jazzband/django-oauth-toolkit 2.1.0

Release 2.1.0

on GitHub

WARNING

Issues caused by Release 2.0.0 breaking changes continue to be logged. Please make sure to carefully read these release notes before
performing a MAJOR upgrade to 2.x.

These issues both result in {"error": "invalid_client"}:

1. The application client secret is now hashed upon save. You must copy it before it is saved. Using the hashed value will fail.

2. PKCE_REQUIRED is now True by default. You should use PKCE with your client or set PKCE_REQUIRED=False if you are unable to fix the client.

Added

• #1164 Support prompt=login for the OIDC Authorization Code Flow end user Authentication Request.
• #1163 Add French (fr) translations.
• #1166 Add Spanish (es) translations.

Changed

• #1152 createapplication management command enhanced to display an auto-generated secret before it gets hashed.
• #1172, #1159, #1158 documentation improvements.

Fixed

• #1147 Fixed 2.0.0 implementation of hashed client secret to work with swapped models.