Merge branch 'master' of https://github.com/Tuhin-thinks/django-oauth-toolkit into bug/1496/unhandled-empty-bearer-token-exception

- resolved conflicts at AUTHORS

Author: Tuhin-thinks

.github/pull_request_template.md

@@ -14,3 +14,5 @@ Fixes #
 - [ ] documentation updated
 - [ ] `CHANGELOG.md` updated (only for user relevant changes)
 - [ ] author name in `AUTHORS`
+- [ ] tests/app/idp updated to demonstrate new features
+- [ ] tests/app/rp updated to demonstrate new features

.github/workflows/release.yml

@@ -7,7 +7,7 @@ on:
 
 jobs:
   build:
-    if: github.repository == 'jazzband/django-oauth-toolkit'
+    if: github.repository == 'django-oauth/django-oauth-toolkit'
     runs-on: ubuntu-latest
 
     steps:
@@ -29,10 +29,9 @@ jobs:
           python -m build
           twine check dist/*
 
-      - name: Upload packages to Jazzband
+      - name: Upload packages to PyPI
         if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
-        uses: pypa/gh-action-pypi-publish@master
+        uses: pypa/gh-action-pypi-publish@release/v1
         with:
-          user: jazzband
-          password: ${{ secrets.JAZZBAND_RELEASE_KEY }}
-          repository_url: https://jazzband.co/projects/django-oauth-toolkit/upload
+          user: __token__
+          password: ${{ secrets.PYPI_PUBLISH_TOKEN }}

.github/workflows/test.yml

@@ -2,28 +2,50 @@ name: Test
 
 on: [push, pull_request]
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 jobs:
   test-package:
     name: Test Package (Python ${{ matrix.python-version }}, Django ${{ matrix.django-version }})
     runs-on: ubuntu-latest
+    permissions:
+      id-token: write # Required for Codecov OIDC token
     strategy:
       fail-fast: false
       matrix:
         python-version:
         - '3.10'
         - '3.11'
         - '3.12'
+        - '3.13'
         django-version:
         - '4.2'
         - '5.0'
         - '5.1'
+        - '5.2'
         - 'main'
+        ## include/exclude combinations, typically for the newest and oldest django/python versions.
         include:
           # https://docs.djangoproject.com/en/dev/faq/install/#what-python-version-can-i-use-with-django
           - python-version: '3.8'
             django-version: '4.2'
           - python-version: '3.9'
             django-version: '4.2'
+          - python-version: '3.14'
+            django-version: '5.2'
+          - python-version: '3.14'
+            django-version: 'main'
+        exclude:
+          - python-version: '3.13'
+            django-version: '5.0'
+          - python-version: '3.13'
+            django-version: '4.2'
+          - python-version: '3.10'
+            django-version: 'main'
+          - python-version: '3.11'
+            django-version: 'main'
 
     steps:
     - uses: actions/checkout@v4
@@ -40,7 +62,7 @@ jobs:
         echo "::set-output name=dir::$(pip cache dir)"
 
     - name: Cache
-      uses: actions/cache@v3
+      uses: actions/cache@v4
       with:
         path: ${{ steps.pip-cache.outputs.dir }}
         key:
@@ -60,9 +82,10 @@ jobs:
         DJANGO: ${{ matrix.django-version }}
 
     - name: Upload coverage
-      uses: codecov/codecov-action@v3
+      uses: codecov/codecov-action@v5
       with:
         name: Python ${{ matrix.python-version }}
+        use_oidc: true
 
   test-demo-rp:
     name: Test Demo Relying Party
@@ -71,14 +94,14 @@ jobs:
       fail-fast: false
       matrix:
         node-version:
-          - "18.x"
-          - "20.x"
+          - "22.x"
+          - "24.x"
     steps:
       - name: Checkout
         uses: actions/checkout@v4
 
       - name: Set up NodeJS
-        uses: actions/setup-node@v2
+        uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node-version }}
 
@@ -94,10 +117,32 @@ jobs:
         run: npm run build
         working-directory: tests/app/rp
 
