v3.42.0

Python Support

• Remove support for Python 3.7. (#997)

Added

• Add globus_sdk.ConnectorTable which provides information on supported Globus Connect Server connectors. This object maps names to IDs and vice versa. (#955)

• Support adding query parameters to ConfidentialAppAuthClient.oauth2_token_introspect via a query_params argument. (#984)

• Add get_gcs_info as a helper method to GCSClient for getting information from a Globus Connect Server's info API route.

• Add endpoint_client_id as a property to GCSClient.

• Clients will now emit a X-Globus-Client-Info header which reports the version of the globus-sdk which was used to send a request. Users may customize this header further by modifying the globus_client_info object attached to the transport object. (#990)

Experimental

• Add a new abstract class, TokenStorage, to experimental. TokenStorage expands the functionality of StorageAdapter but is not fully backwards compatible. (#980)

  • FileTokenStorage, JSONTokenStorage, MemoryTokenStorage and SQLiteTokenStorage are new concrete implementations of TokenStorage.

• Add ValidatingStorageAdapter to experimental, which validates that identity is maintained and scope requirements are met on token storage/retrieval. (#978, #980)

• Add a new abstract class, AuthorizerFactory to experimental. AuthorizerFactory provides an interface for getting a GlobusAuthorizer from a ValidatingTokenStorage. (#985)

  • AccessTokenAuthorizerFactory, RefreshTokenAuthorizerFactory, and ClientCredentialsAuthorizerFactory are new concrete implementations of AuthorizerFactory.

• Add a new abstract class, GlobusApp to experimental. A GlobusApp is an abstraction which allows users to define their authorization requirements implicitly and explicitly, attach that state to their various clients, and drive login flows. (#986)

  • UserApp and ClientApp are new implementations of GlobusApp which handle authentications for user-login and client-credentials.

  • GlobusAppConfig is an object which can be used to control GlobusApp behaviors.

• Add app as an optional argument to BaseClient which will accept a GlobusApp to handle authentication, token validation, and token storage when using the client.

• Add default_scope_requirements as a property to BaseClient for subclasses to define scopes to automatically be used with a GlobusApp. The default implementation raises a NotImplementedError.

• Add add_app_scope to BaseClient as an interface for adding additional scope requirements to its app.

• AuthClient, FlowsClient, GCSClient, GroupsClient, SearchClient, TimerClient, and TransferClient all add app as an optional argument and define default_scope_requirements so that they can be used with a GlobusApp.

• Add add_app_data_access_scope to TransferClient as an interface for adding a dependent data access scope requirements needed for interacting with standard Globus Connect Server mapped collections to its app.

• Auto-login (overridable in config) GlobusApp login retry on token validation error. (#994)

• Added the configuration parameter GlobusAppConfig.environment. (#1001)

Changed

• GCSClient instances now have a non-None resource_server property.

• GlobusAuthorizationParameters no longer enforces that at least one field is set. (#989)

• Improved the validation and checking used inside of globus_sdk.tokenstorage.SimpleJSONFileAdapter and globus_sdk.experimental.tokenstorage.JSONTokenStorage. (#997)

Deprecated

• GCSClient.connector_id_to_name has been deprecated. Use ConnectorTable.lookup instead. (#955)

Fixed

Experimental

• When a JSONTokenStorage is used, the containing directory will be automatically be created if it doesn't exist. (#998)

• GlobusApp.add_scope_requirements now has the side effect of clearing the authorizer cache for any referenced resource servers. (#1000)

• GlobusAuthorizer.scope_requirements was made private and a new method for accessing scope requirements was added at GlobusAuthorizer.get_scope_requirements. (#1000)

• A GlobusApp will now auto-create an Auth consent client for dependent scope evaluation against consents as a part of instantiation. (#1000)

• Fixed a bug where specifying dependent tokens in a new GlobusApp would cause the app to infinitely prompt for log in. (#1002)

