mirror of
https://github.com/elyby/oauth2-server.git
synced 2024-11-15 09:47:46 +05:30
83 lines
3.3 KiB
Markdown
83 lines
3.3 KiB
Markdown
# Changelog
|
|
|
|
## 2.1 (released 2013-05-10)
|
|
|
|
* Moved zetacomponents/database to "suggest" in composer.json. If you rely on this feature you now need to include " zetacomponents/database" into "require" key in your own composer.json. (Issue #51)
|
|
* New method in Refresh grant called `rotateRefreshTokens()`. Pass in `true` to issue a new refresh token each time an access token is refreshed. This parameter needs to be set to true in order to request reduced scopes with the new access token. (Issue #47)
|
|
* Rename `key` column in oauth_scopes table to `scope` as `key` is a reserved SQL word. (Issue #45)
|
|
* The `scope` parameter is no longer required by default as per the RFC. (Issue #43)
|
|
* You can now set multiple default scopes by passing an array into `setDefaultScope()`. (Issue #42)
|
|
* The password and client credentials grants now allow for multiple sessions per user. (Issue #32)
|
|
* Scopes associated to authorization codes are not held in their own table (Issue #44)
|
|
* Database schema updates.
|
|
|
|
## 2.0.5 (released 2013-05-09)
|
|
|
|
* Fixed `oauth_session_token_scopes` table primary key
|
|
* Removed `DEFAULT ''` that has slipped into some tables
|
|
* Fixed docblock for `SessionInterface::associateRefreshToken()`
|
|
|
|
## 2.0.4 (released 2013-05-09)
|
|
|
|
* Renamed primary key in oauth_client_endpoints table
|
|
* Adding missing column to oauth_session_authcodes
|
|
* SECURITY FIX: A refresh token should be bound to a client ID
|
|
|
|
## 2.0.3 (released 2013-05-08)
|
|
|
|
* Fixed a link to code in composer.json
|
|
|
|
## 2.0.2 (released 2013-05-08)
|
|
|
|
* Updated README with wiki guides
|
|
* Removed `null` as default parameters in some methods in the storage interfaces
|
|
* Fixed license copyright
|
|
|
|
## 2.0.0 (released 2013-05-08)
|
|
|
|
**If you're upgrading from v1.0.8 there are lots of breaking changes**
|
|
|
|
* Rewrote the session storage interface from scratch so methods are more obvious
|
|
* Included a PDO driver which implements the storage interfaces so the library is more "get up and go"
|
|
* Further normalised the database structure so all sessions no longer contain infomation related to authorization grant (which may or may not be enabled)
|
|
* A session can have multiple associated access tokens
|
|
* Induvidual grants can have custom expire times for access tokens
|
|
* Authorization codes now have a TTL of 10 minutes by default (can be manually set)
|
|
* Refresh tokens now have a TTL of one week by default (can be manually set)
|
|
* The client credentials grant will no longer gives out refresh tokens as per the specification
|
|
|
|
## 1.0.8 (released 2013-03-18)
|
|
|
|
* Fixed check for required state parameter
|
|
* Fixed check that user's credentials are correct in Password grant
|
|
|
|
## 1.0.7 (released 2013-03-04)
|
|
|
|
* Added method `requireStateParam()`
|
|
* Added method `requireScopeParam()`
|
|
|
|
## 1.0.6 (released 2013-02-22)
|
|
|
|
* Added links to tutorials in the README
|
|
* Added missing `state` parameter request to the `checkAuthoriseParams()` method.
|
|
|
|
## 1.0.5 (released 2013-02-21)
|
|
|
|
* Fixed the SQL example for SessionInterface::getScopes()
|
|
|
|
## 1.0.3 (released 2013-02-20)
|
|
|
|
* Changed all instances of the "authentication server" to "authorization server"
|
|
|
|
## 1.0.2 (released 2013-02-20)
|
|
|
|
* Fixed MySQL create table order
|
|
* Fixed version number in composer.json
|
|
|
|
## 1.0.1 (released 2013-02-19)
|
|
|
|
* Updated AuthServer.php to use `self::getParam()`
|
|
|
|
## 1.0.0 (released 2013-02-15)
|
|
|
|
* First major release |