Skip to content

Release 3.0.0

Compare
Choose a tag to compare
@n2ygk n2ygk released this 06 Sep 13:21
· 28 commits to master since this release
5ce5e7f

Release 3.0.0

WARNING - POTENTIAL BREAKING CHANGES

  • Changes to the AbstractAccessToken model require doing a manage.py migrate after upgrading.
  • If you use swappable models you will need to make sure your custom models are also updated (usually manage.py makemigrations).
  • Old Django versions below 4.2 are no longer supported.
  • A few deprecations warned about in 2.4.0 (#1345) have been removed. See below.

Added

  • #1366 Add Docker containerized apps for testing IDP and RP.
  • #1454 Added compatibility with LoginRequiredMiddleware introduced in Django 5.1.

Changed

  • Many documentation and project internals improvements.
  • #1446 Use generic models pk instead of id. This enables, for example, custom swapped models to have a different primary key field.
  • #1447 Update token to TextField from CharField. Removing the 255 character limit enables supporting JWT tokens with additional claims.
    This adds a SHA-256 token_checksum field that is used to validate tokens.
  • #1450 Transactions wrapping writes of the Tokens now rely on Django's database routers to determine the correct
    database to use instead of assuming that 'default' is the correct one.
  • #1455 Changed minimum supported Django version to >=4.2.

Removed

  • #1425 Remove deprecated RedirectURIValidator, WildcardSet per #1345; validate_logout_request per #1274

Fixed

  • #1444, #1476 Fix several 500 errors to instead raise appropriate errors.
  • #1469 Fix ui_locales request parameter triggers AttributeError under certain circumstances

Security