Skip to content

v3.42.0
Compare
Choose a tag to compare
@kurtmckee kurtmckee released this 15 Jul 23:00
· 265 commits to main since this release
3.42.0
This tag was signed with the committer’s verified signature.
kurtmckee Kurt McKee
GPG key ID: 64713C0B5BA8E1C2
Verified
Learn about vigilant mode.
66e0070
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Python Support

  • Remove support for Python 3.7. (#997)

Added

  • Add globus_sdk.ConnectorTable which provides information on supported Globus Connect Server connectors. This object maps names to IDs and vice versa. (#955)

  • Support adding query parameters to ConfidentialAppAuthClient.oauth2_token_introspect via a query_params argument. (#984)

  • Add get_gcs_info as a helper method to GCSClient for getting information from a Globus Connect Server's info API route.

  • Add endpoint_client_id as a property to GCSClient.

  • Clients will now emit a X-Globus-Client-Info header which reports the version of the globus-sdk which was used to send a request. Users may customize this header further by modifying the globus_client_info object attached to the transport object. (#990)

Experimental

  • Add a new abstract class, TokenStorage, to experimental. TokenStorage expands the functionality of StorageAdapter but is not fully backwards compatible. (#980)

    • FileTokenStorage, JSONTokenStorage, MemoryTokenStorage and SQLiteTokenStorage are new concrete implementations of TokenStorage.

  • Add ValidatingStorageAdapter to experimental, which validates that identity is maintained and scope requirements are met on token storage/retrieval. (#978, #980)

  • Add a new abstract class, AuthorizerFactory to experimental. AuthorizerFactory provides an interface for getting a GlobusAuthorizer from a ValidatingTokenStorage. (#985)

    • AccessTokenAuthorizerFactory, RefreshTokenAuthorizerFactory, and ClientCredentialsAuthorizerFactory are new concrete implementations of AuthorizerFactory.

  • Add a new abstract class, GlobusApp to experimental. A GlobusApp is an abstraction which allows users to define their authorization requirements implicitly and explicitly, attach that state to their various clients, and drive login flows. (#986)

    • UserApp and ClientApp are new implementations of GlobusApp which handle authentications for user-login and client-credentials.

    • GlobusAppConfig is an object which can be used to control GlobusApp behaviors.

  • Add app as an optional argument to BaseClient which will accept a GlobusApp to handle authentication, token validation, and token storage when using the client.

  • Add default_scope_requirements as a property to BaseClient for subclasses to define scopes to automatically be used with a GlobusApp. The default implementation raises a NotImplementedError.

  • Add add_app_scope to BaseClient as an interface for adding additional scope requirements to its app.

  • AuthClient, FlowsClient, GCSClient, GroupsClient, SearchClient, TimerClient, and TransferClient all add app as an optional argument and define default_scope_requirements so that they can be used with a GlobusApp.

  • Add add_app_data_access_scope to TransferClient as an interface for adding a dependent data access scope requirements needed for interacting with standard Globus Connect Server mapped collections to its app.

  • Auto-login (overridable in config) GlobusApp login retry on token validation error. (#994)

  • Added the configuration parameter GlobusAppConfig.environment. (#1001)

Changed

  • GCSClient instances now have a non-None resource_server property.

  • GlobusAuthorizationParameters no longer enforces that at least one field is set. (#989)

  • Improved the validation and checking used inside of globus_sdk.tokenstorage.SimpleJSONFileAdapter and globus_sdk.experimental.tokenstorage.JSONTokenStorage. (#997)

Deprecated

  • GCSClient.connector_id_to_name has been deprecated. Use ConnectorTable.lookup instead. (#955)

Fixed

Experimental

  • When a JSONTokenStorage is used, the containing directory will be automatically be created if it doesn't exist. (#998)

  • GlobusApp.add_scope_requirements now has the side effect of clearing the authorizer cache for any referenced resource servers. (#1000)

  • GlobusAuthorizer.scope_requirements was made private and a new method for accessing scope requirements was added at GlobusAuthorizer.get_scope_requirements. (#1000)

  • A GlobusApp will now auto-create an Auth consent client for dependent scope evaluation against consents as a part of instantiation. (#1000)

  • Fixed a bug where specifying dependent tokens in a new GlobusApp would cause the app to infinitely prompt for log in. (#1002)

  • Fixed a GlobusApp bug which would cause LocalServerLoginFlowManager to error on MacOS when versions earlier than Python 3.11. (#1003)

Documentation

  • Document how to manage Globus SDK warnings. (#988)
Assets 2
Loading