Hello community,
here is the log from the commit of package python-adal for openSUSE:Factory checked in at 2019-11-04 17:03:38
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-adal (Old)
and /work/SRC/openSUSE:Factory/.python-adal.new.2990 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-adal"
Mon Nov 4 17:03:38 2019 rev:6 rq:735649 version:1.2.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-adal/python-adal.changes 2019-04-19 18:37:17.455101483 +0200
+++ /work/SRC/openSUSE:Factory/.python-adal.new.2990/python-adal.changes 2019-11-04 17:03:40.644086200 +0100
@@ -1,0 +2,9 @@
+Fri Oct 4 12:10:38 UTC 2019 - John Paul Adrian Glaubitz
+
+- New upstream release
+ + Version 1.2.2
+ + For detailed information about changes see the
+ HISTORY.txt file provided with this package
+- Update HISTORY.txt from github releases page
+
+-------------------------------------------------------------------
Old:
----
adal-1.2.1.tar.gz
New:
----
adal-1.2.2.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-adal.spec ++++++
--- /var/tmp/diff_new_pack.FChVXg/_old 2019-11-04 17:03:41.344086948 +0100
+++ /var/tmp/diff_new_pack.FChVXg/_new 2019-11-04 17:03:41.344086948 +0100
@@ -18,7 +18,7 @@
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
Name: python-adal
-Version: 1.2.1
+Version: 1.2.2
Release: 0
Summary: Azure Active Directory library
License: MIT
++++++ HISTORY.txt ++++++
--- /var/tmp/diff_new_pack.FChVXg/_old 2019-11-04 17:03:41.376086982 +0100
+++ /var/tmp/diff_new_pack.FChVXg/_new 2019-11-04 17:03:41.376086982 +0100
@@ -1,3 +1,57 @@
+ADAL Python 1.2.2
+
+ Adjust the public cert input to accept a pem-format content with or without those -----BEGIN CERTIFICATE----- tag lines. (#199, #207)
+ Change the default logging level from INFO to DEBUG (#197, #200, #122). There is also a canonical way to customize python logging, documented in our wiki now.
+
+ADAL Python 1.2.1
+
+ Enhancement: Added support for WSS SAML1.1 and 2 token types (#186, #187 )
+ Updated requirements.txt to pick up the vulnerability fix included in requests 2.20.0 (#179 )
+
+ADAL Python 1.2.0
+
+ Enhancement: Added support for Subject Name / Issuer authentication (#173)
+
+ADAL Python 1.1.0
+
+ Enhancement: Added whitelisted domains for dSTS (#164)
+
+ADAL Python 1.0.2
+
+ Fixes incorrect cache operation in authorization code flow (#161). The issue was observed in previous version 0.6.0, 0.7.0, 1.0.0, 1.0.1.
+
+ADAL Python 1.0.1
+
+ Relaxed authority url check (#156,#157)
+ We discovered and fixed an incorrect cache behavior in 0.6.0, 0.7.0, 1.0.0, 1.0.1. Please upgrade to 1.0.2 or later.
+
+ADAL Python 1.0.0
+
+ This release includes a breaking change which we have planned for more than 1 year.
+ The default value of api_version parameter in the AuthenticationContext constructor has been changed from "1.0" to None. You can still explicitly set it to "1.0" to maintain the old behavior, if needed. (See details in #137)
+ This release is otherwise exactly the same as 0.7.0. If you do not want this new behavior, you can pin your environment with 0.7.0. Going forward, new development will happen in 1.x series.
+ We discovered and fixed an incorrect cache behavior in 0.6.0, 0.7.0, 1.0.0, 1.0.1. Please upgrade to 1.0.2 or later.
+
+ADAL Python 0.7.0
+
+ Enhancement: Added authorization code flow support for public clients (#149)
+ Enhancement: Added Proof Key for Code Exchange (PKCE) support in authorization code flow for public clients (#150)
+ Enhancement: Raises a value error when the authority url is not in the expected format (#126, #151)
+ We discovered and fixed an incorrect cache behavior in 0.6.0, 0.7.0, 1.0.0, 1.0.1. Please upgrade to 1.0.2 or later.
+
+ADAL Python 0.6.0
+
+ Enhancement: Added token cache support for auth code flow (#138 )
+ Enhancement: Added parameters to AuthenticationContext to support ssl verification and proxies (#142 )
+ We discovered and fixed an incorrect cache behavior in 0.6.0, 0.7.0, 1.0.0, 1.0.1. Please upgrade to 1.0.2 or later.