+  codecov-notify:
+    needs:
+      - test-package
+      - test-demo-rp
+    runs-on: ubuntu-latest
+    name: Codecov Notify
+    permissions:
+      id-token: write # Required for Codecov OIDC token
+    steps:
+      # - tell codecov to send notifications now that all jobs are complete. 
+      #   without this, codecov may notify before all coverage reports have been uploaded.
+      #   `codecov: notify: manual_trigger: true` must be set in codecov.yml, to prevent 
+      #   processing on every upload.
+      # - preferred to after_n_builds so we don't need to update that number every
+      #   time we add/remove jobs.
+      - name: Notify Codecov
+        uses: codecov/codecov-action@v5
+        with:
+          run_command: 'send-notifications'
+          use_oidc: true
+
   success:
     needs:
       - test-package
       - test-demo-rp
+      - codecov-notify
     runs-on: ubuntu-latest
     name: Test successful
     steps:

.gitignore

@@ -57,3 +57,5 @@ db.sqlite3
 venv/
 
 /tests/app/idp/static
+
+*.orig

.pre-commit-config.yaml

@@ -1,12 +1,12 @@
 repos:
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.6.8
+    rev: v0.12.7
     hooks:
       - id: ruff
         args: [ --fix ]
       - id: ruff-format
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.6.0
+    rev: v5.0.0
     hooks:
       - id: check-ast
       - id: trailing-whitespace
@@ -22,7 +22,7 @@ repos:
       - id: sphinx-lint
 #  Configuration for codespell is in pyproject.toml
   - repo: https://github.com/codespell-project/codespell
-    rev: v2.3.0
+    rev: v2.4.1
     hooks:
     - id: codespell
       exclude: (package-lock.json|/locale/)

AUTHORS

@@ -35,6 +35,7 @@ Bart Merenda
 Bas van Oostveen
 Brian Helba
 Carl Schwan
+Cihad GUNDOGDU
 Daniel Golding
 Daniel 'Vector' Kerr
 Darrel O'Pry
@@ -112,6 +113,7 @@ Sora Yanai
 Sören Wegener
 Spencer Carroll
 Stéphane Raimbault
+Thales Barbosa Bento
 Tom Evans
 Vinay Karanam
 Víðir Valberg Guðmundsson
@@ -122,4 +124,6 @@ Wouter Klein Heerenbrink
 Yaroslav Halchenko
 Yuri Savin
 Miriam Forner
-Tuhin Mitra
+Tuhin Mitra
+Alex Kerkum
+q0w

CHANGELOG.md

@@ -4,10 +4,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-
 ## [unreleased]
+
 ### Added
-* Support for Wildcard Origin and Redirect URIs, https://github.com/jazzband/django-oauth-toolkit/issues/1506
+* Support for Django 5.2
+* Support for Python 3.14 (Django >= 5.2.8)
+
 <!--
 ### Changed
 ### Deprecated
@@ -16,6 +18,34 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Security
 -->
 
+## [3.1.0]
+
+
+**NOTE**: This is the first release under the new [django-oauth](https://github.com/django-oauth) organization. The project moved in order to be more independent and to bypass quota limits on parallel CI jobs we were encountering in Jazzband. The project will emulateDjango Commons going forward in it's operation. We're always on the look for willing maintainers and contributors. Feel free to start participating any time. PR's are always welcome.
+
+### Added
+* #1506 Support for Wildcard Origin and Redirect URIs - Adds a new setting [ALLOW_URL_WILDCARDS](https://django-oauth-toolkit.readthedocs.io/en/latest/settings.html#allow-uri-wildcards). This feature is useful for working with CI service such as cloudflare, netlify, and vercel that offer branch
+deployments for development previews and user acceptance testing.
+* #1586 Turkish language support added
+
+### Changed
+The project is now hosted in the django-oauth organization.
+
+<!--
+### Deprecated
+### Removed
+-->
+### Fixed
+* #1517 OP prompts for logout when no OP session
+* #1512 client_secret not marked sensitive
+* #1521 Fix 0012 migration loading access token table into memory
+* #1584 Fix IDP container in docker compose environment could not find templates and static files.
+* #1562 Fix: Handle AttributeError in IntrospectTokenView
+* #1583 Fix: Missing pt_BR translations
+<!--
+### Security
+-->
+
 
