Releases: doorkeeper-gem/doorkeeper
Releases · doorkeeper-gem/doorkeeper
v5.6.6
- [#1644] Update HTTP headers.
- [#1646] Block public clients automatic authorization skip.
- [#1648] Add custom token attributes to Refresh Token Request.
- [#1649] Fixed custom_access_token_attributes related errors.
v5.6.5
- [#1602] Allow custom data to be stored inside access grants/tokens.
- [#1634] Code refactoring for custom token attributes.
- [#1639] Add grant type validation to avoid Internal Server Error for DELETE /oauth/authorize endpoint.
v5.6.4
- [#1633] Apply ORM configuration in #to_prepare block to avoid autoloading errors.
v5.6.3
- [#1622] Drop support for Rubies 2.5 and 2.6
- [#1605] Fix URI validation for Ruby 3.2+.
- [#1625] Exclude endless access tokens from
StaleRecordsCleaner.
- [#1626] Remove deprecated
active_record_options config option.
- [#1631] Fix regression with redirect behavior after token lookup optimizations (redirect to app URI when found).
- [#1630] Special case unique index creation for refresh_token on SQL Server.
- [#1627] Lazy evaluate Doorkeeper config when loading files and executing initializers.
v5.6.2
- [#1604] Fix fetching of the application when custom application_class defined.
v5.6.1
- [#1593] Add support for Trilogy ActiveRecord adapter.
- [#1597] Add optional support to use the url path for the native authorization code flow. Ports forward [#1143] from 4.4.3
- [#1599] Remove unnecessarily re-fetch of application object when creating an access token.
v5.6.0
- [#1581] Consider
token_type_hint when searching for access token in TokensController to avoid extra database calls.
v5.6.0.rc1
-
[#1551] Change lazy loading for ORM to be Ruby standard autoload.
-
[#1552] Remove duplicate IDs on Auth form to improve accessibility.
-
[#1542] Improve performance of Doorkeeper::AccessToken#matching_token_for using database specific SQL time math.
[IMPORTANT]: API of the Doorkeeper::AccessToken#matching_token_for method has changed and now it returns
only active access tokens (previously they were just not revoked). Please remember that the idea of the
reuse_access_token option is to check for existing active token (see configuration option description).
v5.5.4
- [#1535] Revert changes introduced in #1528 to allow query params in
redirect_uri as per the spec.
v5.5.3
- [#1528] Don't allow extra query params in redirect_uri.
- [#1525] I18n source for forbidden token error is now
doorkeeper.errors.messages.forbidden_token.missing_scope.
- [#1531] Disable
strict-loading for Doorkeeper models by default.
- [#1532] Add support for Rails 7.