Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
231 lines (227 sloc) 15.399 kb
3.0-M3 - 2015-02-01
- Changed some method names in RoutesService to make it more consistent and added password change routes
- Pull request #517: Fixed mail and registration views to use RouteService (thanks @maohde)
- Pull request #508: added type parameter (thanks @mkoester)
- Pull request #511: Fix hardcoded execution context (thanks @danielkza)
3.0-M2 - 2015-01-26
- Pull request #480: Missing type parameter for RuntimeEnvironment (thanks @jaceklaskowski)
- Pull request #472: Soundcloud provider (thanks @amertum)
- Pull request #438: Concur provier (thanks @anfuerer)
- Pull request #506: fix case of absoluteTimeoutInMinutes in samples (thanks @chris-cooper)
- Pull request #503: request fixing hardcoded HTTP header name in fromRequest (thanks @jglodek)
- Fixed signup and password change errors in the Scala sample app
- Added CSRF support
- Fixed #435: i18n does not work
- Fixed #471: Continue with authentication if AvatarService is None (thanks @cemcatik)
- Fixed #484: missing public folder
- Fixed #501: Requests get redirected to wrong routes (Java)
- Pull request #441: Update (thanks @salaj1986)
- Pull request #495: disable generateRefReverseRouter (thanks @amertum)
- Pull request #461: Use large version of Facebook profile picture (thanks @nguyentruongtho)
- Fixed #468: Redirect loop when canceling Facebook Login Dialog
- Added crossbuild and upgraded to Play 2.3.7
- Fixed #494: source and target versions are 1.6 now
- Fixed #493: BoxedUnit cannot be cast to Authenticator (thanks @amertum)
- Upgraded to Play 2.3.5 and fixed most compiler warnings
- Fixed: CacheService.Default was ignoring ttl
- Switched back to Play 2.3.2 (problems publishing signed artifacts see
- Added scalariform
- Separate creation and storage of mail tokens (thanks @normenmueller)
- Upgrade to Play 2.3.3 (thanks @benmccann)
3.0-M1 - 2014-08-13
- Updated GoogleProvider to use the new Google endpoints (see
- Code is now compatible with Play 2.3
- Added SecureSocial.currentUser to support Websockets
- Fixed #429: null pointer exception in UserAware Java API (thanks @mangecoeur)
- Pull request #159: Weibo support (thanks @qiuzhanghua and @wuhaixing)
- Pull request #398: Dropbox support (thanks @deterdw)
- Pull request #426: Extract oauth clients (thanks @jeantil)
- Pull request #422: Use named loggers for all providers logging (thanks @jeantil)
- Fixed #420: Xing provider references VkProviderSettings
- Fixed #419: bad sequence of a and p tags (thanks @jglodek)
- Updated XingProvider to work with their latest APIs (thanks @muhlig)
- Fixed serialization problems with Authenticators (#417 and #416)
- Fix logged messages in ProviderController (thanks @AlekseiS)
- Add a string so SaveMode compares will work (thanks @ddispaltro)
- Propagate implicit lang parameter from mailer to mail templates (thanks @jeantil)
- Changed to managed controllers
- Removed RoutesHelper
- Added a module default routes file
- Refactored things not to use Play plugins anymore
- Created services out of helper classes
- Added RuntimeEnvironment
- Identity trait replaced by BasicProfile
- Improved Authenticator framework: AuthenticatorService + AuthenticatorBuilders
- Added support for X-Auth-Token header
- Changes to SecuredAction to use content negotiation for error responses
- Added async support
- Removed ajaxCall
- Added API to login to better support SPA and mobile apps
- removed unnecessary fix for http context in SecuredAction (Java): Play sets the http context properly now.
- Fixed handling of IDs greater than 32bits for TwitterProvider
- Prevent errors caused by missing email in FacebookProvider (thanks @chrisbeach)
- Handle onSignUpGoTo configuration when signupSkipLogin is enabled (thanks @paiou)
- LinkedInOAuth2Provider: retrieve email address and add sample configuration (thanks @paiou)
- Improve logging behaviour (thanks @jeantil)
- Add test helpers for unit and integration testing of securesocial controllers (thanks @jeantil)
- Added Finnish translation (thanks @hannikkala)
- Fixed error in Hebrew message file: was utf-8, now utf-8 without bom (thanks @katrinsharp)
- Added Swedish translation (thanks @ricn)
- Added Japanese translation (thanks @orih)
- /authenticate/:provider routes can now receive a 'redirectTo' parameter. This is where the user is redirected
after succesful authentication (if used overrides the url set in OriginalUrl by SecuredAction)
- ProviderController.authenticate signature changed. Breaks compatibility: routes file needs to be adjusted (see sample apps)
- Added support for linking accounts. New 'link' method in UserService needs to be implemented.
