2f8de3d230
Ensure the server is the exclusive owner of the key
2017-07-01 16:44:51 +01:00
57d199b889
Stricter validation of code challenge value to match RFC 7636 requirements
2017-07-01 16:44:43 +01:00
6bdd108145
Escape scope parameter to reduce pontential XSS vector
2017-07-01 16:43:31 +01:00
170ce2fd2d
Replaces array_key_exists by isset, which is faster, on ImplicitGrant.
2017-06-30 15:42:23 -03:00
4710743b87
Add "dist: trusty" into travis setting file
2017-06-16 17:09:13 -05:00
11ad87b5f5
Update tests / Add missing.
2017-06-16 12:03:14 -05:00
880e3b4590
Fix invalid code_challenge_method key.
2017-06-16 12:03:04 -05:00
2167edf1d9
Validate codeVerifier and codeChallenge correctly.
2017-06-16 12:02:48 -05:00
2482630221
Fix codeVerifier hash verification.
2017-06-16 12:02:34 -05:00
83228bdcd5
Change case for implict grant token_type
2017-03-27 12:11:25 +01:00
d73b15ae32
Getter and setter for the payload and ability to pass options to json_encode
2017-03-20 14:52:35 +02:00
945624eb51
Merge pull request #1 from thephpleague/master
...
Merging changes into my fork
2017-03-17 19:36:34 +02:00
bf7084a147
Merge pull request #709 from toby-griffiths/fix-refresh-token-ttl
...
Corrected DateInterval from 1 min to 1 month
2017-03-02 14:06:27 +00:00
13c608b849
Corrected DateInterval from 1 min to 1 month
2017-03-01 13:08:42 +00:00
ded7c1ed47
Mentioned PHP 7.1 support
2017-02-02 17:29:06 +00:00
6426e597a3
Fix PKCE code verifier encoding to match specification
...
The current implementation of PKCE does not follow the specification
correctly regarding the encoding of the code verifier. This patch
correctly encodes the hash of the code verifier according to
Appenix A of RFC 7636.
2017-01-24 11:36:34 +01:00
0da70c916a
Merge pull request #690 from Jalle19/patch-1
...
Fix typo in the first README sentence
2016-12-23 07:42:23 +00:00
90cb1bf012
Fix typo in the first README sentence
2016-12-23 00:30:54 +02:00
b32204bd91
Merge pull request #682 from wilsonge/patch-1
...
Fix middleware example fatal error
2016-11-08 13:18:13 +00:00
518c1fcec5
Fix middleware example fatal error
2016-11-08 12:27:49 +00:00
ee8841fe66
Added Zend diactoros library dependency to the examples
2016-10-31 09:57:44 +09:00
6946592553
Merge pull request #671 from duncan3dc/patch-1
...
[Travis] Test on PHP 7.1
2016-10-16 16:58:15 +01:00
25580b98b7
[Travis] Test on PHP 7.1
2016-10-16 16:48:44 +01:00
f78dc2eca0
Updated README
5.1.3
2016-10-12 15:08:15 +01:00
105b3116dc
Merge pull request #669 from jeremykendall/fix/www-authenticate-header
...
Fix WWW-Authenticate entry in $headers array
2016-10-12 15:05:19 +01:00
01677a564e
Fix WWW-Authenticate entry in $headers array
...
In this context the header name should be the array key and the header
value the array value.
2016-10-11 22:27:24 -05:00
4c4b0633b1
Merge pull request #668 from er0k/increase-ssl-key-length
...
Increase the recommended RSA key length from 1024 to 2048 bits
2016-10-11 14:27:16 +01:00
c4a75b2880
Increase the recommended RSA key length from 1024 to 2048 bits
2016-10-11 09:24:27 -04:00
e091d48127
Changelog bump
5.1.2
2016-09-19 10:23:42 +01:00
a798cfdc5d
Merge pull request #656 from thephpleague/issue-650-fix
...
Fix for #650
2016-09-19 10:19:05 +01:00
56e8d374fb
Fix broken tests
2016-09-19 10:06:00 +01:00
b1bfff7325
Don't pass in user because we don't know who user is
2016-09-19 10:05:55 +01:00
32cde01ab2
Merge pull request #657 from thephpleague/analysis-86wPg4
...
Applied fixes from StyleCI
2016-09-13 15:19:56 +01:00
11ccc305d0
Applied fixes from StyleCI
2016-09-13 14:17:09 +00:00
d7df2f7e24
Fix for #650
2016-09-13 15:16:58 +01:00
b8b92e5925
Changelog update
5.1.1
2016-07-26 15:42:03 -04:00
0ebdcd2ab8
Merge pull request #614 from lookyman/better-tests
...
Improved tests
2016-07-25 12:17:28 -04:00
9dee08ba3d
Merge pull request #625 from juliangut/key-file
...
Key file auto-generation from string
2016-07-19 17:24:12 +01:00
065ef5db99
CryptKey tests
2016-07-19 17:15:36 +02:00
039537ebe2
touch!
2016-07-19 15:06:32 +02:00
d8930af5ee
key file auto-generation from string
2016-07-19 15:01:31 +02:00
ada8d20be6
Merge pull request #624 from iansltx/bearer-token-response-params
...
Allow easy addition of custom fields to Bearer token response
2016-07-16 16:38:23 +01:00
090c01d3d1
Allow easy addition of custom fields to Bearer token response
2016-07-16 10:27:33 -05:00
4b6ba5859c
Merge pull request #621 from pounard/master
...
while(array_shift()) makes the AuthorizationServer class configuratio…
2016-07-13 11:02:26 +01:00
57323f38f7
while(array_shift()) makes the AuthorizationServer class configuration mutable
2016-07-13 12:03:05 +02:00
46cd448a47
Merge pull request #616 from lookyman/phpdoc
...
Updated PHPDoc
2016-07-10 09:32:13 +01:00
c874c59b9c
Explicitly compare to false when checking not instanceof
2016-07-09 12:09:21 +02:00
c3a4670c11
Updated PHPDoc
2016-07-09 02:01:53 +02:00
17b6e2a207
tests: Fix missing redirect uri test, add redirect uri mismatch test
2016-07-08 16:04:14 +02:00
54422a244f
tests: AuthCodeGrantTest additional tests
2016-07-08 15:31:29 +02:00