7.3.3

Added

• Added error_description to the error payload to improve standards compliance. The contents of this are copied from the existing message value. (PR #1006)

Deprecated

• Error payload will not issue message value in the next major release (PR #1006)

7.3.2

Fixed

• Revert setting keys on response type to be inside getResponseType() function instead of AuthorizationServer constructor (PR #969)

7.3.1

Fixed

• Fix issue with previous release where interface had changed for the AuthorizationServer. Reverted to the previous interface while maintaining functionality changes (PR #970)

7.3.0

Changed

• Moved the finalizeScopes() call from validateAuthorizationRequest method to the completeAuthorizationRequest method so it is called just before the access token is issued (PR #923)

Added

• Added a ScopeTrait to provide an implementation for jsonSerialize (PR #952)
• Ability to nest exceptions (PR #965)

Fixed

• Fix issue where AuthorizationServer is not stateless as ResponseType could store state of a previous request (PR #960)

7.2.0

Changed

• Added newvalidateRedirectUri method AbstractGrant to remove three instances of code duplication (PR #912)
• Allow 640 as a crypt key file permission (PR #917)

Added

• Function hasRedirect() added to OAuthServerException (PR #703)

Fixed

• Catch and handle BadMethodCallException from the verify() method of the JWT token in the validateAuthorization method (PR #904)

4.1.7

Fixed

• Ensure empty() function call only contains variable to be compatible with PHP 5.4 (PR #918)

7.1.1

Fixed

• No longer set a WWW-Authenticate header for invalid clients if the client did not send an Authorization header in the original request (PR #902)

7.1.0

Changed

• Changed hint for unsupportedGrantType exception so it no longer references the grant type parameter which isn't always expected (PR #893)
• Upgrade PHPStan checks to level 7 (PR #856)

Added

• Added event emitters for issued access and refresh tokens (PR #860)
• Can now use Defuse\Crypto\Key for encryption/decryption of keys which is faster than the Cryto class (PR #812)

7.0.0

Merge pull request #854 from Sephster/master

Version 7

6.1.1

• Removing check on empty scopes