Skip to content

py-identity-model

Changelog

jamescrowley321/py-identity-model

CHANGELOG¶

v2.17.1 (2026-03-30)¶

Bug Fixes¶

ci: Add git identity config to uv.lock sync step in release workflow (5167464)

v2.17.0 (2026-03-30)¶

Refactoring¶

test: Provider-agnostic integration tests with discovery-driven capabilities (#281, 02ff38a)

v2.16.0 (2026-03-30)¶

v2.15.0 (2026-03-30)¶

v2.14.0 (2026-03-30)¶

v2.13.0 (2026-03-30)¶

v2.12.0 (2026-03-30)¶

v2.11.0 (2026-03-30)¶

Features¶

par: Implement Pushed Authorization Requests (RFC 9126) (#230, aa655ba)

v2.10.0 (2026-03-30)¶

Features¶

dpop: Implement DPoP proof creation and key management (RFC 9449) (#229, 994012e)

v2.9.0 (2026-03-30)¶

Features¶

refresh: Implement OAuth 2.0 Refresh Token Grant (#228, c0eae00)

v2.8.0 (2026-03-30)¶

v2.7.0 (2026-03-30)¶

Features¶

introspection: Implement OAuth 2.0 Token Introspection (RFC 7662) (#226, 6870781)

v2.6.0 (2026-03-30)¶

Features¶

auth-code: Implement Authorization Code Grant with PKCE (#225, f3ea096)

v2.5.0 (2026-03-30)¶

Features¶

token-validation: Add enhanced validation and base request/response classes (#224, c137b27)

v2.4.1 (2026-03-30)¶

Bug Fixes¶

ci: Remove tracked worktree directory breaking CI checkout (4fbaa7e)

v2.4.0 (2026-03-30)¶

Features¶

http-client: Add dependency injection support for HTTP client management (#222, 4ad60f2)

v2.3.0 (2026-03-30)¶

Bug Fixes¶

authorize: Address code review and security findings (1976416)
authorize: Guard against None inputs in callback parsing and state validation (2e696c5)
authorize: Make state accessible on error responses per RFC 6749 (1a77957)
test: Make authorization_endpoint HTTPS assertion conditional on require_https (2cd2801)

Chores¶

Auto-commit before merge (loop primary) (7e42771)
Exclude init.py from SonarCloud duplication analysis (7886657)
deps: Automated dependency update (244735d)
deps: Automated dependency update (b0ed1fe)
deps: Automated dependency update (104cb62)

Continuous Integration¶

Add pull_request trigger to build workflow (30399f9)

Documentation¶

authorize: Add API docs for callback response and state validation (41b63b6)
authorize: Add authorization callback usage examples (530cec6)

Features¶

authorize: Add AuthorizeCallbackResponse model and parser (4d8351f)
authorize: Add state parameter validation (2f4f826)
authorize: Export callback response and state validation API (6c3ddd9)
exceptions: Add AuthorizeCallbackException (4804ae2)

Refactoring¶

test: Reduce code duplication in authorize callback tests (76dfc6c)

Testing¶

Add coverage for review fix findings (e4a396a)
authorize: Add integration tests for callback parsing and state validation (02a9f94)
authorize: Add unit tests for callback response and state validation (1b83e10)

v2.2.0 (2026-03-14)¶

Features¶

Add guarded field access on failed response models (#200, 1e2b7ba)

v2.1.5 (2026-03-10)¶

Bug Fixes¶

Add Terraform and TFLint setup to release workflow (#189, d76de12)

v2.1.4 (2026-02-24)¶

Bug Fixes¶

hooks: Remove unnecessary bash -c wrappers from pre-commit config (#183, e2bab26)

v2.1.3 (2026-02-24)¶

Bug Fixes¶

test: Warm lru_cache before benchmark to avoid 429 rate limits (#182, ee6fa2f)

v2.1.2 (2026-02-24)¶

Bug Fixes¶

docs: Switch GitHub Pages to Actions deployment and add docs targets (#181, 7ba1135)

v2.1.1 (2026-02-24)¶

Bug Fixes¶

docs: Resolve MkDocs strict mode build failures (#179, bec22b4)

v2.1.0 (2026-02-18)¶

Build System¶

Consolidate dependabot dependency updates (#175, e9ae811)

