Releases: thephpleague/oauth2-server
Releases · thephpleague/oauth2-server
2.1.3
Added normalize headers because it's required by lucadegasperi/oauth2-server-laravel.
Fixes #170
2.1.2
Seeing as 2.1.1 is the version required by lucadegasperi/oauth2-server-laravel
for Laravel 4 users, it seemed important to get this bug-fix into the 2.x branch as well as 3.x.
- Fix checking for access token in
$_SERVER['HTTP_AUTHORIZATION']
, which effects the PHP development server, FortRabbit and probably plenty of other environments.
3.1.2
3.1.1
3.1.0
3.0.1
- Forgot to tell TravisCI from testing PHP 5.3
3.0.0
- Fixed spelling of Implicit grant class (Issue #84)
- Travis CI now tests for PHP 5.5
- Fixes for checking headers for resource server (Issues #79 and #)
- The word "bearer" now has a capital "B" in JSON output to match OAuth 2.0 spec
- All grants no longer remove old sessions by default
- All grants now support custom access token TTL (Issue #92)
- All methods which didn't before return a value now return
$this
to support method chaining - Removed the build in DB providers - these will be put in their own repos to remove baggage in the main repository
- Removed support for PHP 5.3 because this library now uses traits and will use other modern PHP features going forward
- Moved some grant related functions into a trait to reduce duplicate code
2.1.1
- Added conditional
isValid()
flag to check for Authorization header only (thanks @alexmcroberts) - Fixed semantic meaning of
requireScopeParam()
andrequireStateParam()
by changing their default value to true - Updated some duff docblocks
- Corrected array key call in Resource.php (Issue #63)
2.1
- Moved zetacomponents/database to "suggest" in composer.json. If you rely on this feature you now need to include " zetacomponents/database" into "require" key in your own composer.json. (Issue #51)
- New method in Refresh grant called
rotateRefreshTokens()
. Pass intrue
to issue a new refresh token each time an access token is refreshed. This parameter needs to be set to true in order to request reduced scopes with the new access token. (Issue #47) - Rename
key
column in oauth_scopes table toscope
askey
is a reserved SQL word. (Issue #45) - The
scope
parameter is no longer required by default as per the RFC. (Issue #43) - You can now set multiple default scopes by passing an array into
setDefaultScope()
. (Issue #42) - The password and client credentials grants now allow for multiple sessions per user. (Issue #32)
- Scopes associated to authorization codes are not held in their own table (Issue #44)
- Database schema updates.
2.0.5
- Fixed
oauth_session_token_scopes
table primary key - Removed
DEFAULT ''
that has slipped into some tables - Fixed docblock for
SessionInterface::associateRefreshToken()