6.2.1

Release Notes

For: uc-cdis/authutils

Notes since tag: 6.2.0

Notes to tag/commit: 6.2.1

Generated: 2022-06-27

Bug Fixes

• Fix authutils.token.fastapi.access_token to accept both PEM and RSA key
  formats (#65)

Python 3.9

Release Notes

For: uc-cdis/authutils

Notes since tag: 6.1.2

Notes to tag/commit: 6.2.0

Generated: 2022-06-23

Dependency Updates

• Require Python >=3.9 (#64)
• Update httpx to >=0.23.0, pyjwt to >=2.4.0, fastapi to >=0.65.2 (#64)

6.1.2

Release Notes

For: uc-cdis/authutils

Notes since tag: 6.1.1

Notes to tag/commit: 542e398

Generated: 2022-01-06

Dependency Updates

• authlib > 0.11.0 is a breaking change. Pin authlib to 0.11.0 (#61)

6.1.1

Release Notes

For: uc-cdis/authutils

Notes since tag: 6.1.0

Notes to tag/commit: 6.1.1

Generated: 2021-12-03

Bug Fixes

• Replace references to OAuthClient (doesn't exist) with OAuth2Client (new
  name) (#60)

6.1.0

Release Notes

For: uc-cdis/authutils

Notes since tag: 6.0.2

Notes to tag/commit: 4b43a25

Generated: 2021-10-28

Improvements

• Support in-app context and non-app context caching for public keys. (#55)

6.0.2

Release Notes

For: uc-cdis/authutils

Notes since tag: 6.0.1

Notes to tag/commit: bb46590

Generated: 2021-05-28

New Features

• Facilitate validation of JWTs from non-Gen3 issuers by adding ability to
  fetch and cache a JWK set from a non-Gen3 server. Authutils will first look
  for a jwks_uri at .well-known/openid-configuration and fall back to the
  legacy Gen3 /jwt/keys endpoint. Keys are serialized to PEM and stored (as
  before) in flask.current_app.jwt_public_keys. (#52)

Improvements

• Account for JWTs in which the scope claim is a space-delimited string (use
  split instead of just putting scope value in list). We expect RAS visas/all
  GA4GH embedded tokens to have scope claims with this format. (#52)

Dependency Updates

• bump own version to 6.0.2 in pyproject.toml (#53)

6.0.1

Release Notes

For: uc-cdis/authutils

Notes since tag: 6.0.0

Notes to tag/commit: e0d8b0b

Generated: 2021-04-29

Bug Fixes

• Update version in pyproject.toml to 6.0.1 (goofed the tagging last time)
  (#51)

6.0.0

Release Notes

For: uc-cdis/authutils

Notes since tag: 5.0.5

Notes to tag/commit: 2b7538e

Generated: 2021-04-29

Breaking Changes

• Add custom scopes validation and revert aud validation to default; services
  (eg Fence) will stop using the aud claim for scopes. Changes are in
  token.validate_jwt and core.validate_jwt as well as the require_auth_header
  decorator. (#47)

Improvements

• Update some docstrings (#47)
• Allow passthrough of 'options' arg to pyjwt (via token.validate_jwt and
  core.validate_jwt) (#47)

5.0.5

Release Notes

For: uc-cdis/authutils

Notes since tag: 5.0.4

Notes to tag/commit: c5adb41

Generated: 2021-01-19

Dependency Updates

• Update httpx=^0.14 (#49)
• Update cdiserrors<2.0.0 (#49)

5.0.4

Release Notes

For: uc-cdis/authutils

Notes since tag: 5.0.3

Notes to tag/commit: 5.0.4

Generated: 2020-06-02