We are thrilled to announce the release of: keystoneauth 5.12.0 This release is part of the flamingo release series. The source is available from: https://opendev.org/openstack/keystoneauth Download the package from: https://pypi.org/project/keystoneauth Please report issues through: https://bugs.launchpad.net/keystoneauth/+bugs For more details, please see below. 5.12.0 ^^^^^^ Upgrade Notes ************* * Support for Python 3.9 has been dropped. The minimum version of Python now supported in 3.10. Bug Fixes ********* * OIDC Device Authorization Flow: allow acquiring either an OIDC id_token or an OAuth access_token as some IDPs provide both (RFC8628 does not specify if ID tokens may be acquired). * [bug 2105891 (https://bugs.launchpad.net/keystoneauth/+bug/2105891)] This change prevents "client_id" from appearing more than once per request, fixing a previous 401 error with Okta. Credentials should either be in the auth header, POST body, or a "client_assertation" in the POST body. If the "client_secret" is set, it will be with "client_id" in the auth headers. If it is not, "client_id" will be added to the payload. Changes in keystoneauth 5.11.1..5.12.0 -------------------------------------- 18b42cc Add required fields for EntraID OidcDeviceAuth d24d025 Allow os-access-token-type for device auth 1986be2 Allow missing verification_uri_complete for OidcDeviceAuth ae1afe8 Migrate setup configuration to pyproject.toml 13ab55f Bump Python version used for linters to 3.10 5842dd5 Add .git-blame-ignore-revs file f2e4be0 Drop logic for requests<2.4.1 ec28703 Bump Python version used for linters to 3.9 1c1de17 Drop support for Python 3.9 dbf925a Remove client_id from OIDC payload Diffstat (except docs and test files) ------------------------------------- .git-blame-ignore-revs | 4 + keystoneauth1/_fair_semaphore.py | 9 +- keystoneauth1/_utils.py | 29 ++- keystoneauth1/access/access.py | 204 +++++++++----------- keystoneauth1/access/service_catalog.py | 100 +++++----- keystoneauth1/access/types.py | 2 +- keystoneauth1/adapter.py | 79 ++++---- keystoneauth1/discover.py | 214 +++++++++++---------- keystoneauth1/exceptions/base.py | 3 +- keystoneauth1/exceptions/discovery.py | 3 +- keystoneauth1/exceptions/http.py | 32 ++- keystoneauth1/extras/_saml2/_loading.py | 5 +- keystoneauth1/extras/_saml2/v3/adfs.py | 19 +- keystoneauth1/extras/_saml2/v3/base.py | 20 +- keystoneauth1/extras/_saml2/v3/saml2.py | 40 ++-- keystoneauth1/extras/kerberos/__init__.py | 46 ++--- keystoneauth1/extras/kerberos/_loading.py | 4 +- keystoneauth1/extras/oauth1/_loading.py | 3 +- keystoneauth1/extras/oauth1/v3.py | 20 +- keystoneauth1/http_basic.py | 10 +- keystoneauth1/identity/access.py | 3 +- keystoneauth1/identity/base.py | 86 ++++----- keystoneauth1/identity/generic/base.py | 45 +++-- keystoneauth1/identity/generic/password.py | 45 +++-- keystoneauth1/identity/generic/token.py | 31 ++- keystoneauth1/identity/v2.py | 38 ++-- .../identity/v3/application_credential.py | 56 +++--- keystoneauth1/identity/v3/base.py | 62 +++--- keystoneauth1/identity/v3/federation.py | 17 +- keystoneauth1/identity/v3/k2k.py | 17 +- keystoneauth1/identity/v3/multi_factor.py | 16 +- .../identity/v3/oauth2_client_credential.py | 22 +-- .../identity/v3/oauth2_mtls_client_credential.py | 19 +- keystoneauth1/identity/v3/oidc.py | 211 ++++++++++---------- keystoneauth1/identity/v3/password.py | 44 ++--- keystoneauth1/identity/v3/receipt.py | 4 +- keystoneauth1/identity/v3/token.py | 20 +- keystoneauth1/identity/v3/tokenless_auth.py | 18 +- keystoneauth1/identity/v3/totp.py | 44 ++--- keystoneauth1/loading/_plugins/admin_token.py | 3 +- keystoneauth1/loading/_plugins/http_basic.py | 3 +- keystoneauth1/loading/_plugins/identity/generic.py | 5 +- keystoneauth1/loading/_plugins/identity/v2.py | 5 +- keystoneauth1/loading/_plugins/identity/v3.py | 29 ++- keystoneauth1/loading/_plugins/noauth.py | 3 +- keystoneauth1/loading/adapter.py | 16 +- keystoneauth1/loading/base.py | 4 +- keystoneauth1/loading/cli.py | 4 +- keystoneauth1/loading/conf.py | 4 +- keystoneauth1/loading/opts.py | 14 +- keystoneauth1/loading/session.py | 28 ++- keystoneauth1/noauth.py | 2 +- keystoneauth1/plugin.py | 46 +++-- keystoneauth1/service_token.py | 16 +- keystoneauth1/session.py | 159 +++++++-------- keystoneauth1/token_endpoint.py | 10 +- pyproject.toml | 88 ++++++++- ...ss-token-type-device-auth-536c6d2b708e9b1f.yaml | 6 + .../notes/bug-2105891-92c33eb445d55c72.yaml | 10 + .../notes/drop-python-39-cb01f8d8ce6dc278.yaml | 5 + setup.cfg | 70 ------- 63 files changed, 1074 insertions(+), 1119 deletions(-)