Features¶

userinfo: Add OpenID Connect UserInfo endpoint support (9e35dce)

v2.0.0 (2026-01-29)¶

v2.0.0-rc.1 (2026-01-17)¶

Bug Fixes¶

Add retry logic to token client endpoint (8ec1cc6)
Add thread-safe SSL certificate backward compatibility for httpx (55b8fe4)
Address high priority issues from PR #108 code review (15ccf1d)
Centralize HTTP default constants and improve content-type handling (0989b59)
Export to_principal in root init.py (6443dec)
Optimize token validation with multi-layer caching (e42dbb4)
Reduce code duplication and improve test coverage (3de5c0a)
Remove private reset functions from public all exports (a9bf2ef)
Sonar quality issues (#126, 34ab94b)
Sonarcloud Quality Issues (#115, 7f74d78)

Chores¶

Remove implementation plan before PR merge (5ea55b4)

Continuous Integration¶

Trigger prerelease on PR events with auto-versioning (bbd1fc7)
Unify release workflow with workflow_dispatch for prereleases (735690c)

Documentation¶

Add httpx performance note to cached functions (05d969e)
Add Phase 8 architecture improvements to roadmap (abe7397)
Complete Phase 5 documentation and examples (306e99f)

Features¶

Add async support and modular architecture (55af9f3)
Add retry logic with exponential backoff for rate limiting (ef667e0)
Add SSL certificate backward compatibility and fix Docker examples (808b16c)
Complete async optimizations and add coverage reporting (155d682)
Complete async support and add SonarCloud integration (70f5031)
Optimize integration tests with session-scoped fixtures (c01b691)

Performance Improvements¶

Add httpx connection pooling for sync HTTP requests (54952ee)
Add parallel test execution to all test commands (7496d72)
Add public key caching to async token validation (c34fbd3)
Add selective parallel test execution to avoid rate limiting (7b88001)

Refactoring¶

Eliminate code duplication with shared response processors (5c023c6)
Extract common token validation logic to reduce duplication (b28779b)
Fix Sonar code quality issues (d52a03f)
Reduce code duplication by extracting shared logic (ea66a42)
Reduce cognitive complexity and eliminate string duplication (452ea1a)

Testing¶

Add cache validation tests and restore benchmark threshold (3c5de99)
Add comprehensive coverage for parsers module (d1645f4)
Update network error test to handle both error types (41743e5)

v1.2.0 (2025-11-08)¶

Features¶

Async/Await Support - Full asynchronous API via py_identity_model.aio module
Async versions of all client methods (discovery, JWKS, token validation, token client)
Async caching with async-lru for discovery and JWKS
Full backward compatibility maintained (sync API unchanged)
Comprehensive async test suite (10 new async tests)
Examples for both FastAPI and concurrent operations
Modular Architecture - Clean separation between HTTP layer and business logic
Extracted shared business logic to core/ module
Eliminated code duplication between sync/async implementations
Major code reduction: sync/jwks.py (390→78 lines), sync/discovery.py (378→246 lines)
All 146 tests passing with zero regressions
HTTP Client Migration - Migrated from requests to httpx
Single library supporting both sync and async operations
Configurable timeouts (30s default on all HTTP calls)
Automatic connection pooling
Add comprehensive logging and exception handling (#107, 98f88d6)

Documentation¶

Consolidate documentation into mkdocs instead of Wiki (#99, 71f5fcb)
Add comprehensive async examples and architecture documentation
Update roadmap to reflect completed features

v1.1.1 (2025-10-21)¶

Bug Fixes¶

docs: Remove awesome-pages plugin to fix navigation (95904d7)

Documentation¶

Add CONTRIBUTING.md and fix documentation (#98, 68b266d)

v1.1.0 (2025-10-21)¶

Chores¶

Updates deps and docs (#80, 47c4ce2)

Features¶

Put in some identity (#82, a61cb9b)

v1.0.0 (2025-05-31)¶

v1.0.0-rc.1 (2025-05-31)¶

Chores¶

Adds release automation (bd882e3)
Adds release automation (1d0ebad)
Adds release automation (d2f22cc)
Fixes makefile (34096c3)
Fixes makefile (b2ace65)
Fixes workflow (cb2003b)
Fixes workflow (ce5ed88)
Fixes workflow (0e73021)
Updates cryptography to latest version (#72, ea23f0d)

Features¶

Adds automated versioning (c4f9846)
Adds automated versioning (05549ab)
Cleans up workflow files (425ed08)
Cleans up workflow files (b612011)
Cleans up workflow files (f906d8c)
Cleans up workflow files (6febcbe)
Cleans up workflow files (38bff6f)
Cleans up workflow files (30451ec)
Moves from poetry to uv (33cac19)
Moves from poetry to uv (1d5920e)

v0.11.4 (2024-06-20)¶

Initial Release