• Fixed a GlobusApp bug which would cause LocalServerLoginFlowManager to error on MacOS when versions earlier than Python 3.11. (#1003)

Documentation

• Document how to manage Globus SDK warnings. (#988)

v3.41.0

Added

• Added a new AuthClient method get_consents and supporting local data objects.
  These allows a client to poll and interact with the current Globus Auth consent state
  of a particular identity rooted at their client. (#971)

• Added LoginFlowManager and CommandLineLoginFLowManager to experimental (#972)

• Added LocalServerLoginFlowManager to experimental (#977)

• Added support to FlowsClient for the validate_flow operation of the
  Globus Flows service. (#979)

v3.40.0

Added

• Add globus_sdk.tokenstorage.MemoryAdapter for the simplest possible in-memory token storage mechanism. (#964)

• ConfidentialAppAuthClient.oauth2_get_dependent_tokens now supports the scope parameter as a string or iterable of strings. (#965)

• Moved scope parsing out of experimental. The Scope construct is now importable from the top level globus_sdk module. (#966)

• Support updating subscriptions assigned to flows in the Flows service. (#974)

Development

• Fix concurrency problems in the test suite caused by isort's .isorted temporary files. (#973)

v3.39.0

Added

• Added TransferClient.operation_stat helper method for getting the status of a path on a collection (#961)

v3.38.0

Added

• IterableGCSResponse and UnpackingGCSResponse are now available as top-level exported names. (#956)

• Add GroupsClient.get_group_by_subscription_id for resolving subscriptions to groups. This also expands the _testing data for get_group to include a subscription group case. (#957)

• Added prompt to the recognized Globus Authorization Requirements Error authorization_parameters fields. (#958)

v3.37.0

Added

• All of the basic HTTP methods of BaseClient and its derived classes which accept a data parameter for a request body, e.g. TransferClient.post or GroupsClient.put, now allow the data to be passed in the form of already encoded bytes. (#951)

Fixed

• Update ensure_datatype to work with documents that set DATA_TYPE to MISSING instead of omitting it (#952)

v3.36.0

Added

• Added support for GCS endpoint get & update operations. (#933)

  • gcs_client.get_endpoint()
  • gcs_client.update_endpoint(EndpointDocument(...))

• TransferClient.endpoint_manager_task_list() now supports filter_endpoint_use as a parameter. (#948)

• FlowsClient.create_flow now supports subscription_id as a parameter. (#949)

v3.35.0

Added

• Added a session_required_mfa parameter to the AuthorizationParameterInfo error info object and oauth2_get_authorize_url method (#939)

Changed

• The argument specification for AuthClient.create_policy was incorrect.
  The corrected method will emit deprecation warnings if called with positional arguments, as the corrected version uses keyword-only arguments. (#936)

Deprecated

• TransferClient.operation_symlink is now officially deprecated and will emit a RemovedInV4Warning if used. (#942)

Fixed

• Included documentation in AuthorizationParameterInfo for session_required_policies (#939)

v3.34.0

Added

• Add the delete_protected field to MappedCollectionDocument. (#920)

Changed

• Minor improvements to handling of paths and URLs. (#922)

  • Request paths which start with the base_path of a client are now
    normalized to avoid duplicating the base_path.

  • When a GCSClient is initialized with an HTTPS URL, if the URL does not
    end with the /api suffix, that suffix will automatically be appended.
    This allows the gcs_manager_url field from Globus Transfer to be used
    verbatim as the address for a GCSClient.

Deprecated

• NativeAppAuthClient.oauth2_validate_token and
  ConfidentialAppAuthClient.oauth2_validate_token have been deprecated, as
  their usage is discouraged by the Auth service. (#921)

Development

• Migrate from a CHANGELOG symlink to the RST .. include directive. (#918)

• Tutorial endpoint references are removed from tests and replaced with
  bogus values. (#919)

v3.33.0.post0

Documentation

• Remove references to the Tutorial Endpoints from documentation. (#915)