CHANGELOG.md

CHANGELOG

For a diff between two versions https://github.com/lexik/LexikJWTAuthenticationBundle/compare/v1.0.0...v2.6.1

2.6.1 (2018-11-18)

• bug #577 Fix argument order in JWTProvider service declaration (fjogeleit)

2.6.0 (2018-11-1)

• bug #574 fix clockSkew not taken into account in some case (mu4ddi3)
• bug #554 Fix deprecations on Symfony 4.2 (chalasr)
• feature #537 Customizable User ID Claim (Spomky)
• feature #503 Allow setting the "exp" claim from event listeners (MaximeMaillet)

2.5.4 (2018-08-2)

• bug #542 Fix missing implements breaking JWT header alteration (tucksaun)

2.5.3 (2018-07-6)

• bug #525 Make openssl key loader service deprecated (Faecie)

2.5.2 (2018-07-3)

• bug #522 Fix clock skew + deprecation message (chalasr)

2.5.1 (2018-06-30)

• bug #515 Re-add namshi/jose as an hard requirement until 3.0 (chalasr)

2.5.0 (2018-06-29)

• feature #508 Replace namshi/jose by lcobucci/jwt (chalasr)
• feature #485 Add a lexik:jwt:generate-token command (sroze)
• feature #369 Fix HMAC support (chalasr)
• feature #492 Clock skew (patrickjDE)
• feature #433 Added setPayload to JWTDecodedEvent analogous to JWTCreatedEvent. (vgeyer)
• feature #412 Make the token type case insensitive (greg0ire)
• feature #404 CheckConfigCommand should not be container aware (chalasr)
• feature #352 JWT header alteration (Spomky)
• feature #344 Add an extension point on the PayloadAwareUserProviderInterface (sroze)

2.4.3 (2017-11-6)

• bug #408 Response classes shouldn't have the @internal PhpDoc tag (lashae)
• bug #403 Switch to PSR-4 namespaces for PHPUnit (chalasr)
• bug #399 Fix sf3.4 command autoregistration deprecation (ogizanagi)

2.4.2 (2017-10-19)

• bug #398 Fix Symfony 4 compatibility (benji07)
• bug #383 Don't register lcobucci encoder if lcobucci/jwt is not installed (chalasr)

2.4.1 (2017-08-29)

• bug #356 Dont use DefinitionDecorator on Symfony 3.3+ (chalasr)

2.4.0 (2017-05-10)

• feature #330 Allow empty ttl for testing purpose (chalasr)
• bug #328 Fix autowiring for upcoming Symfony 3.3 (chalasr)

2.3.0 (2017-04-14)

• bug #325 Move ttl is_numeric check from build time to runtime to allow use of %env()% (DrBenton)
• feature #320 Allow for Response Body without JWT Token (Batch1211)
• feature #317 Use symfony/phpunit-bridge for testing (chalasr)

2.2.0 (2017-03-09)

• feature #312 Ease sharing keys between parties (chalasr)
• bug #311 Handle empty or null authorization header prefix (chteuchteu)
• feature #303 Throw less missleading exception if SSL keys could not be loaded (phansys)

2.1.1 (2017-01-23)

• bug #302 Return user object from User Provider refresh (MisterGlass)

2.1.0 (2016-12-30)

• feature #278 Add JWTUserProvider for loading users from the JWT itself (chalasr)
• bug #287 Avoid override existing properties in failure response (kevin-lot)

2.0.3 (2016-12-05)

• bug #285 Avoid validating key paths before container compilation (chalasr)
• feature #283 Ease creating tokens programatically (chalasr)
• bug #282 Catch exception from lcobucci parser on invalid but correctly formatted token (chalasr)
• feature #276 Added getProviderKey() to JWTUserToken (eXtreme)
• #280 Travis: build on sf 3.2 + highest/lowest deps, fix build on hhvm (chalasr)
• #269 Improve the structure of the documentation (chalasr)

2.0.2 (2016-10-27)

• feature #262 Add composer test script (chalasr)
• bug #261 The security token must be authenticated no matter of the user's roles (chalasr)

2.0.1 (2016-10-20)

• feature #257 Set autowiring types on services with many alternatives

2.0.0 (2016-10-16)

• feature #249 Avoid setting exp claim from JWTManager (chalasr)

• feature #246 Add a simple built-in encoder based on lcobucci/jwt (chalasr)

