Skip to content

Releases: indico/flask-multipass

v0.6

27 Nov 15:48
v0.6
Compare
Choose a tag to compare
  • Drop support for Python 3.8 (3.8 is EOL since Oct 2024)
  • Remove upper version pins of dependencies
  • Support friendly names for SAML assertions (set 'saml_friendly_names': True in the auth provider settings)
  • Include more verbose authentication data in IdentityRetrievalFailed exception details

v0.5.6

29 Oct 16:44
v0.5.6
9b56208
Compare
Choose a tag to compare
  • Reject invalid next URLs with backslashes that could be used to trick browsers into redirecting to an otherwise disallowed host when doing client-side redirects

v0.5.5

23 Aug 00:36
v0.5.5
Compare
Choose a tag to compare
  • Ensure only valid schemas (http and https) can be used when validating the next URL
  • Deprecate the flask_multipass.__version__ attribute

v0.5.4

30 Mar 11:29
v0.5.4
7dc4bcf
Compare
Choose a tag to compare
  • Skip LDAP users that do not have the specified uid attribute set instead of failing with an error

v0.5.3

07 Feb 15:16
v0.5.3
816bdbb
Compare
Choose a tag to compare
  • Skip LDAP group members that do not have the specified uid attribute set instead of failing with an error

v0.5.2

13 Dec 17:33
v0.5.2
Compare
Choose a tag to compare
  • Add ldap_or_authinfo identity provider which behaves exactly like the ldap provider, but if the user cannot be found in LDAP, it falls back to the data from the auth provider (typically Shibboleth)

v0.5.1

06 Oct 19:05
v0.5.1
Compare
Choose a tag to compare
  • Fix compatibility with Python 3.8 and 3.9

v0.5

02 Oct 17:42
v0.5
Compare
Choose a tag to compare
  • Drop support for Python 3.7 and older (3.7 is EOL since June 2023)
  • Declare explicit compatibility with Python 3.11
  • Support werkzeug 3.0
  • Fail more gracefully if Authlib (OIDC) login provider is down