- The ``instagram`` provider now extracts the user's full name.
- New provider: NextCloud (OAuth2)
- Added an ``SDK_URL`` setting for customizing the loading of the Facebook JavaScript SDK.
- Updated Twitch provider to use new authentication endpoints (``https://id.twitch.tv``) over deprecated v5 endpoints (``https://api.twitch.tv/kraken``)
- Added support for Patreon API v2, with API v1 set as default for backwards compatibility.
- ``Twitch``: The new API's profile data is different in both structure and content than the old V5 endpoint. Any project that relies on data from ``SocialAccount.extra_data`` should refer to the new API user endpoint documentation: https://dev.twitch.tv/docs/api/reference/get-users
0.39.1
*******************
Note worthy changes -------------------
- The ``linkedin_oauth2`` provider now gracefully deals with old V1 data that might still be present in ``SocialAccount.extra_data``.
- ``linkedin_oauth2``: As the LinkedIn V1 API is deprecated, the user info endpoint has been moved over to use the API V2. The format of the user ``extra_data`` is different and the profile picture is absent by default.
0.38.0
*******************
Security notice ---------------
The ``{% user_display user %}`` tag did not escape properly. Depending on the username validation rules, this could lead to XSS issues.
- Dropped the ``x-li-src: msdk`` headers from the ``linkedin_oauth2`` handshake. This header is only required for mobile tokens, and breaks the regular flow. Use the ``HEADERS`` setting to add this header if you need it.
0.37.0
*******************
Note worthy changes -------------------
- The Battle.net login backend now recognizes ``apac`` as a valid region.
- User model using a ``UUIDField`` as it's primary key can now be logged in upon email confirmation (if using ``ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION``).