pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/security/py-authlib
Module Name: pkgsrc
Committed By: adam
Date: Fri Oct 14 09:06:36 UTC 2022
Modified Files:
pkgsrc/security/py-authlib: Makefile PLIST distinfo
Log Message:
py-authlib: updated to 1.1.0
Version 1.1.0
This release contains breaking changes and security fixes.
Allow to pass claims_options to Framework OpenID Connect clients.
Fix .stream with context for HTTPX OAuth clients.
Fix Starlette OAuth client for cache store.
Breaking changes:
Raise InvalidGrantError for invalid code, redirect_uri and no user errors in OAuth 2.0 server.
The default authlib.jose.jwt would only work with JSON Web Signature algorithms, if you would like to use JWT with JWE algorithms, please pass the algorithms parameter:
jwt = JsonWebToken(['A128KW', 'A128GCM', 'DEF'])
Security fixes: CVE-2022-39175 and CVE-2022-39174, both related to JOSE.
Version 1.0.1
Fix authenticate_none method.
Allow to pass in alternative signing algorithm to RFC7523 authentication methods.
Fix missing_token for Flask OAuth client.
Allow openid in any place of the scope.
Security fix for validating essential value on blank value in JWT.
Version 1.0.0
We have dropped support for Python 2 in this release. We have removed built-in SQLAlchemy integration.
OAuth Client Changes:
The whole framework client integrations have been restructured, if you are using the client properly, e.g. oauth.register(...), it would work as before.
OAuth Provider Changes:
In Flask OAuth 2.0 provider, we have removed the deprecated OAUTH2_JWT_XXX configuration, instead, developers should define .get_jwt_config on OpenID extensions and grant types.
SQLAlchemy integrations has been removed from Authlib. Developers should define the database by themselves.
JOSE Changes
JWS has been renamed to JsonWebSignature
JWE has been renamed to JsonWebEncryption
JWK has been renamed to JsonWebKey
JWT has been renamed to JsonWebToken
The "Key" model has been re-designed, checkout the :ref:`jwk_guide` for updates.
Added ES256K algorithm for JWS and JWT.
To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 pkgsrc/security/py-authlib/Makefile \
pkgsrc/security/py-authlib/distinfo
cvs rdiff -u -r1.3 -r1.4 pkgsrc/security/py-authlib/PLIST
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/security/py-authlib/Makefile
diff -u pkgsrc/security/py-authlib/Makefile:1.9 pkgsrc/security/py-authlib/Makefile:1.10
--- pkgsrc/security/py-authlib/Makefile:1.9 Thu Apr 21 11:00:00 2022
+++ pkgsrc/security/py-authlib/Makefile Fri Oct 14 09:06:36 2022
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.9 2022/04/21 11:00:00 wiz Exp $
+# $NetBSD: Makefile,v 1.10 2022/10/14 09:06:36 adam Exp $
-DISTNAME= Authlib-0.15.5
+DISTNAME= Authlib-1.1.0
PKGNAME= ${PYPKGPREFIX}-${DISTNAME:tl}
-PKGREVISION= 1
CATEGORIES= security python
MASTER_SITES= ${MASTER_SITE_PYPI:=A/Authlib/}
