7.2.0

What's Changed

• PD-103 Python 3.13 + run deptry by @paulineribeyre in #94

Full Changelog: 7.1.1...7.2.0

7.1.1

Release Notes

For: uc-cdis/authutils

Notes since tag: 7.1.0

Notes to tag/commit: 7.1.1

Generated: 2025-11-06

Dependency Updates

• authlib >= 1.6.5 (#91)

7.1.0

What's Changed

• Fastapi force issuer by @grugna in #84
• Update authlib version by @jacob50231 in #89

Full Changelog: 7.0.0...7.1.0

7.0.0

What's Changed

• PPS-2007 PPS-2012 No token audience check by @paulineribeyre in #87

New Features

• The audience aud field of JWT tokens is not validated anymore. The validation of which Gen3 instance a token is meant for is already done by using the issuer iss field to get public keys and verify the signature.

Breaking Changes

• The audience aud field of JWT tokens is not validated anymore.

Bug Fixes

• Fix "Authentication Error: Audience doesn't match" errors in Gen3 services (such as Sheepdog and Peregrine) running in a local Helm instance. The tokens' "audience" set by Fence (typically the BASE_URL setting "https://hostname/user") did not match the "audience" used by the services (typically the USER_API setting "http://fence-service").

Full Changelog: 6.2.7...7.0.0

6.2.7: Merge pull request #81 from uc-cdis/ao-cryptography-bump

Release Notes

For: uc-cdis/authutils

Notes since tag: 6.2.6

Notes to tag/commit: 254d225

Generated: 2025-04-07

Dependency Updates

• Bump cryptography from 41.0.6 to 44.0.1 (#81)

6.2.6

Release Notes

For: uc-cdis/authutils

Notes since tag: 6.2.5

Notes to tag/commit: 6.2.6

Generated: 2025-01-09

Improvements

• Support client_credentials tokens: do not assume tokens have a 'sub' field
  (#79)

6.2.5

Release Notes

For: uc-cdis/authutils

Notes since tag: 6.2.4

Notes to tag/commit: 6.2.5

Generated: 2024-06-14

Improvements

• Add debug log when the authorization header cannot be parsed (#78)

Bump cryptography

Release Notes

For: uc-cdis/authutils

Notes since tag: 6.2.3

Notes to tag/commit: bf19dbf

Generated: 2024-02-05

Dependency Updates

• Bump cryptography from 41.0.4 to 41.0.6 (#76)

Update Authlib to latest version

Release Notes

For: uc-cdis/authutils

Notes since tag: 6.2.2

Notes to tag/commit: 6.2.3

Generated: 2023-10-10

Dependency Updates

• Authlib updated to >1.1.0
• Flask version updated to < 2.3.3
• pytest-flask updated to >1.2.0

6.2.2

Release Notes

For: uc-cdis/authutils

Notes since tag: 6.2.1

Notes to tag/commit: 6.2.2

Generated: 2022-11-03

Improvements

• Handle FORCE_ISSUER in get_keys_url() (#66)
• Removing Veracode scanning pipeline (#68, #69)
• install poetry using pip, curl method no longer available due to
  deprecation (#67)