All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
- Loosened FastAPI dependency constraints (with this package ever hit 1.0?)
- Added
format_keycloaktobuild_rs256_token()helper
- Refactored pemission claim mapping
- Made audience optional in cli
- Added support for pytest 8
- Restored optional TokenPayload fields.
- Upgraded pydantic base version to 2.7.
- Upgraded fastapi base version to 0.111.
- Added plugin support
- Included original token in TokenPayload object
- Added default messages to ArmasecError classes
- Formatted source files with ruff
- Added examples for Keycloak and Auth0
- Added Python 3.12 support by updating to Pendulum 3.0
- Updated dependencies in poetry.lock
- Fixed CLI sub-package problem with installing via pip
- Added payload_claim_mapping to allow mapping claims to payload items
- Added optional CLI for trying out logins and exploring tokens
- Converted docs to use public branding images
- Converted docs build to use mkdocs-material
- Converted project docs to markdown
- Added new action to automatically build docs
- Dropped support for Python 3.6 and 3.7
- Added support for pytest 7.x
- Replaced pytest-freezegun with plummet for unit tests
- Added pendulum to increase readability of timestamps in unit tests
- Used pytest-asyncio auto mode for async tests and fixtures
- Loosened version constraints on fastapi.
- Loosened constraints in dependencies.
- Loosened requirements for urls in schemas (to allow no TLD).
- Refactored code for supporting multiple OIDC domains.
- Exposed
use_httpsin TokenSecurity and Armasec classes.
- Added
use_httpsflag
- Added support for python 3.6
- Included
client_idin TokenPayload (loaded fromazpclaim) - Upgraded
blackto ^22.0
- Updated to use py-buzz 3.0
- Changed to use pyproject-flake8 for linting
- Fixed faulty set logic in lockdown_all()
- Covers changes for v0.7.1 as well (debugging README render on pypi)
- Fixed broken logo link in README
- Added support for different permission modes SOME and ALL
- Updated README
- Added a license, code of conduct, and contribution guide.
- Changed
from_dictmethod for building the token payload with all possible keys
- Dropped support for HS256
- Made TokenSecurity class lazy load TokenManager
- Reorganized a bit to make it work better with OpenAPI swagger
- Made the Armasec helper class lazy load elements (to allow easier testing)
- Add github action to publish on tag push
- Renamed package to "armasec"
- Major refactor for imporoved testability
- Moved TokenDecoders into their own class heirarchy
- Real tests for RS256 decoding
- Pytest extension for improved testability in client code
- OpenidConfigLoader for fetching OIDC configuration
- Added mock_openid_server for test loading of OIDC config
- Added Armasec helper/convenience class
- Adjustments to expose jwt.decode() options for testing overrides
- Made audience optional
- Added pytest extension to allow use of a mock openid server
- Improved compatibility with OIDC providers
- Eliminated TestTokenManager and moved logic to utilities instead
- Included type hints
- Applied formatting and flak8 compliance
- Updated .gitignore to ignore dotenv files
- Added additional logging for debugging
- Corrected grammar in some docstrings
- Fixed bug where TokenPayload breaks if you don't provide it a "permissions" field
- Added
decodecli tool
- Added AsymmetricManager for use with RS256 tokens
- Included unit tests
- Updated the README
- Initial release of armasec
- Added TokenManager and TokenSecurity
- Included unit tests
- Configured code formatting
- Setup github actions
- Added a README and this CHANGELOG