@@ -11,12 +10,11 @@ HOMEPAGE= https://authlib.org/
COMMENT= Ultimate Python library in building OAuth and OpenID Connect servers
LICENSE= modified-bsd
-TEST_DEPENDS+= ${PYPKGPREFIX}-test-runner-[0-9]*:../../devel/py-test-runner
-
-PYTHON_VERSIONED_DEPENDENCIES+= cryptography
+DEPENDS+= ${PYPKGPREFIX}-cryptography>=3.2:../../security/py-cryptography
USE_LANGUAGES= # none
+PYTHON_VERSIONS_INCOMPATIBLE= 27
+
.include "../../lang/python/egg.mk"
-.include "../../lang/python/versioned_dependencies.mk"
.include "../../mk/bsd.pkg.mk"
Index: pkgsrc/security/py-authlib/distinfo
diff -u pkgsrc/security/py-authlib/distinfo:1.9 pkgsrc/security/py-authlib/distinfo:1.10
--- pkgsrc/security/py-authlib/distinfo:1.9 Thu Oct 28 19:51:53 2021
+++ pkgsrc/security/py-authlib/distinfo Fri Oct 14 09:06:36 2022
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.9 2021/10/28 19:51:53 adam Exp $
+$NetBSD: distinfo,v 1.10 2022/10/14 09:06:36 adam Exp $
-BLAKE2s (Authlib-0.15.5.tar.gz) = cc3125ac34e3a91f8dc1c05dadae5a9c5001a687e87b9a610e736bfdee7a4357
-SHA512 (Authlib-0.15.5.tar.gz) = 72655afd0039fb6baed9179fb6d56c2a439847ce4b44a58e885e43bb2bdc4111147a592a1d027a093e3e851b2b1f89663028d745c9a6dd02bdd046f70565b5a3
-Size (Authlib-0.15.5.tar.gz) = 132183 bytes
+BLAKE2s (Authlib-1.1.0.tar.gz) = 80e63fec6ea1f25a33ea9b9fdd602ad2e2bfbb4251907ad9cd8aaaf2b859bed6
+SHA512 (Authlib-1.1.0.tar.gz) = f65ec3b671da50d5c906c42746e276fd2eaa0cf2c6185048fc8da217ded2dfc245db19c8d793969c7401d99a4f27e375768b9626e9867c5373aefd0b5a4d75cb
+Size (Authlib-1.1.0.tar.gz) = 140568 bytes
Index: pkgsrc/security/py-authlib/PLIST
diff -u pkgsrc/security/py-authlib/PLIST:1.3 pkgsrc/security/py-authlib/PLIST:1.4
--- pkgsrc/security/py-authlib/PLIST:1.3 Thu Oct 15 13:46:35 2020
+++ pkgsrc/security/py-authlib/PLIST Fri Oct 14 09:06:36 2022
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.3 2020/10/15 13:46:35 adam Exp $
+@comment $NetBSD: PLIST,v 1.4 2022/10/14 09:06:36 adam Exp $
${PYSITELIB}/${EGG_INFODIR}/PKG-INFO
${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt
${PYSITELIB}/${EGG_INFODIR}/dependency_links.txt
@@ -38,24 +38,30 @@ ${PYSITELIB}/authlib/integrations/base_c
${PYSITELIB}/authlib/integrations/base_client/async_app.py
${PLIST.py3x}${PYSITELIB}/authlib/integrations/base_client/async_app.pyc
${PLIST.py3x}${PYSITELIB}/authlib/integrations/base_client/async_app.pyo
-${PYSITELIB}/authlib/integrations/base_client/base_app.py
-${PYSITELIB}/authlib/integrations/base_client/base_app.pyc
-${PYSITELIB}/authlib/integrations/base_client/base_app.pyo
-${PYSITELIB}/authlib/integrations/base_client/base_oauth.py
-${PYSITELIB}/authlib/integrations/base_client/base_oauth.pyc
-${PYSITELIB}/authlib/integrations/base_client/base_oauth.pyo
+${PYSITELIB}/authlib/integrations/base_client/async_openid.py
+${PYSITELIB}/authlib/integrations/base_client/async_openid.pyc
+${PYSITELIB}/authlib/integrations/base_client/async_openid.pyo
