Flask-oidc

Added

- Re-add `redirect_to_auth_server()` for compatibility with v1.x ([d0cac91](https://github.com/fedora-infra/flask-oidc/commit/d0cac91>))

Added

- Add compatibility with EL8 ([8a8bf4c](https://github.com/fedora-infra/flask-oidc/commit/8a8bf4c>))
- Add an accessor for the user's email ([32f046a](https://github.com/fedora-infra/flask-oidc/commit/32f046a>))
- Document the `OIDC_CLIENT_SECRETS` config option ([2e9b5b2](https://github.com/fedora-infra/flask-oidc/commit/2e9b5b2>))

Fixed

- Add a config file for readthedocs ([fd55294](https://github.com/fedora-infra/flask-oidc/commit/fd55294>))
- Minor typo/fixes ([fd1f415](https://github.com/fedora-infra/flask-oidc/commit/fd1f415>))
- Improve the documentation ([0836711](https://github.com/fedora-infra/flask-oidc/commit/0836711>))
- Include the `root_path` when redirecting to the custom callback route ([71747d1](https://github.com/fedora-infra/flask-oidc/commit/71747d1>))

Added

- Add a user model to `flask.g` with convenience properties ([5bf8808](https://github.com/fedora-infra/flask-oidc/commit/5bf8808>))
- Add signals to hook into the login and logout process ([68351b6](https://github.com/fedora-infra/flask-oidc/commit/68351b6>))

Changed

- Ship the licenses files in the sdist ([3e37982](https://github.com/fedora-infra/flask-oidc/commit/3e37982>))
- Update dependencies ([a122e22](https://github.com/fedora-infra/flask-oidc/commit/a122e22>),
[a581fdf](https://github.com/fedora-infra/flask-oidc/commit/a581fdf>),
[d51d24b](https://github.com/fedora-infra/flask-oidc/commit/d51d24b>),
[0db631e](https://github.com/fedora-infra/flask-oidc/commit/0db631e>),
[c5cd54d](https://github.com/fedora-infra/flask-oidc/commit/c5cd54d>),
[2134e46](https://github.com/fedora-infra/flask-oidc/commit/2134e46>))

Fixed

- Correct typo in example in index.rst ([b21e87b](https://github.com/fedora-infra/flask-oidc/commit/b21e87b>))
- Give the github release step access to the changelog ([7bc785d](https://github.com/fedora-infra/flask-oidc/commit/7bc785d>))

Fixed

- Avoid redirect loops when the app is not mounted on the webserver root (52)

Changed

- Use REUSE for licences
- Convert the changelog to markdown

Added

- Publish to PyPI and Github when a tag is pushed

Fixed

- Handle token expiration when there is no `refresh_token` or no token URL (39)

Changed

- Restore the `OVERWRITE_REDIRECT_URI` configuration option as
`OIDC_OVERWRITE_REDIRECT_URI`.
- The `redirect_uri` that is generated and sent to the ID provider is no longer
forced to HTTPS, because the
[the OIDC spec](https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest)
is actually only a strong recommendation (35). You can
use `OVERWRITE_REDIRECT_URI` if you want to force it to HTTPS (or any other
URL).

Fixed

- Use the `OIDC_CALLBACK_ROUTE` with the ID provider when it is defined,
instead of the default (21)
- Auto-renew tokens when they have expired (if possible), as version 1.x used
to do (19)

Changed

- The `redirect_uri` that is generated and sent to the ID provider is always
HTTPS, as [the OIDC spec](https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest)
mandates.
- Don't request the `profile` scope by default, as version 1.x used to do
(21).