• feature #240 Add iat check (chalasr)

• feature #230 Introduce JWTExpiredEvent (chalasr)

• feature #184 [Security] Deprecate current system in favor of a JWTTokenAuthenticator (Guard) (chalasr)

• feature #218 Add more flexibility in token extractors configuration (chalasr)

• feature #217 Refactor TokenExtractors loadi ng for easy overriding (chalasr)

• feature #202 Exceptions simplified (Spomky)

• feature #201 Remove deprecated request injections (chalasr)

• feature #196 Make *_key_path config options not mandatory (chalasr)

• feature #177 Add JWTAuthenticationResponse (chalasr)

• feature #162 [Encoder] Handle OpenSSL/phpseclib engines and algorithms (chalasr)

• #175 Stop ensuring support for PHP versions smaller than 5.0 (chalasr)

• #167 and #169 Stop ensuring support Symfony versions smaller than 2.8 (chalasr)

1.7.0 (2016-08-06)

• feature #200 Deprecate injection of Request instances (chalasr)

v1.6.0 (2016-07-07)

• feature #188 Add JWTNotFoundEvent (chalasr)

v1.5.1 (2016-04-11)

• bug #159 Fix anonymous access by removing the AuthenticationCredentialsNotFoundException (chalasr)

v1.5.0 (2016-04-07)

• feature #157 Allow to set a custom response in case of authentication failure or invalid/not found token (chalasr)
• feature #154 Add OpenSSLKeyLoader (chalasr)
• feature #147 Made the public and private key paths not required… (ovidiumght)
• bug #142 Add response message in case of invalid token (chalasr)

v1.4.3 (2016-01-30)

• feature #133 Always call for master request from request stack (stloyd)

v1.4.1 (2016-01-21)

• feature #126 Use requestStack instead of request (SmurfyFR)

v1.4.0 (2016-01-20)

• feature #117 Allow empty ttl (soyuka)
• feature #113 Add symfony 3.0 support (Ener-Getick)
• feature #110 Updated to newest namshi/jose. Dropped support for PHP 5.3 (TiS)
• feature #103 added functional boot test (slashfan)
• feature #96 Add custom authorization header name (pdoreau)

v1.3.1 (2015-10-21)

• bug #101 Fatal error on console cache:clear (ngandemer)

v1.3.0 (2015-10-21)

• feature #100 Add authentication_listener option (yelmontaser)

v1.2.0 (2015-09-28)

• bug #92 Fix authentication event propagation (mRoca)
• feature #88 Add WWW-Authenticate response header on 401 (teohhanhui)
• feature #76 Add cookie token extractor (tnucera)

v1.1.0 (2015-07-08)

• feature #73 add JWTEncodedEvent so JWT string is available after its creation (9orky)
• feature #69 Added new event when token is authenticated (gamringer)

v1.0.10 (2015-06-05)

• feature #71 Fixing a missing use statement for Reference (adetwiler)

v1.0.9 (2015-06-05)

• bug #70 fixed deprecated errors for symfony 2.6 plus (slashfan)
• feature #67 Move security details to parameters.yml.dist (Maltronic)

v1.0.8 (2015-04-20)

• feature #63 Improve JWTProvider (JJK801)

v1.0.6 (2015-02-17)

• feature #45 Adding AuthenticationException to the AuthenticationFailureEvent (ghost)
• feature #43 Added identity field funcionality and its unit test. (victuxbb)
• feature #40 Add flexibilty to the provider and manager (slashfan)

v1.0.5 (2014-09-16)

• feature #28 Improve response and dispatch event in AuthenticationFailureHandler (EmmanuelVella)

v1.0.4 (2014-08-13)

• feature #27 Added encoder / decoder service customization (#24) (slashfan)
• feature #19 Add response in success event (EmmanuelVella)
• feature #18 Improve json 401 exception (EmmanuelVella)

v1.0.2 (2014-07-11)

• feature #15 Added JWT Creator service (gfreeau)

v1.0.0 (2014-05-16)

• feature #10 Added ability to throw exceptions for handling later and to disable the catch-all entry point (gfreeau)
• feature #9 Changed entry point to contain a message and return json (gfreeau)
• bug #7 Jwt entry point fix #6 (jaugustin)
• feature #5 Firewall config (slashfan)
• feature #2 Symfony2.3+ compatibility (slashfan)