${PYSITELIB}/authlib/integrations/base_client/errors.py
${PYSITELIB}/authlib/integrations/base_client/errors.pyc
${PYSITELIB}/authlib/integrations/base_client/errors.pyo
${PYSITELIB}/authlib/integrations/base_client/framework_integration.py
${PYSITELIB}/authlib/integrations/base_client/framework_integration.pyc
${PYSITELIB}/authlib/integrations/base_client/framework_integration.pyo
-${PYSITELIB}/authlib/integrations/base_client/remote_app.py
-${PYSITELIB}/authlib/integrations/base_client/remote_app.pyc
-${PYSITELIB}/authlib/integrations/base_client/remote_app.pyo
+${PYSITELIB}/authlib/integrations/base_client/registry.py
+${PYSITELIB}/authlib/integrations/base_client/registry.pyc
+${PYSITELIB}/authlib/integrations/base_client/registry.pyo
+${PYSITELIB}/authlib/integrations/base_client/sync_app.py
+${PYSITELIB}/authlib/integrations/base_client/sync_app.pyc
+${PYSITELIB}/authlib/integrations/base_client/sync_app.pyo
+${PYSITELIB}/authlib/integrations/base_client/sync_openid.py
+${PYSITELIB}/authlib/integrations/base_client/sync_openid.pyc
+${PYSITELIB}/authlib/integrations/base_client/sync_openid.pyo
${PYSITELIB}/authlib/integrations/django_client/__init__.py
${PYSITELIB}/authlib/integrations/django_client/__init__.pyc
${PYSITELIB}/authlib/integrations/django_client/__init__.pyo
+${PYSITELIB}/authlib/integrations/django_client/apps.py
+${PYSITELIB}/authlib/integrations/django_client/apps.pyc
+${PYSITELIB}/authlib/integrations/django_client/apps.pyo
${PYSITELIB}/authlib/integrations/django_client/integration.py
${PYSITELIB}/authlib/integrations/django_client/integration.pyc
${PYSITELIB}/authlib/integrations/django_client/integration.pyo
@@ -92,15 +98,12 @@ ${PYSITELIB}/authlib/integrations/django
${PYSITELIB}/authlib/integrations/flask_client/__init__.py
${PYSITELIB}/authlib/integrations/flask_client/__init__.pyc
${PYSITELIB}/authlib/integrations/flask_client/__init__.pyo
+${PYSITELIB}/authlib/integrations/flask_client/apps.py
+${PYSITELIB}/authlib/integrations/flask_client/apps.pyc
+${PYSITELIB}/authlib/integrations/flask_client/apps.pyo
${PYSITELIB}/authlib/integrations/flask_client/integration.py
${PYSITELIB}/authlib/integrations/flask_client/integration.pyc
${PYSITELIB}/authlib/integrations/flask_client/integration.pyo
-${PYSITELIB}/authlib/integrations/flask_client/oauth_registry.py
-${PYSITELIB}/authlib/integrations/flask_client/oauth_registry.pyc
-${PYSITELIB}/authlib/integrations/flask_client/oauth_registry.pyo
-${PYSITELIB}/authlib/integrations/flask_client/remote_app.py
-${PYSITELIB}/authlib/integrations/flask_client/remote_app.pyc
-${PYSITELIB}/authlib/integrations/flask_client/remote_app.pyo
${PYSITELIB}/authlib/integrations/flask_helpers.py
${PYSITELIB}/authlib/integrations/flask_helpers.pyc
${PYSITELIB}/authlib/integrations/flask_helpers.pyo
@@ -158,15 +161,9 @@ ${PYSITELIB}/authlib/integrations/reques
