		Metadata-Version: 2.4
		Name: Authlib
		Version: 1.6.2
		Version: 1.6.3
		Summary: The ultimate Python library in building OAuth and OpenID Connect servers and clients.
		@@ -5,0 +5,0 @@ Author-email: Hsiaoming Yang <me@lepture.com>

+1

-1

authlib/consts.py

		name = "Authlib"
		version = "1.6.2"
		version = "1.6.3"
		author = "Hsiaoming Yang <me@lepture.com>"
		@@ -4,0 +4,0 @@ homepage = "https://authlib.org"

+4

-0

authlib/integrations/sqla_oauth2/client_mixin.py

		@@ -113,2 +113,6 @@ import secrets

		@property
		def id_token_signed_response_alg(self):
		return self.client_metadata.get("id_token_signed_response_alg")

		def get_client_id(self):
		@@ -115,0 +119,0 @@ return self.client_id

+13

-2

authlib/oidc/core/grants/code.py

		@@ -25,4 +25,8 @@ """authlib.oidc.core.grants.code.
		"""Get the JWT configuration for OpenIDCode extension. The JWT
		configuration will be used to generate ``id_token``. Developers
		MUST implement this method in subclass, e.g.::
		configuration will be used to generate ``id_token``.
		If ``alg`` is undefined, the ``id_token_signed_response_alg`` client
		metadata will be used. By default ``RS256`` will be used.
		If ``key`` is undefined, the ``jwks_uri`` or ``jwks`` client metadata
		will be used.
		Developers MUST implement this method in subclass, e.g.::

		@@ -81,2 +85,9 @@ def get_jwt_config(self, grant):

		# Per OpenID Connect Registration 1.0 Section 2:
		# Use client's id_token_signed_response_alg if specified
		if not config.get("alg") and (
		client_alg := request.client.id_token_signed_response_alg
		):
		config["alg"] = client_alg

		if authorization_code:
		@@ -83,0 +94,0 @@ config["nonce"] = authorization_code.get_nonce()

+21

-0

authlib/oidc/core/grants/implicit.py

		@@ -7,2 +7,3 @@ import logging
		from authlib.oauth2.rfc6749 import OAuth2Error
		from authlib.oauth2.rfc6749.errors import InvalidRequestError
		from authlib.oauth2.rfc6749.hooks import hooked
		@@ -152,2 +153,22 @@

		# Per OpenID Connect Registration 1.0 Section 2:
		# Use client's id_token_signed_response_alg if specified
		if not config.get("alg") and (
		client_alg := self.request.client.id_token_signed_response_alg
		):
		if client_alg == "none":
		# According to oidc-registration §2 the 'none' alg is not valid in
		# implicit flows:
		# The value none MUST NOT be used as the ID Token alg value unless
		# the Client uses only Response Types that return no ID Token from
		# the Authorization Endpoint (such as when only using the
		# Authorization Code Flow).
		raise InvalidRequestError(
		"id_token must be signed in implicit flows",
		redirect_uri=self.request.payload.redirect_uri,
		redirect_fragment=True,
		)

		config["alg"] = client_alg

		user_info = self.generate_user_info(self.request.user, token["scope"])
		@@ -154,0 +175,0 @@ id_token = generate_id_token(token, user_info, **config)

+1

-1

PKG-INFO

		Metadata-Version: 2.4
		Name: Authlib
		Version: 1.6.2
		Version: 1.6.3
		Summary: The ultimate Python library in building OAuth and OpenID Connect servers and clients.
		@@ -5,0 +5,0 @@ Author-email: Hsiaoming Yang <me@lepture.com>

+7

-1

pyproject.toml

		@@ -50,5 +50,7 @@ [build-system]
		"cryptography",
		"pre-commit-uv>=4.1.4",
		"diff-cover>=9.6.0",
		"prek>=0.1.3",
		"pytest",
		"pytest-asyncio",
		"pytest-env",
		"tox-uv >= 1.16.0",
		@@ -124,2 +126,6 @@ ]
		norecursedirs = ["authlib", "build", "dist", "docs", "htmlcov"]
		pythonpath = ["."]
		env = [
		"DJANGO_SETTINGS_MODULE = tests.django_settings",
		]

		@@ -126,0 +132,0 @@ [tool.coverage.run]

authlib - pypi Package Compare versions

Improved metrics