Skip to content

Releases: thephpleague/oauth2-server

2.1.3

23 May 15:32
Compare
Choose a tag to compare

Added normalize headers because it's required by lucadegasperi/oauth2-server-laravel.

Fixes #170

2.1.2

13 May 14:16
Compare
Choose a tag to compare

Seeing as 2.1.1 is the version required by lucadegasperi/oauth2-server-laravel for Laravel 4 users, it seemed important to get this bug-fix into the 2.x branch as well as 3.x.

  • Fix checking for access token in $_SERVER['HTTP_AUTHORIZATION'], which effects the PHP development server, FortRabbit and probably plenty of other environments.

3.1.2

26 Feb 23:16
Compare
Choose a tag to compare
  • Support Authorization being an environment variable. See more

3.1.1

05 Dec 21:11
Compare
Choose a tag to compare
  • Normalize headers when getallheaders() is available (Issues #108 and #114)

3.1.0

05 Dec 21:05
Compare
Choose a tag to compare
  • No longer necessary to inject the authorisation server into a grant, the server will inject itself
  • Added test for 1419ba8

3.0.1

05 Dec 21:05
Compare
Choose a tag to compare
  • Forgot to tell TravisCI from testing PHP 5.3

3.0.0

05 Dec 21:05
Compare
Choose a tag to compare
  • Fixed spelling of Implicit grant class (Issue #84)
  • Travis CI now tests for PHP 5.5
  • Fixes for checking headers for resource server (Issues #79 and #)
  • The word "bearer" now has a capital "B" in JSON output to match OAuth 2.0 spec
  • All grants no longer remove old sessions by default
  • All grants now support custom access token TTL (Issue #92)
  • All methods which didn't before return a value now return $this to support method chaining
  • Removed the build in DB providers - these will be put in their own repos to remove baggage in the main repository
  • Removed support for PHP 5.3 because this library now uses traits and will use other modern PHP features going forward
  • Moved some grant related functions into a trait to reduce duplicate code

2.1.1

23 Sep 13:39
Compare
Choose a tag to compare
  • Added conditional isValid() flag to check for Authorization header only (thanks @alexmcroberts)
  • Fixed semantic meaning of requireScopeParam() and requireStateParam() by changing their default value to true
  • Updated some duff docblocks
  • Corrected array key call in Resource.php (Issue #63)

2.1

23 Sep 13:43
Compare
Choose a tag to compare
2.1
  • Moved zetacomponents/database to "suggest" in composer.json. If you rely on this feature you now need to include " zetacomponents/database" into "require" key in your own composer.json. (Issue #51)
  • New method in Refresh grant called rotateRefreshTokens(). Pass in true to issue a new refresh token each time an access token is refreshed. This parameter needs to be set to true in order to request reduced scopes with the new access token. (Issue #47)
  • Rename key column in oauth_scopes table to scope as key is a reserved SQL word. (Issue #45)
  • The scope parameter is no longer required by default as per the RFC. (Issue #43)
  • You can now set multiple default scopes by passing an array into setDefaultScope(). (Issue #42)
  • The password and client credentials grants now allow for multiple sessions per user. (Issue #32)
  • Scopes associated to authorization codes are not held in their own table (Issue #44)
  • Database schema updates.

2.0.5

23 Sep 13:44
Compare
Choose a tag to compare
  • Fixed oauth_session_token_scopes table primary key
  • Removed DEFAULT '' that has slipped into some tables
  • Fixed docblock for SessionInterface::associateRefreshToken()