mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-12-27 23:40:22 +05:30
Update readme and changelog
This commit is contained in:
parent
e04b8f4e6d
commit
6679418436
33
CHANGELOG.md
33
CHANGELOG.md
@ -1,5 +1,34 @@
|
||||
# Changelog
|
||||
|
||||
## 7.0.0 (released 2018-02-17)
|
||||
|
||||
* Drop support for PHP 5.6
|
||||
* Drop support for version 5.x and 6.x of the library
|
||||
* Accept RSA key with CRLF line endings (PR #805)
|
||||
* Fix S256 code challenege method (PR #842)
|
||||
* Skip key file creation if the file already exists (PR #845)
|
||||
* Set correct redirect URI when validating scopes (PR #840)
|
||||
* Use PHPStan for static analysis of code (PR #848)
|
||||
* Do not issue an error if key file permissions are 400 or 440 (PR #839)
|
||||
* Add get and set methods for OAuth Server Exception payloads. Allow implementer to specify the JSON encode options (PR #719)
|
||||
* ClientRepository interface will now accept null for the Grant type to improve extensibility options (PR #607)
|
||||
* Update PHPUnit version and provide PHPStan coverage for tests (PR #849)
|
||||
* Upgrade library dependencies and enforce stricter static analysis checks (PR #852)
|
||||
* Fix PKCE implementation (PR #744)
|
||||
|
||||
## 6.1.1 (released 2017-12-23)
|
||||
|
||||
* Removed check on empty scopes
|
||||
|
||||
## 6.1.0 (released 2017-12-23)
|
||||
|
||||
* Changed the token type issued by the Implicit Grant to be Bearer instead of bearer. (PR #724)
|
||||
* Replaced call to array_key_exists() with the faster isset() on the Implicit Grant. (PR #749)
|
||||
* Allow specification of query delimiter character in the Password Grant (PR #801)
|
||||
* Add Zend Diactoros library dependency to examples (PR #678)
|
||||
* Can set default scope for the authorization endpoint. If no scope is passed during an authorization request, the default scope will be used if set. If not, the server will issue an invalid scope exception (PR #811)
|
||||
* Added validation for redirect URIs on the authorization end point to ensure exactly one redirection URI has been passed (PR #573)
|
||||
|
||||
## 6.0.2 (released 2017-08-03)
|
||||
|
||||
* An invalid refresh token that can't be decrypted now returns a HTTP 401 error instead of HTTP 400 (Issue #759)
|
||||
@ -9,7 +38,7 @@
|
||||
## 6.0.1 (released 2017-07-19)
|
||||
|
||||
To address feedback from the security release the following change has been made:
|
||||
|
||||
|
||||
* If an RSA key cannot be chmod'ed to 600 then it will now throw a E_USER_NOTICE instead of an exception.
|
||||
|
||||
## 6.0.0 (released 2017-07-01)
|
||||
@ -349,4 +378,4 @@ Version 5 is a complete code rewrite.
|
||||
|
||||
## 1.0.0 (released 2013-02-15)
|
||||
|
||||
* First major release
|
||||
* First major release
|
||||
|
43
README.md
43
README.md
@ -1,17 +1,12 @@
|
||||
# PHP OAuth 2.0 Server
|
||||
|
||||
### :warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning:
|
||||
### Security Notice
|
||||
|
||||
### Please upgrade to version `>=5.1.6` (backwards compatible) or `6.x` (one tiny breaking change) to fix some potential security vulnerabilities - [visit this page for more information](https://oauth2.thephpleague.com/v5-security-improvements/)
|
||||
### :warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning::warning:
|
||||
|
||||
[![Latest Version](http://img.shields.io/packagist/v/league/oauth2-server.svg?style=flat-square)](https://github.com/thephpleague/oauth2-server/releases)
|
||||
[![Software License](https://img.shields.io/badge/license-MIT-brightgreen.svg?style=flat-square)](LICENSE.md)
|
||||
[![Build Status](https://img.shields.io/travis/thephpleague/oauth2-server/master.svg?style=flat-square)](https://travis-ci.org/thephpleague/oauth2-server)
|
||||
[![Coverage Status](https://img.shields.io/scrutinizer/coverage/g/thephpleague/oauth2-server.svg?style=flat-square)](https://scrutinizer-ci.com/g/thephpleague/oauth2-server/code-structure)
|
||||
[![Quality Score](https://img.shields.io/scrutinizer/g/thephpleague/oauth2-server.svg?style=flat-square)](https://scrutinizer-ci.com/g/thephpleague/oauth2-server)
|
||||
[![Total Downloads](https://img.shields.io/packagist/dt/league/oauth2-server.svg?style=flat-square)](https://packagist.org/packages/league/oauth2-server)
|
||||
[![PHPStan](https://img.shields.io/badge/PHPStan-enabled-brightgreen.svg?style=flat-square)](https://github.com/phpstan/phpstan)
|
||||
|
||||
`league/oauth2-server` is a standards compliant implementation of an [OAuth 2.0](https://tools.ietf.org/html/rfc6749) authorization server written in PHP which makes working with OAuth 2.0 trivial. You can easily configure an OAuth 2.0 server to protect your API with access tokens, or allow clients to request new access tokens and refresh them.
