diff --git a/AUTHORS b/AUTHORS index 1094a3fc7..f43296d51 100644 --- a/AUTHORS +++ b/AUTHORS @@ -11,6 +11,7 @@ Abhishek Patel Adam Johnson Adam ZahradnĂ­k Adheeth P Praveen +Aibek Prenov Alan Crosswell Alan Rominger Alejandro Mantecon Guillen diff --git a/CHANGELOG.md b/CHANGELOG.md index 4b13db2f0..4c61d2652 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -34,6 +34,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 * #1252 Fix crash when 'client' is in token request body * #1496 Fix error when Bearer token string is empty but preceded by `Bearer` keyword. * #1630 use token_checksum for lookup in _get_token_from_authentication_server +* #1597 Fix: TypeError at /s/auth/o/token/ ## [3.1.0] - 2025-10-03 **NOTE**: This is the first release under the new [django-oauth](https://github.com/django-oauth) organization. The project moved in order to be more independent and to bypass quota limits on parallel CI jobs we were encountering in Jazzband. The project will emulate Django Commons going forward in it's operation. We're always on the lookout for willing maintainers and contributors. Feel free to start participating any time. PR's are always welcome. @@ -54,7 +55,6 @@ The project is now hosted in the django-oauth organization. * #1562 Fix: Handle AttributeError in IntrospectTokenView * #1583 Fix: Missing pt_BR translations - ## [3.0.1] - 2024-09-07 ### Fixed * #1491 Fix migration error when there are pre-existing Access Tokens. diff --git a/oauth2_provider/oauth2_validators.py b/oauth2_provider/oauth2_validators.py index b2db265f8..4fd774c55 100644 --- a/oauth2_provider/oauth2_validators.py +++ b/oauth2_provider/oauth2_validators.py @@ -897,12 +897,16 @@ def get_id_token_dictionary(self, token, token_handler, request): claims = self.get_oidc_claims(token, token_handler, request) expiration_time = timezone.now() + timedelta(seconds=oauth2_settings.ID_TOKEN_EXPIRE_SECONDS) + if request.user.last_login: + auth_time = int(dateformat.format(request.user.last_login, "U")) + else: + auth_time = int(timezone.now().timestamp()) # Required ID Token claims claims.update( **{ "iss": self.get_oidc_issuer_endpoint(request), "exp": int(dateformat.format(expiration_time, "U")), - "auth_time": int(dateformat.format(request.user.last_login, "U")), + "auth_time": auth_time, "jti": str(uuid.uuid4()), } ) diff --git a/tests/test_oauth2_validators.py b/tests/test_oauth2_validators.py index c412cd2a5..eaa8879fe 100644 --- a/tests/test_oauth2_validators.py +++ b/tests/test_oauth2_validators.py @@ -60,6 +60,8 @@ def always_invalid_token(): class TestOAuth2Validator(TransactionTestCase): def setUp(self): self.user = UserModel.objects.create_user("user", "test@example.com", "123456") + self.user.last_login = None + self.user.save() self.request = mock.MagicMock(wraps=Request) self.request.user = self.user self.request.grant_type = "not client"