Skip to content

Releases: snok/django-auth-adfs

1.3.0

01 Nov 20:01
@jobec jobec
1.3.0
d5d4a28

Choose a tag to compare

View all tags
1.3.0

NOTE: From this release onwards, compatibility with python 2.7 and 3.4 is not guaranteed anymore.

Removed

  • Python 2.7 and 3.4 tests
  • Django Rest Framework 3.7 tests

Changed

  • The URLs file to override the django rest framework login (drf-urls.py), was not a valid python module name.
    It was changed to drf_urls.py. Th old name is still there but will be removed in a next release.

Added

  • Added setting SETTINGS_CLASS, defaulting to
    django_auth_adfs.config.Settings. This provides a mechanism to load the
    AUTH_ADFS config from sources other than Django settings.
  • Python 3.8 tests
  • Django Rest Framework 3.10 tests
Loading

1.2.0

02 Mar 12:29
@jobec jobec
1.2.0
24f5f77

Choose a tag to compare

View all tags
1.2.0

Removed

  • Django 1.8, 1.9 and 1.10 support. They are end of extended support and keeping support for them was becoming too
    complex.

Fixed

  • The django templates were missing in the wheel
Loading

1.1.2

11 Dec 09:21
@jobec jobec
1.1.2
ffa157b

Choose a tag to compare

View all tags
1.1.2

Added

  • Added views to selectively disable SSO for login links

Fixed

  • Existing users with an empty password raised an exception
Loading

1.1.1

07 Dec 21:59
@jobec jobec
1.1.1
635ce5d

Choose a tag to compare

View all tags
1.1.1

Added

  • Add a setting to force a login screen and disable SSO on ADFS.
  • Documentation about how to enable SSO for other browsers than IE & Edge.

Fixed

  • Prevent username field from being overwritten by a claim mapping.
  • Prevent traceback upon logout when ADFS config is not yet loaded.
  • Fix fields in log messages being swapped.

Security

  • Don't allow the audience claim to be ignored. Preventing access token reuse.
  • Set an unusable password on newly created user instead of leaving it empty.
Loading

1.1.0

07 Dec 21:44
@jobec jobec
1.1.0
6350a3d

Choose a tag to compare

View all tags
1.1.0
Loading

1.0.0

05 Dec 20:45
@jobec jobec
1.0.0
bbe34d2

Choose a tag to compare

View all tags
1.0.0

This version contains backwards incompatible changes. Make sure to read the entire release notes

Added

  • Windows 2016 (a.k.a. ADFS 4.0) Support
  • AzureAD support (check the setting TENANT_ID)
  • Django Rest Framework support.
  • Add a RETRIES and TIMEOUT setting for requests towards the ADFS server.
  • Add the CLIENT_SECRET setting to support client secrets in the OAuth2 Flow.
  • Users are now redirected back to the page that triggered the login instead of the main page.
  • Groups a user belongs to can now be automatically created in Django (check the MIRROR_GROUPS setting)

Changed

  • Django 2.1 support
  • All settings that can be determined automatically are now set automatically
  • When a claim mapped to a non-required field in the user model is missing,
    a warning is logged instead of an exception raised

Incompatible changes

  • Because of the login and logout views that were added, the redirect URI back from ADFS should
    now point to /oauth2/callback. Keeping it at /oauth2/login would have caused a potential redirect loop.

Deprecated

  • these settings are now loaded from ADFS metadata automatically and have been deprecated:

    • AUTHORIZE_PATH
    • LOGIN_REDIRECT_URL
    • ISSUER
    • REDIR_URI
    • SIGNING_CERT
    • TOKEN_PATH
Loading