blob: 7f4adceb15a8b37b390ae1a73febe12f46c46c89 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
* API changes
* SQLStore implementations no longer create or use a 'settings'
table
* SRegResponse.fromSuccessResponse returns None when no signed
arguments were found
* Added functions to generate request/response HTML forms with
auto-submission javascript
* Consumer (relying party) API: AuthRequest.htmlMarkup
* Server API: server.OpenIDResponse.toHTML
* PAPE (Provider Authentication Policy Extension) module
* Updated extension for specification draft 2
* Request.fromSuccessResponse returns None if PAPE response
arguments were not signed
* New features
* Demo server now supports OP-driven identifier selection
* Demo consumer now has a "stateless" option
* Fetchers now only read/request first megabyte of response
* Bug fixes
* NOT NULL constraints were added to SQLStore tables where
appropriate
* message.fromPostArgs: use query.items() instead of iteritems(),
fixes #161 (Affects Django users)
* check_authentication requests: copy entire response, not just
signed fields. Fixes missing namespace in check_authentication
requests
* Consumer._verifyDiscoveryResults: fall back to OpenID 1.0 type if
1.1 endpoint cannot be found; fixes discovery verification bug for
certain OpenID 1 identifiers
* SQLStore._execSQL: convert unicode arguments to str to avoid
postgresql api bug with unicode objects (Thanks to Marek Kuziel.)
* MySQLStore: Use ENGINE instead of TYPE when creating tables
* server.OpenIDResponse.toFormMarkup: Use return_to from the
request, not the response fields (Not all responses (i.e. cancel,
setup_needed) include a return_to field.)
* server.AssociationRequest.answer: include session_type in
no-encryption assoc responses
* OpenIDServiceEndpoint.getDisplayIdentifier: Don't include the
fragment in display identifiers.
|
