Flask-azure-oauth

Changed

* Dependency updates

Changed [BREAKING!]

* Flask 2.x required (due to changes to Flask's HTTP Exception signature)
[29](https://gitlab.data.bas.ac.uk/web-apps/flask-extensions/flask-azure-oauth/-/issues/29)
* Relicensing project under the MIT licence (from the UK Open Government Licence)
[31](https://gitlab.data.bas.ac.uk/web-apps/flask-extensions/flask-azure-oauth/-/issues/31)

Added

* Examples of using the `current_token` proxy provided by AuthLib
* Flake8 linters
[34](https://gitlab.data.bas.ac.uk/web-apps/flask-extensions/flask-azure-oauth/-/issues/34)
* Upgrading dependencies, including Flask and Authlib (but only to latest 0.14.x release)
[29](https://gitlab.data.bas.ac.uk/web-apps/flask-extensions/flask-azure-oauth/-/issues/29)

Changed

* Updated example application to use updated `msal` methods
[36](https://gitlab.data.bas.ac.uk/web-apps/flask-extensions/flask-azure-oauth/-/issues/36)
* Switched to Poetry for local development environments
[30](https://gitlab.data.bas.ac.uk/web-apps/flask-extensions/flask-azure-oauth/-/issues/30)
* Switched to `src/` package directory layout
[32](https://gitlab.data.bas.ac.uk/web-apps/flask-extensions/flask-azure-oauth/-/issues/32)
* Updating CI/CD configuration
[33](https://gitlab.data.bas.ac.uk/web-apps/flask-extensions/flask-azure-oauth/-/issues/33)

Changed [BREAKING!]

* Refactored classes for creating test JWKS and JWTs to a `flask_azure_oauth.mocks` module
* Refactored references to the `TestJwks` class from non-test objects, patching during tests should now be used instead

Added

* Support for access tokens from the Flask session (using `access_token` as a key)
* Minimal support for custom signing keys (app specific JWKS)
* Example applications for internally verifying the behaviour of the provider against real application registrations

Fixed

* Typo in 'invalid token signature' exception detail
* Correcting invalid `token.dumps()` calls in README examples
* Support for version 1.0 tokens (issuer and audience claim values)

Changed

* `AZURE_OAUTH_CLIENT_APPLICATION_IDS` option and `azp` claim checking made optional
* Updating GitLab CI/CD

Added

* Unit test JUnit support for use in GitLab CI

Fixed

* Token introspection test case expanded to include RFC 7662 support
* `test` CLI command returns a non-zero exit code when tests fail

Changed

* Minimum required Python version lowered to 3.6 to allow users of other Python versions to use this package

Removed (BREAKING!)

* Unused `FlaskAzureOauth.reset_app()` method

Added

* Bandit configuration file
* Sharing PyCharm test configuration through version control
* Adding GitLab release management
* Support for scopes from both `scp` and `roles` claims
* Tests for internal introspection endpoint
* Support for RFC 7662 (token introspection) using `introspect_token_rfc7662()`

Fixed

* Signature of `FlaskAzureOauth.initapp(app=app)` changed to `.initapp(app)`, no longer requiring named parameter
* Ensuring scopes are always sorted in introspection methods to aid in stable tests

Changed

* Incorporating maxgubler's contribution for Authlib 0.12
* Updating to Authlib 0.14.1
* Updating to Flask 1.1.2
* Updating to Requests 2.23.0
* Updating development dependencies
* Update project dates
* Switching to Poetry for dependency management and package publishing
* Switching to Black for code formatting/linting
* Switching to multi-stage Docker image
* Tidying up README
* Tidying up GitLab CI

Removed

* Synk support - too unreliable

Added

* Upgraded to AuthLib 0.11

Changed

* Add exception for `urllib3` dependency https://app.snyk.io/vuln/SNYK-PYTHON-URLLIB3-174323
* Pinning `urllib3` dependency to later version to mitigate https://app.snyk.io/vuln/SNYK-PYTHON-URLLIB3-174464
* Simplifying Docker image name
* Simplifying release procedures