in the test code
* http headers are case insensitive - so the content-type check should be done in a case insensitive fashion
* pass through requests_kwargs through to public_key_retriever.retrieve(...)
* extract the key_id obtaining code from the jwt header out into a function
* s/verify_claims/verify_jwt/
* s/get_signed_claims/generate_jwt/
* s/_get_claims/_generate_claims/
* rename the JWTAuthSigner 'key' parameter to 'private_key_pem'
* update the readme with example use of the package
* set the pep8 version to 1.6.2 in the travis-ci file
* Add a travis-ci yaml file
0.0.2
-----
* release 0.0.2
* s/assertNotEquals/assertNotEqual/
* add support for python 2.7.X
* README.md edited online with Bitbucket
0.0.1
-----
* Make HTTPSPublicKeyRetriever take in and pass through keyword arguments for the requests.get(.
* remove the unused get_new_rsa_private_key_in_pem_format import from test_verifier
* pep8 fix ups
* update the test_signer code to use the new mixins
* Update the test_verifier code
* s/get_new_private_key/get_new_private_key_in_pem_format/ in the mixin classes
* Add JWTAuthVerifierRSATest and JWTAuthVerifierECDSATest classes which used the new mixins. Also rename TestJWTAuthVerifier to BaseJWTAuthVerifierTest
* Add some jwt algorithm mixins
* Make the KeyIdentifier.key_id field a property
* pep8 fix up
* Add a test to check that an jwt with a jti that has already been used is rejected
* update the jti rejection message
* wording change
* minor change to test_verify_claims_with_jwt_lasting_gt_max_time
* Add a test to check that jwt with lifetimes longer than the allowed maximum by the specification are rejected
* add a test to cover when claims['iss'] != claims['sub']
* if a key identifier does not contain a / then check if the key_id is equal to the claims issuer in verify_claims
* add a test to cover that if key_identifier does not start with issuer then an error is raised in verify_claims
* remove the superfluous 'the' in the issuer does not own the supplied public key message
* re-factor the TestJWTAuthVerifier class
* use the utils.get_example_jwt_auth_signer method in test_signer
* Add get_example_jwt_auth_signer to tests/utils
* Add a test for the JWTAuthVerifier
* Add a get_public_key_pem_for_private_key_pem to tests/utils
* create the JWTAuthSigner instance in get_example_jwt_auth_signer with key as a non-keyword style argument
* s/jws/a_jwt/ in verify_claims
* restructure the tests
* Use nose for running tests
* Add a test for JWTAuthSigner.get_signed_claims
* Set test_suite in setup.py
* Add a test to check that the jti changes between _get_claims calls
* use the timestamp of now in the jti instead of the string representation of the datetime object
* Add some tests
* Extract and fix getting the time in signer.py
* Fix up some minor errors in signer.py
* remove the unused os import from setup.py
* '..' is not permitted in a key identifier
* validate_key_identifier should never of taken in 'self' it only needs a key identifier
* add a setup.py file
* Add completely untested code
* init