- Fixes W002 being displayed if you set the SITE_ID setting
- Fixes migration except for non-SQLite DBs
- Adds Django cache support for OIDC config/JWKS
- Django settings trump Constance settings always now
- Fixes microsoft.conf.config not using Constance in some cases
- Fixes Javascript typo
- Namespaces messages passed back as part of login
- Adds new setting for callback hook right before auth_callback view renders to override context data
- Adds example non-admin login form example in test site
- Renames admin_login.js and admin_login.css to just login.js and login.css
- Adds profile back as a default scope since Microsoft is added if it is not
- Adds support for multiple SITE_IDs. If the setting is not provided, it will pull it from the request object
- Adds new setting for callback hook after microsoft_auth.backends.MicrosoftAuthenticationBackend authenticates user.
- Removes profile from required scopes
- Replaces deprecated Microsoft auth scopes with proper OpenID Connect ones
- WARNING: Breaking change. New scopes provide a new user id. See migration docs for details.
- Pulls authorization/token URLs directly from Microsoft
- Adds id token validation
- Admin pages for the auth type that is not enable is disabled by default now. They can be re-enabled with MICROSOFT_AUTH_REGISTER_INACTIVE_ADMIN = True
- Extra scopes can be provieded via the MICROSOFT_AUTH_EXTRA_SCOPES setting (space delimited). These scopes are added to the default required scopes (openid email for Microsoft Auth and XboxLive.signin XboxLive.offline_access for Xbox Live auth)
- Adds expiration to state values (hardcoded 5 minutes)
- Changes state validation to use cryptographic signing now. State validation should be signfincally more relaible now.
- Adds more logging around CSRF/State failures
- Adds support for other tenant IDs for Microsoft authentication (thanks aviv)
- Adds missing migration for changing microsoft_id from 32 to 36 length
- Adds various checks and logging to validate setup to help with debugging
- Adds support for http://localhost as a redirect URI base if DEBUG is enabled
- Fixes Javascript message passing if using a non-standard port (something other than 80 or 443)
- Removes o365 option. New authorization URL works well enough for both
- Xbox Live Auth still uses old Microsoft Auth URL
- 'o365' will still work as a MICROSOFT_AUTH_LOGIN_TYPE value, but you should change it to 'ma'
- Adds extras:
- ql: DjangoQL package and support
- test: test dependencies (same as test_requires packages)
- dev: ql`+`test and extra dev only dependencies like twine and pip-tools
- Pip 10 support (thanks Shigumitsu!)
- Fixes max length of o365 IDs (thanks Shigumitsu!)
- Added patched username validator to allow spaces for usernames for Xbox Live Gamertags
- Added missing templates and static files to MANIFEST
- Updated Django category to include 2.0
- Updated for Django 2.0
- Changed Development Status category to Stable
- First release on PyPI.