+
+ADAL Python 0.5.1
+
+ Enhancement: Add a new parameter in the AuthenticationContext to turn on Personally Identifiable Information (PII) in logs. (#124)
+ Enhancement: Acquiring token via WSTrust will also have timeout behavior now. (#121, #125)
+ Bugfix: Previously ADAL Python had some issue when the Azure AD tenant is federated with an on-prem AD. Now fixed. (#80, #120)
+ Enhancement: Handle rare multithread racing issue observed when using profiler (#123, #128)
+
ADAL Python 0.5.0
Enhancement: Add a new parameter in the AuthenticationContext to pass requests (connect,read) timeout parameters. (#112)
++++++ adal-1.2.1.tar.gz -> adal-1.2.2.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/adal-1.2.1/PKG-INFO new/adal-1.2.2/PKG-INFO
--- old/adal-1.2.1/PKG-INFO 2019-01-25 02:31:09.000000000 +0100
+++ new/adal-1.2.2/PKG-INFO 2019-07-04 01:07:13.000000000 +0200
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: adal
-Version: 1.2.1
+Version: 1.2.2
Summary: The ADAL for Python library makes it easy for python application to authenticate to Azure Active Directory (AAD) in order to access AAD protected web resources.
Home-page: https://github.com/AzureAD/azure-activedirectory-library-for-python
Author: Microsoft Corporation
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/adal-1.2.1/README.md new/adal-1.2.2/README.md
--- old/adal-1.2.1/README.md 2019-01-25 02:30:39.000000000 +0100
+++ new/adal-1.2.2/README.md 2019-07-04 01:06:43.000000000 +0200
@@ -4,7 +4,7 @@
--------------------|-----------------|---------------
[](https://travis-ci.org/AzureAD/azure-activedirectory-library-for-python) | [](https://travis-ci.org/AzureAD/azure-activedirectory-library-for-python) | [](https://adal-python.readthedocs.io/en/latest/?badge=latest)
-|[Getting Started](https://github.com/AzureAD/azure-activedirectory-library-for-python/wiki)| [Docs](https://aka.ms/aaddev)| [Samples](https://github.com/azure-samples?query=active-directory)| [Support](README.md#community-help-and-support)
+|[Getting Started](https://github.com/AzureAD/azure-activedirectory-library-for-python/wiki)| [Docs](https://aka.ms/aaddev)| [Python Samples](https://github.com/Azure-Samples?q=active-directory&language=python)| [Support](README.md#community-help-and-support)
| --- | --- | --- | --- |
@@ -17,7 +17,9 @@
You can find the steps to install and basic usage of the library under [ADAL Basics](https://github.com/AzureAD/azure-activedirectory-library-for-python/wiki/ADA...) page in the Wiki.
## Samples and Documentation
-We provide a full suite of [sample applications on GitHub](https://github.com/azure-samples?utf8=%E2%9C%93&q=active-directory&type=&language=) to help you get started with learning the Azure Identity system. This includes tutorials for native clients and web applications. We also provide full walkthroughs for authentication flows such as OAuth2, OpenID Connect and for calling APIs such as the Graph API.
+We provide a full suite of [Python sample applications on GitHub](https://github.com/Azure-Samples?q=active-directory&language=python) to help you get started with learning the Azure Identity system. This will include tutorials for native clients and web applications. We also provide full walkthroughs for authentication flows such as OAuth2, OpenID Connect and for calling APIs such as the Graph API.
+
+There are also some [lightweight samples existing inside this repo](https://github.com/AzureAD/azure-activedirectory-library-for-python/tree/dev...).
You can find the relevant samples by scenarios listed in this [wiki page for acquiring tokens using ADAL Python](https://github.com/AzureAD/azure-activedirectory-library-for-python/wiki/Acq...).
@@ -25,19 +27,19 @@
## Versions
-This library follows [Semantic Versioning](http://semver.org/).
+This library follows [Semantic Versioning](https://semver.org/).
You can find the changes for each version under [Releases](https://github.com/AzureAD/azure-activedirectory-library-for-python/releases).
## Community Help and Support
-We leverage [Stack Overflow](http://stackoverflow.com/) to work with the community on supporting Azure Active Directory and its SDKs, including this one! We highly recommend you ask your questions on Stack Overflow (we're all on there!) Also browser existing issues to see if someone has had your question before.
+We leverage [Stack Overflow](https://stackoverflow.com/) to work with the community on supporting Azure Active Directory and its SDKs, including this one! We highly recommend you ask your questions on Stack Overflow (we're all on there!) Also browser existing issues to see if someone has had your question before.
