v2.0.0

News

• Major API refactor for improved clearer configuration. (#30)
• Add init_app to allow later init of Flask app. (#28)
• Add support multiple providers being used in the same app. (#31)

v1.3.0

Fixes

• Simplified internal session management implementation.
• Reformatted code.
• Clean up of tests.

v1.2.0

News

• Support for "silent authentication", thanks to @gdestuynder and @andrewkrug.

Fixes

• Added logging.
• Upgraded pyoidc dependency.

v1.1.0

News

• Allow to specify an "error view" for presenting authentication errors to the user.
• Improve support for using OAuth authorization servers (no longer assumes the provider issues ID Tokens or a userinfo response).
• Add examples and better documentation to the README.
• Add test support for Python 3.6.

Fixes

• Handle OAuth errors in the authentication or token response.
• Fix Codecov integration.

v1.0.0

News

• Now supports RP-Initiated logout as defined in Section 5 of OpenID Connect Session Management.

Fixes

• The OIDCAuthentication.oidc_auth decorator now passes all call parameters to the decorated route function, thanks to @stevenmirabito.
• Greatly improved session handling, thanks to @stevenmirabito.
• The scope sent to the token endpoint will match the scope requested at the authorization endpoint.

Improvements

• Simplified code due to upgrade of the pyoidc library.

v0.5.0

Revert to not keeping any local user session.

Always redirect the user to the OP to ensure the user has a live session with the provider.

v0.4.0

New feature:

• Allow using the same OIDCAuthentication instance on multiple flask routes.

Improvement:

• Removed some internal data added to the flask.session after it's no longer necessary.

v0.3.1

Base the user session validity on the ID Token expiration time.

v0.3.0

Add possibility to add extra arguments to the authentication request to the provider.

v0.2.0

Add possibility to configure which HTTP method to use for userinfo requests.