${PYSITELIB}/authlib/integrations/requests_client/oauth2_session.py
${PYSITELIB}/authlib/integrations/requests_client/oauth2_session.pyc
${PYSITELIB}/authlib/integrations/requests_client/oauth2_session.pyo
-${PYSITELIB}/authlib/integrations/sqla_oauth1/__init__.py
-${PYSITELIB}/authlib/integrations/sqla_oauth1/__init__.pyc
-${PYSITELIB}/authlib/integrations/sqla_oauth1/__init__.pyo
-${PYSITELIB}/authlib/integrations/sqla_oauth1/functions.py
-${PYSITELIB}/authlib/integrations/sqla_oauth1/functions.pyc
-${PYSITELIB}/authlib/integrations/sqla_oauth1/functions.pyo
-${PYSITELIB}/authlib/integrations/sqla_oauth1/mixins.py
-${PYSITELIB}/authlib/integrations/sqla_oauth1/mixins.pyc
-${PYSITELIB}/authlib/integrations/sqla_oauth1/mixins.pyo
+${PYSITELIB}/authlib/integrations/requests_client/utils.py
+${PYSITELIB}/authlib/integrations/requests_client/utils.pyc
+${PYSITELIB}/authlib/integrations/requests_client/utils.pyo
${PYSITELIB}/authlib/integrations/sqla_oauth2/__init__.py
${PYSITELIB}/authlib/integrations/sqla_oauth2/__init__.pyc
${PYSITELIB}/authlib/integrations/sqla_oauth2/__init__.pyo
@@ -182,6 +179,9 @@ ${PYSITELIB}/authlib/integrations/sqla_o
${PYSITELIB}/authlib/integrations/starlette_client/__init__.py
${PYSITELIB}/authlib/integrations/starlette_client/__init__.pyc
${PYSITELIB}/authlib/integrations/starlette_client/__init__.pyo
+${PYSITELIB}/authlib/integrations/starlette_client/apps.py
+${PYSITELIB}/authlib/integrations/starlette_client/apps.pyc
+${PYSITELIB}/authlib/integrations/starlette_client/apps.pyo
${PYSITELIB}/authlib/integrations/starlette_client/integration.py
${PLIST.py3x}${PYSITELIB}/authlib/integrations/starlette_client/integration.pyc
${PLIST.py3x}${PYSITELIB}/authlib/integrations/starlette_client/integration.pyo
@@ -191,6 +191,12 @@ ${PYSITELIB}/authlib/jose/__init__.pyo
${PYSITELIB}/authlib/jose/drafts/__init__.py
${PYSITELIB}/authlib/jose/drafts/__init__.pyc
${PYSITELIB}/authlib/jose/drafts/__init__.pyo
+${PYSITELIB}/authlib/jose/drafts/_jwe_algorithms.py
+${PYSITELIB}/authlib/jose/drafts/_jwe_algorithms.pyc
+${PYSITELIB}/authlib/jose/drafts/_jwe_algorithms.pyo
+${PYSITELIB}/authlib/jose/drafts/_jwe_enc_cryptodome.py
+${PYSITELIB}/authlib/jose/drafts/_jwe_enc_cryptodome.pyc
+${PYSITELIB}/authlib/jose/drafts/_jwe_enc_cryptodome.pyo
${PYSITELIB}/authlib/jose/drafts/_jwe_enc_cryptography.py
${PYSITELIB}/authlib/jose/drafts/_jwe_enc_cryptography.pyc
${PYSITELIB}/authlib/jose/drafts/_jwe_enc_cryptography.pyo
@@ -224,39 +230,42 @@ ${PYSITELIB}/authlib/jose/rfc7517/__init
${PYSITELIB}/authlib/jose/rfc7517/_cryptography_key.py
${PYSITELIB}/authlib/jose/rfc7517/_cryptography_key.pyc
${PYSITELIB}/authlib/jose/rfc7517/_cryptography_key.pyo
+${PYSITELIB}/authlib/jose/rfc7517/asymmetric_key.py
+${PYSITELIB}/authlib/jose/rfc7517/asymmetric_key.pyc
+${PYSITELIB}/authlib/jose/rfc7517/asymmetric_key.pyo
+${PYSITELIB}/authlib/jose/rfc7517/base_key.py
