Django-oauth2-authcodeflow

Fixed
- redirect after total logout could happen with a GET (10)
- allow empty client secret (QE-625, gitlab 9)
Added
- User logged in signal doc example, thanks pinoatrome (github 16)
- Drop python 3.7, support python 3.12 and django 5

Fixed
- Fix timestamp-awareness inside `RefreshSession` and `RefreshAccessToken` middlewares

Changed
- Each log (debug, warning, error) is now correctly bound to the module name.
- Mypy 1.0
Added
- Added documentation and changelog urls for PyPI

Fixed
- Default value for `jwks` in `BearerAuthenticationBackend` should be dict, not a list.
- Fix blacklist expiration for token where seconds where used as hours
- Fix `_clear_cache` method in `CacheBaseView`: was not clearing the session correctly.
- Configuration cannot be updated when using unit tests. This is now fixed. No impact on lib usage.
- Respect the optional `fail` parameter of `login_required` decorator.
- Middlewares should not inherit depraceted `MiddlewareMixin`.
- If user does not exist on request, should not crash in `Oauth2MiddlewareMixin.is_oidc_enabled`.
Changed
- Allow to override `MIN_SECONDS` in `RefreshSessionMiddleware`.
- Use UTC time in `RefreshAccessTokenMiddleware`, `RefreshSessionMiddleware`.
Added
- `LoginRequiredMiddleware`
- Documentation about `login_required`
Removed
- `pytz` removed. `datetime.timezone.utc` is the only thing required.

Fixed
- urls listed in `OIDC_MIDDLEWARE_NO_AUTH_URL_PATTERNS` will not be tried on authentication in `auth.py`

Added
- Allow to specify `userinfo` and `id_token` individual claims to get along with the id token request if the OP supports it (Eric Plaster, mr !12).
Changed
- `OIDC_EXTEND_USER` callable can now takes a `request` and `access_token` as additional arguments (compatibility is assured).
- Migrate can raise an `IntegrityError` (ticket 7).
- All parameters that accept a function can also accept a dotted string to import the function.
- Migrate from `pipenv` to `poetry` system.