 ## [unreleased]
 ### Fixed
@@ -235,7 +265,7 @@ This is a major release with **BREAKING** changes. Please make sure to review th
 ## [1.6.1] 2021-12-23
 
 ### Changed
-* Note: Only Django 4.0.1+ is supported due to a regression in Django 4.0.0. [Explanation](https://github.com/jazzband/django-oauth-toolkit/pull/1046#issuecomment-998015272)
+* Note: Only Django 4.0.1+ is supported due to a regression in Django 4.0.0. [Explanation](https://github.com/django-oauth/django-oauth-toolkit/pull/1046#issuecomment-998015272)
 
 ### Fixed
 * Miscellaneous 1.6.0 packaging issues.
@@ -326,7 +356,7 @@ This is a major release with **BREAKING** changes. Please make sure to review th
 
 ### Fixed
 * #812: Reverts #643 pass wrong request object to authenticate function.
-* Fix concurrency issue with refresh token requests (#[810](https://github.com/jazzband/django-oauth-toolkit/pull/810))
+* Fix concurrency issue with refresh token requests (#[810](https://github.com/django-oauth/django-oauth-toolkit/pull/810))
 * #817: Reverts #734 tutorial documentation error.
 
 
@@ -365,16 +395,16 @@ This is a major release with **BREAKING** changes. Please make sure to review th
 
 ### Fixed
 * Fix a race condition in creation of AccessToken with external oauth2 server.
-* Fix several concurrency issues. (#[638](https://github.com/jazzband/django-oauth-toolkit/issues/638))
-* Fix to pass `request` to `django.contrib.auth.authenticate()` (#[636](https://github.com/jazzband/django-oauth-toolkit/issues/636))
+* Fix several concurrency issues. (#[638](https://github.com/django-oauth/django-oauth-toolkit/issues/638))
+* Fix to pass `request` to `django.contrib.auth.authenticate()` (#[636](https://github.com/django-oauth/django-oauth-toolkit/issues/636))
 * Fix missing `oauth2_error` property exception oauthlib_core.verify_request method raises exceptions in authenticate.
-  (#[633](https://github.com/jazzband/django-oauth-toolkit/issues/633))
+  (#[633](https://github.com/django-oauth/django-oauth-toolkit/issues/633))
 * Fix "django.db.utils.NotSupportedError: FOR UPDATE cannot be applied to the nullable side of an outer join" for postgresql.
-  (#[714](https://github.com/jazzband/django-oauth-toolkit/issues/714))
+  (#[714](https://github.com/django-oauth/django-oauth-toolkit/issues/714))
 * Fix to return a new refresh token during grace period rather than the recently-revoked one.
-  (#[702](https://github.com/jazzband/django-oauth-toolkit/issues/702))
+  (#[702](https://github.com/django-oauth/django-oauth-toolkit/issues/702))
 * Fix a bug in refresh token revocation.
-  (#[625](https://github.com/jazzband/django-oauth-toolkit/issues/625))
+  (#[625](https://github.com/django-oauth/django-oauth-toolkit/issues/625))
 
 ## 1.2.0 [2018-06-03]
 
@@ -396,7 +426,7 @@ This is a major release with **BREAKING** changes. Please make sure to review th
 * **Critical**: Django OAuth Toolkit 1.1.0 contained a migration that would revoke all existing
   RefreshTokens (`0006_auto_20171214_2232`). This release corrects the migration.
   If you have already ran it in production, please see the following issue for more details:
-  https://github.com/jazzband/django-oauth-toolkit/issues/589
+  https://github.com/django-oauth/django-oauth-toolkit/issues/589
 
 
 ## 1.1.0 [2018-04-13]
@@ -410,7 +440,7 @@ This is a major release with **BREAKING** changes. Please make sure to review th
 * **New feature**: The new setting `ERROR_RESPONSE_WITH_SCOPES` can now be set to True to include required
   scopes when DRF authorization fails due to improper scopes.
 * **New feature**: The new setting `REFRESH_TOKEN_GRACE_PERIOD_SECONDS` controls a grace period during which
-  refresh tokens may be re-used.
+  refresh tokens may be reused.
 * An `app_authorized` signal is fired when a token is generated.
 
 ## 1.0.0 [2017-06-07]