Globus-sdk

--------------------

Added
~~~~~

- Support custom CA certificate bundles. (:pr:`903`)

Previously, SSL/TLS verification allowed only a boolean ``True`` or ``False`` value.
It is now possible to specify a CA certificate bundle file
using the existing ``verify_ssl`` parameter
or ``GLOBUS_SDK_VERIFY_SSL`` environment variable.

This may be useful for interacting with Globus through certain proxy firewalls.

Fixed
~~~~~

- Fix the type annotation for ``globus_sdk.IdentityMap`` init,
which incorrectly rejected ``ConfidentialAppAuthClient``. (:pr:`912`)

.. _changelog-3.32.0:

--------------------

Added
~~~~~

.. note::
These changes pertain to methods of the client objects in the SDK which
interact with Globus Auth client registration.
To disambiguate, we refer to the Globus Auth entities below as "Globus Auth
clients" or specify "in Globus Auth", as appropriate.

- Globus Auth clients objects now have methods for interacting with client and
project APIs. (:pr:`884`)

- ``NativeAppAuthClient.create_native_app_instance`` creates a new native app
instance in Globus Auth for a client.

- ``ConfidentialAppAuthClient.create_child_client`` creates a child client in
Globus Auth for a confidential app.

- ``AuthClient.get_project`` looks up a project.

- ``AuthClient.get_policy`` looks up a policy document.

- ``AuthClient.get_policies`` lists all policies in all projects for which
the current user is an admin.

- ``AuthClient.create_policy`` creates a new policy.

- ``AuthClient.update_policy`` updates an existing policy.

- ``AuthClient.delete_policy`` deletes a policy.

- ``AuthClient.get_client`` looks up a Globus Auth client by ID or FQDN.

- ``AuthClient.get_clients`` lists all Globus Auth clients for which the
current user is an admin.

- ``AuthClient.create_client`` creates a new client in Globus Auth.

- ``AuthClient.update_client`` updates an existing client in Globus Auth.

- ``AuthClient.delete_client`` deletes a client in Globus Auth.

- ``AuthClient.get_client_credentials`` lists all client credentials for a
given Globus Auth client.

- ``AuthClient.create_client_credential`` creates a new client credential for
a given Globus Auth client.

- ``AuthClient.delete_client_credential`` deletes a client credential.

- ``AuthClient.get_scope`` looks up a scope.

- ``AuthClient.get_scopes`` lists all scopes in all projects for which the
current user is an admin.

- ``AuthClient.create_scope`` creates a new scope.

- ``AuthClient.update_scope`` updates an existing scope.

- ``AuthClient.delete_scope`` deletes a scope.

- A helper object has been defined for dependent scope manipulation via the
scopes APIs, ``globus_sdk.DependentScopeSpec`` (:pr:`884`)

Fixed
~~~~~

- When serializing ``TransferTimer`` data, do not convert to UTC if the input
was a valid datetime with an offset. (:pr:`900`)

.. _changelog-3.31.0:

--------------------

Added
~~~~~

- Add support for the new Transfer Timer creation method, in the form of a
client method, ``TimerClient.create_timer``, and a payload builder type,
``TransferTimer`` (:pr:`887`)

- ``create_timer`` only supports dict data and ``TransferTimer``, not the
previous ``TimerJob`` type

- Additional helper classes, ``RecurringTimerSchedule`` and
``OneceTimerSchedule``, are provided to help build the ``TransferTimer``
payload

- Request encoding in the SDK will now automatically convert any ``uuid.UUID``
objects into strings. Previously this was functionality provided by certain
methods, but now it is universal. (:pr:`892`)

Deprecated
~~~~~~~~~~

- Creation of timers to run transfers using ``TimerJob`` is now
deprecated (:pr:`887`)

.. _changelog-3.30.0:

--------------------

Added
~~~~~

- ``TransferClient.operation_ls`` now supports the ``limit`` and ``offset``
parameters (:pr:`868`)

- A new sentinel value, ``globus_sdk.MISSING``, has been introduced.
It is used for method calls which need to distinguish missing parameters from
an explicit ``None`` used to signify ``null`` (:pr:`885`)

- ``globus_sdk.MISSING`` is now supported in payload data for all methods, and
will be automatically removed from the payload before sending to the server

Changed
~~~~~~~

- ``GroupPolicies`` objects now treat an explicit instantiation with
``high_assurance_timeout=None`` as setting the timeout to ``null`` (:pr:`885`)

.. _changelog-3.29.0:

--------------------

Changed
~~~~~~~

- The inheritance structure used for Globus Auth client classes has changed.
(:pr:`849`)

- A new class, ``AuthLoginClient``, is the base for ``NativeAppAuthClient``
and ``ConfidentialAppAuthClient``. These classes no longer inherit from
``AuthClient``, and therefore no longer inherit certain methods which would
never succeed if called.

- ``AuthClient`` is now the only class which provides functionality
for accessing Globus Auth APIs.

- ``AuthClient`` no longer includes methods for OAuth 2 login flows which
would only be valid to call on ``AuthLoginClient`` subclasses.

Deprecated
~~~~~~~~~~

- Several features of Auth client classes are now deprecated. (:pr:`849`)

- Setting ``AuthClient.client_id`` or accessing it as an attribute
is deprecated and will emit a warning.

- ``ConfidentialAppAuthClient.get_identities`` has been preserved as a valid
call, but will emit a warning. Users wishing to access this API via client
credentials should prefer to get an access token using a client credential
callout, and then use that token to call ``AuthClient.get_identities()``.

- The ``AuthClient.oauth2_userinfo`` method has been deprecated in favor of
``AuthClient.userinfo``. Callers should prefer the new method name. (:pr:`865`)

.. _changelog-3.28.0:

--------------------

Python Support
~~~~~~~~~~~~~~

- Add support for Python 3.12. (:pr:`808`)

Added
~~~~~

- Add a ``prompt`` keyword parameter to ``AuthClient.oauth2_get_authorize_url()``. (:pr:`813`)

Setting this parameter requires users to authenticate with an identity provider,
even if they are already logged in. Doing so can help avoid errors caused by
unexpected session required policies, which would otherwise require a second,
follow-up login flow.

``prompt`` could previously only be set via the ``query_params`` keyword parameter.
It is now more discoverable.

- Add ``TimerClient.pause_job`` and ``TimerClient.resume_job`` for pausing and
resuming timers. (:pr:`827`)

Documentation
~~~~~~~~~~~~~

- Add an example script which handles creating and running a **flow**. (:pr:`826`)

Development
~~~~~~~~~~~

- Added responses to ``_testing`` reflecting an inactive Timers job (:pr:`828`)

.. _changelog-3.27.0: