5.0.1 - Fix support for Python 3.9 and 3.10

What's Changed

• fix: Python 3.9 and 3.9 support by @ndxmrb in #209

New Contributors

• @ndxmrb made their first contribution in #209

Full Changelog: 5.0.0...5.0.1

5.0.0

Breaking changes:

• Azure Entra (previously Active Directory) v1 token support dropped. This is mainly to reduce tests by 30%, and for a use-case I haven't documented, nor recommend anyone to use. If you're on v1 tokens, you should upgrade. ( #200 @JonasKs )
• Pydantic v1 support dropped. Deprecation warnings fixed, closes #150 ( #200 @JonasKs )
• InvalidAuth now takes detail AND request object. ( #200 @JonasKs ) Users should be explicit and use InvalidAuthHttp or InvalidAuthWebSocket if they use this class. Example:

-raise InvalidAuth(detail="Missing admin role")
+raise InvalidAuthHttp(detail="Missing admin role")  # for HTTP requests
+raise InvalidAuthWebSocket(detail="Missing admin role")  # for WebSocket requests

Docs:

• Use lifetimes instead of scopes ( #200 @JonasKs )
• How to ensure only certain roles can access APIs, closing #117 ( #200 @JonasKs )
• No need for redirect URL #72 (comment), closed in #202 ( #202 @JonasKs )

Feat:

• Add support for WebSockets, closes #191, #155 ( #200 @JonasKs )

Fix:

• Empty raise, closes #192 ( #2020 @JonasKs )

Full Changelog: 4.4.0...5.0.0

5.0.0-rc0

This is a release candidate of 5.0.0.

Breaking changes:

• Azure Entra (previously Active Directory) v1 token support dropped. This is mainly to reduce tests by 30%, and for a use-case I haven't documented, nor recommend anyone to use. If you're on v1 tokens, you should upgrade. ( #200 @JonasKs )
• Pydantic v1 support dropped. Deprecation warnings fixed, closes #150 ( #200 @JonasKs )
• InvalidAuth now takes detail AND request object. ( #200 @JonasKs ) Users should be explicit and use InvalidAuthHttp or InvalidAuthWebSocket if they use this class. Example:

-raise InvalidAuth(detail="Missing admin role")
+raise InvalidAuthHttp(detail="Missing admin role")  # for HTTP requests
+raise InvalidAuthWebSocket(detail="Missing admin role")  # for WebSocket requests

Docs:

• Use lifetimes instead of scopes ( #200 @JonasKs )
• How to ensure only certain roles can access APIs, closing #117 ( #200 @JonasKs )
• No need for redirect URL #72 (comment), closed in #202 ( #202 @JonasKs )

Feat:

• Add support for WebSockets, closes #191, #155 ( #200 @JonasKs )

Fix:

• Empty raise, closes #192 ( #2020 @JonasKs )

Full Changelog: 4.4.0...5.0.0-rc0

4.4.0

What's Changed

• Migrate from python-jose to PyJWT by @dvdalilue in #194
  • This resolves GHSA-6c5p-j8vq-pqhj, thank you so much @dvdalilue.

Other

• chore(deps): bump actions/cache from 4.0.1 to 4.0.2 by @dependabot in #190
• chore(deps): bump peaceiris/actions-gh-pages from 3 to 4 by @dependabot in #193

New Contributors

• @dvdalilue made their first contribution in #194

Full Changelog: 4.3.1...4.4.0

4.3.1 - Minor fixes

What's Changed

• fix #180 change acct claim type from str to int by @copdips in #181
• chore(deps): bump actions/setup-python from 4 to 5 by @dependabot in #175
• chore(deps): bump actions/cache from 3.3.2 to 4.0.1 by @dependabot in #183
• chore(deps): bump codecov/codecov-action from 3 to 4 by @dependabot in #184
• Bump version by @JonasKs in #185

New Contributors

• @copdips made their first contribution in #181

Full Changelog: 4.3.0...4.3.1

4.3.0 - Small improvements and lots of documentation

What's Changed

• doc: add B2C user docs by @davidhuser in #140
• docs: rewrite single-tenant docs to be pydantic2 first by @JonasKs in #153
• chore(deps): bump actions/cache from 3.3.1 to 3.3.2 by @dependabot in #151
• chore(deps): bump actions/checkout from 3 to 4 by @dependabot in #152
• doc: add troubleshooting page with logging section by @davidhuser in #163
• doc: add example to call APIs via B2C by @davidhuser in #162
• parse auth_time as an int by @roman-van-der-krogt in #167
• Add scope to documentation by @nikstuckenbrock in #159
• configurable leeway by @mehtatejas in #165

New Contributors

• @roman-van-der-krogt made their first contribution in #167
• @nikstuckenbrock made their first contribution in #159
• @mehtatejas made their first contribution in #165

Full Changelog: 4.2.1...4.3.1

4.2.1 - Move dependencies

What's Changed

• move openapi-spec-validator and pydantic-settings to dev deps by @enadeau in #146

Full Changelog: 4.2.0...4.2.1

4.2.0 - Pydantic 2 support

What's Changed

• Add support for pydantic v2 by @enadeau in #144
• OpenApi schema test by @enadeau in #143
• fix: make tid and oid optional to allow User validation in B2C by @davidhuser in #145

New Contributors

• @davidhuser made their first contribution in #145

Full Changelog: 4.1.3...4.2.0

4.1.3 - Fix optional claims

What's Changed

• Fixed optional claims by @Bulga-xD and in #139

Full Changelog: 4.1.2...4.1.3

4.1.2 - Fix optional claims

What's Changed

• Documentation fixes by @enadeau in #134
• Fix optional claims by @Bulga-xD in #138

Full Changelog: 4.1.1...4.1.2