-We recommend you use the "adal" tag so we can see it! Here is the latest Q&A on Stack Overflow for ADAL: [http://stackoverflow.com/questions/tagged/adal](http://stackoverflow.com/questions/tagged/adal)
+We recommend you use the "adal" tag so we can see it! Here is the latest Q&A on Stack Overflow for ADAL: [https://stackoverflow.com/questions/tagged/adal](https://stackoverflow.com/questions/tagged/adal)
## Security Reporting
-If you find a security issue with our libraries or services please report it to [secure@microsoft.com](mailto:secure@microsoft.com) with as much detail as possible. Your submission may be eligible for a bounty through the [Microsoft Bounty](http://aka.ms/bugbounty) program. Please do not post security issues to GitHub Issues or any other public site. We will contact you shortly upon receiving the information. We encourage you to get notifications of when security incidents occur by visiting [this page](https://technet.microsoft.com/en-us/security/dd252948) and subscribing to Security Advisory Alerts.
+If you find a security issue with our libraries or services please report it to [secure@microsoft.com](mailto:secure@microsoft.com) with as much detail as possible. Your submission may be eligible for a bounty through the [Microsoft Bounty](https://aka.ms/bugbounty) program. Please do not post security issues to GitHub Issues or any other public site. We will contact you shortly upon receiving the information. We encourage you to get notifications of when security incidents occur by visiting [this page](https://technet.microsoft.com/en-us/security/dd252948) and subscribing to Security Advisory Alerts.
## Contributing
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/adal-1.2.1/adal/__init__.py new/adal-1.2.2/adal/__init__.py
--- old/adal-1.2.1/adal/__init__.py 2019-01-25 02:30:39.000000000 +0100
+++ new/adal-1.2.2/adal/__init__.py 2019-07-04 01:06:43.000000000 +0200
@@ -27,7 +27,7 @@
# pylint: disable=wrong-import-position
-__version__ = '1.2.1'
+__version__ = '1.2.2'
import logging
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/adal-1.2.1/adal/authentication_context.py new/adal-1.2.2/adal/authentication_context.py
--- old/adal-1.2.1/adal/authentication_context.py 2019-01-25 02:30:39.000000000 +0100
+++ new/adal-1.2.2/adal/authentication_context.py 2019-07-04 01:06:43.000000000 +0200
@@ -181,7 +181,7 @@
def acquire_token_with_authorization_code(self, authorization_code,
redirect_uri, resource,
client_id, client_secret=None, code_verifier=None):
- '''Gets a token for a given resource via auhtorization code for a
+ '''Gets a token for a given resource via authorization code for a
server app.
:param str authorization_code: An authorization code returned from a
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/adal-1.2.1/adal/authority.py new/adal-1.2.2/adal/authority.py
--- old/adal-1.2.1/adal/authority.py 2019-01-25 02:30:39.000000000 +0100
+++ new/adal-1.2.2/adal/authority.py 2019-07-04 01:06:43.000000000 +0200
@@ -78,7 +78,12 @@
path_parts = [part for part in self._url.path.split('/') if part]
if (len(path_parts) > 1) and (not self._whitelisted()): #if dsts host, path_parts will be 2
- raise ValueError("The authority url must be of the format https://login.microsoftonline.com/your_tenant")
+ raise ValueError(
+ "The path of authority_url (also known as tenant) is invalid, "
+ "it should either be a domain name (e.g. mycompany.onmicrosoft.com) "
+ "or a tenant GUID id. "
+ 'Your tenant input was "%s" and your entire authority_url was "%s".'
+ % ('/'.join(path_parts), self._url.geturl()))
elif len(path_parts) == 1:
self._url = urlparse(self._url.geturl().rstrip('/'))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/adal-1.2.1/adal/self_signed_jwt.py new/adal-1.2.2/adal/self_signed_jwt.py
--- old/adal-1.2.1/adal/self_signed_jwt.py 2019-01-25 02:30:39.000000000 +0100
+++ new/adal-1.2.2/adal/self_signed_jwt.py 2019-07-04 01:06:43.000000000 +0200
@@ -64,6 +64,21 @@
if len(segments) < 3 or not segments[2]:
raise AdalError('Failed to sign JWT. This is most likely due to an invalid certificate.')
+def _extract_certs(public_cert_content):
+ # Parses raw public certificate file contents and returns a list of strings
+ # Usage: headers = {"x5c": extract_certs(open("my_cert.pem").read())}
+ public_certificates = re.findall(
+ r'-----BEGIN CERTIFICATE-----(?P[^-]+)-----END CERTIFICATE-----',
+ public_cert_content, re.I)
+ if public_certificates:
+ return [cert.strip() for cert in public_certificates]
+ # The public cert tags are not found in the input,
+ # let's make best effort to exclude a private key pem file.
