Here you can see the full list of changes between each Authlib release.
Released on May 6, 2020.
Released on Feb 11, 2020.
In this release, Authlib has introduced a new way to write framework integrations for clients.
Bug fixes and enhancements in this release:
nonce
via issue#180.get_headers
leak.code_verifier
via issue#165.Breaking Change: drop sync OAuth clients of HTTPX.
Released on Nov 11, 2019. Go Async
This is the release that makes Authlib one more step close to v1.0. We
did a huge refactor on our integrations. Authlib believes in monolithic
design, it enables us to design the API to integrate with every framework
in the best way. In this release, Authlib has re-organized the folder
structure, moving every integration into the integrations
folder. It
makes Authlib to add more integrations easily in the future.
RFC implementations and updates in this release:
New integrations and changes in this release:
authlib.client.aiohttp
has been removedBug fixes and enhancements in this release:
alg
values easily for JWS and JWE.Deprecate Changes: find how to solve the deprecate issues via https://git.io/Jeclj
Released on Sep 3, 2019.
Breaking Change: Authlib Grant system has been redesigned. If you are creating OpenID Connect providers, please read the new documentation for OpenID Connect.
Important Update: Django OAuth 2.0 server integration is ready now. You can create OAuth 2.0 provider and OpenID Connect 1.0 with Django framework.
RFC implementations and updates in this release:
AssertionClient
for the assertion frameworkIntrospectionToken
for introspection token endpointRefactor and bug fixes in this release:
RefreshTokenGrant.revoke_old_credential
methodauthlib.client
, no breaking changesOAuth2Request
, use explicit query and formrequests
to optional dependencyAsyncAssertionClient
for aiohttpDeprecate Changes: find how to solve the deprecate issues via https://git.io/fjPsV
Released on Apr 6, 2019.
BIG NEWS: Authlib has changed its open source license from AGPL to BSD.
Important Changes: Authlib specs module has been split into jose, oauth1, oauth2, and oidc. Find how to solve the deprecate issues via https://git.io/fjvpt
RFC implementations and updates in this release:
Small changes and bug fixes in this release:
OAuth2Session
via issue#96.OAuth2Session
via PR#100, thanks
to pingz.Experiment Features: There is an experiment aiohttp
client for OAuth1
and OAuth2 in authlib.client.aiohttp
.
Released on Oct 12, 2018.
The most important change in this version is grant extension system. When registering a grant, developers can pass extensions to the grant:
authorization_server.register_grant(GrantClass, [extension])
Find Flask Grant Extensions implementation.
RFC implementations and updates in this release:
Besides that, there are other improvements:
save_authorize_state
method on Flask and Django clientfetch_token
to Django OAuth client@require_oauth
Multiple ScopesDeprecate Changes: find how to solve the deprecate issues via https://git.io/fAmW1
Find old changelog at https://github.com/lepture/authlib/releases