Releases: xp-forge/web-auth
Releases · xp-forge/web-auth
2.2.2: Fix for empty token_types
- Fixed issue #10: Undefined array key "token_type" when response value
does not contain this key. The spec clearly states this is REQUIRED
(https://tools.ietf.org/html/rfc6749#section-5.1), some implementations
do not return this nevertheless. Default toBearerin this case.
(@thekid)
2.2.1: OAuth state reset
- Reset state after authentication via OAuth in order to prevent dead
ends with expired tokens - instead, authentication will be retried
(@thekid)
2.2.0: Fetch API
- Made it possible to send more than just
GETrequests withfetch()
(@thekid)
2.1.0: Callback URLs
2.0.1: Session transmit fix
- Fixed
ISession::transmit()not being called after authentication
(@thekid)
2.0.0: Basic and session based authentications
- Added support for redirecting to URLs with fragments (
/#/users/123)
for OAuth1 and OAuth2; previously only CAS flows supported these.
(@thekid) - Heads up: Refactored
web.auth.Flowinterface to an abstract class
(@thekid) - Heads up: Refactored
Authenticationto be a base class of the
two implementations,web.auth.Basicandweb.auth.SessionBased
(@thekid) - Merged PR #4: Implement
Authentication::optional()- @thekid - Merged PR #3: Implement basic authentication - @thekid
- Merged PR #2: Add
Authentication::required()method - @thekid
1.1.0: CAS
- Merged PR #1: Add CAS login flow, supporting CAS protocol version 2.0+,
see https://apereo.github.io/cas
(@thekid)
1.0.1: Auth flow fix
- Fixed OAuth flows throwing exceptions when a previous authorization flow
was not completed successfully. Instead, retry authorization.
(@thekid)
1.0.0: Drop PHP 5 support
- Implemented xp-framework/rfc#334: Drop PHP 5.6:
. Heads up: Minimum required PHP version now is PHP 7.0.0
. Rewrote code base, grouping use statements
(@thekid)
0.5.0: Ignore session_state parameter
- Removed
session_stateparameter for OAuth 2.0 responses. See
https://stackoverflow.com/questions/24922550/azure-active-directory-session-state
(@thekid)