+ if "PRIVATE KEY" in public_cert_content:
+ raise ValueError(
+ "We expect your public key but detect a private key instead")
+ return [public_cert_content.strip()]
+
class SelfSignedJwt(object):
NumCharIn128BitHexString = 128/8*2
@@ -82,7 +97,7 @@
x5t = _create_x5t_value(thumbprint)
header = {'typ':'JWT', 'alg':'RS256', 'x5t':x5t}
if public_certificate:
- header['x5c'] = public_certificate
+ header['x5c'] = _extract_certs(public_certificate)
self._log.debug("Creating self signed JWT header. x5t: %(x5t)s, x5c: %(x5c)s",
{"x5t": x5t, "x5c": public_certificate})
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/adal-1.2.1/adal/token_cache.py new/adal-1.2.2/adal/token_cache.py
--- old/adal-1.2.1/adal/token_cache.py 2019-01-25 02:30:39.000000000 +0100
+++ new/adal-1.2.2/adal/token_cache.py 2019-07-04 01:06:43.000000000 +0200
@@ -52,6 +52,9 @@
_string_cmp(self.client_id, other.client_id) and \
_string_cmp(self.user_id, other.user_id)
+ def __ne__(self, other):
+ return not self == other
+
# pylint: disable=protected-access
def _get_cache_key(entry):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/adal-1.2.1/adal/token_request.py new/adal-1.2.2/adal/token_request.py
--- old/adal-1.2.1/adal/token_request.py 2019-01-25 02:30:39.000000000 +0100
+++ new/adal-1.2.2/adal/token_request.py 2019-07-04 01:06:43.000000000 +0200
@@ -26,7 +26,6 @@
#------------------------------------------------------------------------------
from base64 import b64encode
-import re
from . import constants
from . import log
@@ -257,18 +256,14 @@
username, password)
@staticmethod
def _parse_wstrust_version_from_federation_active_authurl(federation_active_authurl):
- wstrust2005_regex = r'[/trust]?[2005][/usernamemixed]?'
- wstrust13_regex = r'[/trust]?[13][/usernamemixed]?'
-
- if re.search(wstrust2005_regex, federation_active_authurl):
+ if '/trust/2005/usernamemixed' in federation_active_authurl:
return WSTrustVersion.WSTRUST2005
- elif re.search(wstrust13_regex, federation_active_authurl):
+ if '/trust/13/usernamemixed' in federation_active_authurl:
return WSTrustVersion.WSTRUST13
-
return WSTrustVersion.UNDEFINED
def get_token_with_username_password(self, username, password):
- self._log.info("Acquiring token with username password.")
+ self._log.debug("Acquiring token with username password.")
self._user_id = username
try:
token = self._find_token_from_cache()
@@ -301,7 +296,7 @@
return token
def get_token_with_client_credentials(self, client_secret):
- self._log.info("Getting token with client credentials.")
+ self._log.debug("Getting token with client credentials.")
try:
token = self._find_token_from_cache()
if token:
@@ -347,7 +342,7 @@
return self._get_token_with_refresh_token(refresh_token, None, client_secret)
def get_token_from_cache_with_refresh(self, user_id):
- self._log.info("Getting token from cache with refresh if necessary.")
+ self._log.debug("Getting token from cache with refresh if necessary.")
self._user_id = user_id
return self._find_token_from_cache()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/adal-1.2.1/adal/util.py new/adal-1.2.2/adal/util.py
--- old/adal-1.2.1/adal/util.py 2019-01-25 02:30:39.000000000 +0100
+++ new/adal-1.2.2/adal/util.py 2019-07-04 01:06:43.000000000 +0200
@@ -74,7 +74,7 @@
def log_return_correlation_id(log, operation_message, response):
if response and response.headers and response.headers.get('client-request-id'):
- log.info("{} Server returned this correlation_id: {}".format(
+ log.debug("{} Server returned this correlation_id: {}".format(
operation_message,
response.headers['client-request-id']))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/adal-1.2.1/adal.egg-info/PKG-INFO new/adal-1.2.2/adal.egg-info/PKG-INFO
--- old/adal-1.2.1/adal.egg-info/PKG-INFO 2019-01-25 02:31:09.000000000 +0100
+++ new/adal-1.2.2/adal.egg-info/PKG-INFO 2019-07-04 01:07:13.000000000 +0200
@@ -1,6 +1,6 @@
Metadata-Version: 1.1
Name: adal
-Version: 1.2.1
+Version: 1.2.2
Summary: The ADAL for Python library makes it easy for python application to authenticate to Azure Active Directory (AAD) in order to access AAD protected web resources.
Home-page: https://github.com/AzureAD/azure-activedirectory-library-for-python
Author: Microsoft Corporation