|
||||
|
||||
@ -36,25 +31,48 @@ This library was created by Alex Bilbie. Find him on Twitter at [@alexbilbie](ht
|
||||
|
||||
The following versions of PHP are supported:
|
||||
|
||||
* PHP 5.6
|
||||
* PHP 7.0
|
||||
* PHP 7.1
|
||||
* PHP 7.2
|
||||
|
||||
The `openssl` extension is also required.
|
||||
|
||||
## Installation
|
||||
|
||||
```
|
||||
composer require league/oauth2-server
|
||||
```
|
||||
|
||||
## Documentation
|
||||
|
||||
The library documentation can be found at [https://oauth2.thephpleague.com](https://oauth2.thephpleague.com).
|
||||
The library documentation can be found at [https://oauth2.thephpleague.com](https://oauth2.thephpleague.com).
|
||||
You can contribute to the documentation in the [gh-pages branch](https://github.com/thephpleague/oauth2-server/tree/gh-pages/).
|
||||
|
||||
## Testing
|
||||
|
||||
The library uses [PHPUnit](https://phpunit.de/) for unit tests and [PHPStan](https://github.com/phpstan/phpstan) for static analysis of the code.
|
||||
|
||||
```
|
||||
vendor/bin/phpunit
|
||||
vendor/bin/phpstan analyse -l 6 -c phpstan.neon src tests
|
||||
```
|
||||
|
||||
## Continous Integration
|
||||
|
||||
We use [Travis CI](https://travis-ci.org/), [Scrutinizer](https://scrutinizer-ci.com/), and [StyleCI](https://styleci.io/) for continuous integration. Check out [our](https://github.com/thephpleague/oauth2-server/blob/master/.travis.yml) [configuration](https://github.com/thephpleague/oauth2-server/blob/master/.scrutinizer.yml) [files](https://github.com/thephpleague/oauth2-server/blob/master/.styleci.yml) if you'd like to know more.
|
||||
|
||||
## Community Integrations
|
||||
|
||||
* [Laravel Passport](https://github.com/laravel/passport)
|
||||
* [OAuth 2 Server for CakePHP 3](https://github.com/uafrica/oauth-server)
|
||||
|
||||
## Changelog
|
||||
|
||||
[See the project releases page](https://github.com/thephpleague/oauth2-server/releases)
|
||||
|
||||
## Contributing
|
||||
|
||||
Please see [CONTRIBUTING.md](https://github.com/thephpleague/oauth2-server/blob/master/CONTRIBUTING.md) and [CONDUCT.md](https://github.com/thephpleague/oauth2-server/blob/master/CONDUCT.md) for details.
|
||||
Contributions are always welcome. Please see [CONTRIBUTING.md](https://github.com/thephpleague/oauth2-server/blob/master/CONTRIBUTING.md) and [CONDUCT.md](https://github.com/thephpleague/oauth2-server/blob/master/CONDUCT.md) for details.
|
||||
|
||||
## Support
|
||||
|
||||
@ -62,8 +80,6 @@ Bugs and feature request are tracked on [GitHub](https://github.com/thephpleague
|
||||
|
||||
If you have any questions about OAuth _please_ open a ticket here; please **don't** email the address below.
|
||||
|
||||
|
||||
|
||||
## Commercial Support
|
||||
|
||||
If you would like help implementing this library into your existing platform, or would be interested in OAuth advice or training for you and your team please get in touch with [Glynde Labs](https://glyndelabs.com).
|
||||
@ -78,11 +94,12 @@ This package is released under the MIT License. See the bundled [LICENSE](https:
|
||||
|
||||
## Credits
|
||||
|
||||
This code is principally developed and maintained by [Andy Millington](https://twitter.com/Sephster), [Brian
|
||||
Retterer](https://twitter.com/bretterer), and [Simon Hamp](https://twitter.com/simonhamp).
|
||||
This code is principally developed and maintained by [Andy Millington](https://twitter.com/Sephster) and [Simon Hamp](https://twitter.com/simonhamp).
|
||||
|
||||
Between 2012 and 2017 this library was developed and maintained by [Alex Bilbie](https://alexbilbie.com/).
|
||||
|
||||
PHP OAuth 2.0 Server is one of many packages provided by The PHP League. To find out more, please visit [our website](https://thephpleague.com).
|
||||
|
||||
Special thanks to [all of these awesome contributors](https://github.com/thephpleague/oauth2-server/contributors).
|
||||
|
||||
Additional thanks go to the [Mozilla Secure Open Source Fund](https://wiki.mozilla.org/MOSS/Secure_Open_Source) for funding a security audit of this library.
|
||||
|
Loading…
Reference in New Issue
Block a user