+${PYSITELIB}/authlib/jose/rfc7517/base_key.pyc
+${PYSITELIB}/authlib/jose/rfc7517/base_key.pyo
${PYSITELIB}/authlib/jose/rfc7517/jwk.py
${PYSITELIB}/authlib/jose/rfc7517/jwk.pyc
${PYSITELIB}/authlib/jose/rfc7517/jwk.pyo
-${PYSITELIB}/authlib/jose/rfc7517/models.py
-${PYSITELIB}/authlib/jose/rfc7517/models.pyc
-${PYSITELIB}/authlib/jose/rfc7517/models.pyo
+${PYSITELIB}/authlib/jose/rfc7517/key_set.py
+${PYSITELIB}/authlib/jose/rfc7517/key_set.pyc
+${PYSITELIB}/authlib/jose/rfc7517/key_set.pyo
${PYSITELIB}/authlib/jose/rfc7518/__init__.py
${PYSITELIB}/authlib/jose/rfc7518/__init__.pyc
${PYSITELIB}/authlib/jose/rfc7518/__init__.pyo
-${PYSITELIB}/authlib/jose/rfc7518/_cryptography_backends/__init__.py
-${PYSITELIB}/authlib/jose/rfc7518/_cryptography_backends/__init__.pyc
-${PYSITELIB}/authlib/jose/rfc7518/_cryptography_backends/__init__.pyo
-${PYSITELIB}/authlib/jose/rfc7518/_cryptography_backends/_jwe_alg.py
-${PYSITELIB}/authlib/jose/rfc7518/_cryptography_backends/_jwe_alg.pyc
-${PYSITELIB}/authlib/jose/rfc7518/_cryptography_backends/_jwe_alg.pyo
-${PYSITELIB}/authlib/jose/rfc7518/_cryptography_backends/_jwe_enc.py
-${PYSITELIB}/authlib/jose/rfc7518/_cryptography_backends/_jwe_enc.pyc
-${PYSITELIB}/authlib/jose/rfc7518/_cryptography_backends/_jwe_enc.pyo
-${PYSITELIB}/authlib/jose/rfc7518/_cryptography_backends/_jws.py
-${PYSITELIB}/authlib/jose/rfc7518/_cryptography_backends/_jws.pyc
-${PYSITELIB}/authlib/jose/rfc7518/_cryptography_backends/_jws.pyo
-${PYSITELIB}/authlib/jose/rfc7518/_cryptography_backends/_keys.py
-${PYSITELIB}/authlib/jose/rfc7518/_cryptography_backends/_keys.pyc
-${PYSITELIB}/authlib/jose/rfc7518/_cryptography_backends/_keys.pyo
-${PYSITELIB}/authlib/jose/rfc7518/jwe_algorithms.py
-${PYSITELIB}/authlib/jose/rfc7518/jwe_algorithms.pyc
-${PYSITELIB}/authlib/jose/rfc7518/jwe_algorithms.pyo
-${PYSITELIB}/authlib/jose/rfc7518/jws_algorithms.py
-${PYSITELIB}/authlib/jose/rfc7518/jws_algorithms.pyc
-${PYSITELIB}/authlib/jose/rfc7518/jws_algorithms.pyo
+${PYSITELIB}/authlib/jose/rfc7518/ec_key.py
+${PYSITELIB}/authlib/jose/rfc7518/ec_key.pyc
+${PYSITELIB}/authlib/jose/rfc7518/ec_key.pyo
+${PYSITELIB}/authlib/jose/rfc7518/jwe_algs.py
+${PYSITELIB}/authlib/jose/rfc7518/jwe_algs.pyc
+${PYSITELIB}/authlib/jose/rfc7518/jwe_algs.pyo
+${PYSITELIB}/authlib/jose/rfc7518/jwe_encs.py
+${PYSITELIB}/authlib/jose/rfc7518/jwe_encs.pyc
+${PYSITELIB}/authlib/jose/rfc7518/jwe_encs.pyo
+${PYSITELIB}/authlib/jose/rfc7518/jwe_zips.py
+${PYSITELIB}/authlib/jose/rfc7518/jwe_zips.pyc
+${PYSITELIB}/authlib/jose/rfc7518/jwe_zips.pyo
+${PYSITELIB}/authlib/jose/rfc7518/jws_algs.py
+${PYSITELIB}/authlib/jose/rfc7518/jws_algs.pyc
+${PYSITELIB}/authlib/jose/rfc7518/jws_algs.pyo
${PYSITELIB}/authlib/jose/rfc7518/oct_key.py
${PYSITELIB}/authlib/jose/rfc7518/oct_key.pyc
${PYSITELIB}/authlib/jose/rfc7518/oct_key.pyo
+${PYSITELIB}/authlib/jose/rfc7518/rsa_key.py
