blob: 8079af83de2b8eaf8fd4cc6a28462d9f599212a5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
# Changelog #
## 3.2 ##
* Add support for python 3.8.
* Drop support for python 3.4.
* Fix false positive redirect error in consumer verification.
* Do not percent escape sub delimiters in path in URI normalization. Thanks Colin Watson for report.
* Fix tests and static code checks. Thanks Colin Watson.
## 3.1 ##
* Convert data values for extensions to text.
* Fixes in Python 2/3 support.
* Fix examples.
* Add support for python 3.7
* Fix static code checks
* Use bumpversion
## 3.0 ##
* Support Python3.
* Change most of the API to the text strings. UTF-8 encoded byte string should be compatible.
* Authentication methods based on SHA-256 are now preferred over SHA-1.
* Use `cryptography` library for cryptography tasks.
* Add new base64-based API for `DiffieHellman` class.
* Refactor script to negotiate association with an OpenID server.
* Decrease log levels on repetitive logs.
* Default fetcher is picked from more options.
* Remove `openid.consumer.html_parse` module.
* Remove `hmacSha*`, `randomString`, `randrange` and `sha*` functions from `openid.cryptutil`.
* A lot of refactoring and clean up.
### Deprecation ###
* Binary strings are deprecated, unless explicitely allowed.
* `hash_func` is deprecated in favor of `algorithm` in `DiffieHellmanSHA*ServerSession` and `DiffieHellmanSHA*ConsumerSession`.
* `DiffieHellmanSHA*ServerSession.consumer_pubkey` is deprecated in favor of `consumer_public_key`.
* Functions `longToBinary` and `binaryToLong` deprecated in favor of `int_to_bytes` and `bytes_to_int`, respectively.
* Old `DiffieHellman` API is deprecated.
## 2.3.0 ##
* Prevent timing attacks on signature comparison. Thanks to Carl Howells.
* Prevent XXE attacks.
* Fix unicode errors. Thanks to Kai Lautaportti.
* Drop support for python versions < 2.7.
* Use logging module. Thanks to Attila-Mihaly Balazs.
* Allow signatory, encoder and decoder to be set for Server. Thanks to julio.
* Fix URL limit to server responses. Thanks to Rodrigo Primo.
* Fix several protocol errors.
* Add utility method to AX store extension.
* Fix curl detection. Thanks to Sergey Shepelev.
* Use setuptools. Thanks to Tres Seaver.
* Refactor `Message` class creation.
* Add `RequestsFetcher`. Thanks to Lennonka.
* Updated examples.
* Add tox for testing. Thanks to Marc Abramowitz.
* Refactor tests.
* Clean code and add static checks.
### Deprecation ###
* `Message.setOpenIDNamespace()` method.
* `UndefinedOpenIDNamespace` exception.
* `OpenIDRequest.namespace` attribute.
* `openid.extensions.draft` packages, namely its `pape2` and `pape5` modules.
|