+${PYSITELIB}/authlib/jose/rfc7518/rsa_key.pyc
+${PYSITELIB}/authlib/jose/rfc7518/rsa_key.pyo
${PYSITELIB}/authlib/jose/rfc7518/util.py
${PYSITELIB}/authlib/jose/rfc7518/util.pyc
${PYSITELIB}/authlib/jose/rfc7518/util.pyo
@@ -272,9 +281,9 @@ ${PYSITELIB}/authlib/jose/rfc7519/jwt.py
${PYSITELIB}/authlib/jose/rfc8037/__init__.py
${PYSITELIB}/authlib/jose/rfc8037/__init__.pyc
${PYSITELIB}/authlib/jose/rfc8037/__init__.pyo
-${PYSITELIB}/authlib/jose/rfc8037/_jws_cryptography.py
-${PYSITELIB}/authlib/jose/rfc8037/_jws_cryptography.pyc
-${PYSITELIB}/authlib/jose/rfc8037/_jws_cryptography.pyo
+${PYSITELIB}/authlib/jose/rfc8037/jws_eddsa.py
+${PYSITELIB}/authlib/jose/rfc8037/jws_eddsa.pyc
+${PYSITELIB}/authlib/jose/rfc8037/jws_eddsa.pyo
${PYSITELIB}/authlib/jose/rfc8037/okp_key.py
${PYSITELIB}/authlib/jose/rfc8037/okp_key.pyc
${PYSITELIB}/authlib/jose/rfc8037/okp_key.pyo
@@ -398,12 +407,12 @@ ${PYSITELIB}/authlib/oauth2/rfc6750/erro
${PYSITELIB}/authlib/oauth2/rfc6750/parameters.py
${PYSITELIB}/authlib/oauth2/rfc6750/parameters.pyc
${PYSITELIB}/authlib/oauth2/rfc6750/parameters.pyo
+${PYSITELIB}/authlib/oauth2/rfc6750/token.py
+${PYSITELIB}/authlib/oauth2/rfc6750/token.pyc
+${PYSITELIB}/authlib/oauth2/rfc6750/token.pyo
${PYSITELIB}/authlib/oauth2/rfc6750/validator.py
${PYSITELIB}/authlib/oauth2/rfc6750/validator.pyc
${PYSITELIB}/authlib/oauth2/rfc6750/validator.pyo
-${PYSITELIB}/authlib/oauth2/rfc6750/wrappers.py
-${PYSITELIB}/authlib/oauth2/rfc6750/wrappers.pyc
-${PYSITELIB}/authlib/oauth2/rfc6750/wrappers.pyo
${PYSITELIB}/authlib/oauth2/rfc7009/__init__.py
${PYSITELIB}/authlib/oauth2/rfc7009/__init__.pyc
${PYSITELIB}/authlib/oauth2/rfc7009/__init__.pyo
@@ -434,6 +443,12 @@ ${PYSITELIB}/authlib/oauth2/rfc7523/clie
${PYSITELIB}/authlib/oauth2/rfc7523/jwt_bearer.py
${PYSITELIB}/authlib/oauth2/rfc7523/jwt_bearer.pyc
${PYSITELIB}/authlib/oauth2/rfc7523/jwt_bearer.pyo
+${PYSITELIB}/authlib/oauth2/rfc7523/token.py
+${PYSITELIB}/authlib/oauth2/rfc7523/token.pyc
+${PYSITELIB}/authlib/oauth2/rfc7523/token.pyo
+${PYSITELIB}/authlib/oauth2/rfc7523/validator.py
+${PYSITELIB}/authlib/oauth2/rfc7523/validator.pyc
+${PYSITELIB}/authlib/oauth2/rfc7523/validator.pyo
${PYSITELIB}/authlib/oauth2/rfc7591/__init__.py
${PYSITELIB}/authlib/oauth2/rfc7591/__init__.pyc
${PYSITELIB}/authlib/oauth2/rfc7591/__init__.pyo
@@ -467,6 +482,9 @@ ${PYSITELIB}/authlib/oauth2/rfc7662/intr
${PYSITELIB}/authlib/oauth2/rfc7662/models.py
${PYSITELIB}/authlib/oauth2/rfc7662/models.pyc
${PYSITELIB}/authlib/oauth2/rfc7662/models.pyo
+${PYSITELIB}/authlib/oauth2/rfc7662/token_validator.py
+${PYSITELIB}/authlib/oauth2/rfc7662/token_validator.pyc
+${PYSITELIB}/authlib/oauth2/rfc7662/token_validator.pyo
${PYSITELIB}/authlib/oauth2/rfc8414/__init__.py
${PYSITELIB}/authlib/oauth2/rfc8414/__init__.pyc
${PYSITELIB}/authlib/oauth2/rfc8414/__init__.pyo
Home |
Main Index |
Thread Index |
Old Index