- Update for single quotes (thanks @fmasion)
- Small fixes for NL messages (thanks @francisdb)
- Added German translation (thanks @l0rdn1kk0n)
- Added Arabic translation (thanks @Ahimta)
- Added Brazilian Portuguese translation (thanks @jeohalves)
- Added Polish translation (thanks Dominik Sienkiewicz)
- Added Spanish translation (thanks @jorgeolmos)
- Added Hungarian translation (thanks @bubbanat)
- Added French translation (thanks @afigoureux)
- Added Serbian translation (thanks @vitalije)
- Added Hebrew translation (thanks @katrinsharp)
- Added Persian translation (thanks @AmirKarimi)
- Fixed i18n issues: API breaking changes in TemplatesPlugin, PasswordValidator and templates (they need an implicit Lang as parameter now). Part of the i18n fixes are based on the pull request by @fernandoacorreia, thanks!
- Removed duplicate entry in Russian locale
- Added Russian locale (thanks @siman)
- Add ability to set extra params to oauth2 url endpoints (thanks @chazmcgarvey and @nascosto)
- Updated docs for maven and fixed a rendering problem in the password change page.
- Starting 2.1.3 the module is published to Maven Central
2.1.3 - 2014-01-23
- Change registrationDisabled to registrationEnabled (thanks @hugogoncalves)
- Hide sign up link when Registration provider is disabled (thanks @hugogoncalves)
- Fixed: ProviderController.toUrl was not using the session returned by the event handler
- Added onPasswordChangeGoTo option (thanks @fernandoacorreia)
- Disabled Registration feature (thanks @c-schmitt)
- Fixed: PasswordResetEvent does not have updated password
- Fixed typos in readme and docs (thanks @fayimora, @fernandoacorreia, @nelsonblaha)
- Minor doc updates (thanks @dnephin)
- Added traditional Chinese message file (thanks @yuchuan1)
- Fixed password change with multiple hashers (thanks @FabienPennequin)
- Fixed compiler warnings
- Improved SecureSocial.currentUser to avoid the UserService.find call if the request has the user already
- Added expiration to Cache.set calls
2.1.2 - 2013-11-01
- Fixed example for view customization docs (thanks @yankov)
- Enable retrieving email address from LinkedIn (thanks @targeter)
- Added strings to securesocial.conf in demos (thanks @alanrodas)
- Added idLengthInBytes property to customize the length of session ids (based on changes by @mkubala)
- Improved RoutesHelper to handle multiple assets properly (based on changes by @danielkza)
- Fixed typo in example config (thanks @dhruvbhatia)
- Translation for Dutch (thanks @gerbrand)
- Add indication to register event listeners in play.plugins (thanks @OlivierBlanvillain)
- Added OAuth2 provider for LinkedIn (thanks @gmethvin)
- Upgraded to Play 2.2
- Updated docs to reflect API changes done for 2.1.1
2.1.1 - 2013-08-08
- Renamed class name UserId to IdentityId (breaks backwards compatibility)
- Renamed id field in UserId to userId (breaks backwards compatibility)
- Renamed id field in Identity to identityId (breaks backwards compatibility)
2.1.0 - 2013-08-08
- Upgraded to Play 2.1.3
- Added a enableRefererAsOriginalUrl property to enable/disable the use of the referer as the originalUrl
since this was causing issues for some people (defaults to false). This is a temporary until a final
solution is developed.
- Use referer if originalUrl is not available when the login/signup page is hit (thanks @magro)
- Fixed: Facebook login error when using the publish_stream scope (thanks @fedefrappi)
- Fixed: make minimum default password length to 8 (thanks @wsargent)
- Fixed: ClassCastException on application reload (dev mode) when using Events (thanks @magro)
- Added: Serve the login page using SSL (thanks @magro)
- Fixed: Do not prevent login on missing google profile info (thanks @chazmcgarvey)
- Fixed: NoSuchElementException in FoursquareProvider (thanks @thesmith)
- Moved RequestWithUser outside the SecureSocial controller
- Allow overriding Registration step redirect targets. (thanks @magro)
- Added the email to the flash messages in Registration.handleStartSignUp (thanks @magro)
- Added support for plain text, html and multipart emails in TemplatesPlugin (thanks @magro)
- Made SecureSocial compatible with Play 2.1 [master branch, 2.0.x branch is for Play 2.0 versions now].
2.0.12 - 2013-02-25
- clean securesocial values after login from the session
- renamed keys used in session
- Added a makeTransient property for the authenticator cookie.
- Fixed: absolute timeout was not being picked up from the conf file
- Fixed wrong logout implementation
2.0.11 - 2013-02-21
- Chanded Build.scala files to use the Typesafe community repository.
- Renamed ResetPasswordEvent to PasswordResetEvent.
- Made vals in RoutesHelper lazy
- Added password change, password reset and sign up events
- Added IdGenerator and AuthenticatorStore plugins with their default implementations for the new authenticator cookie.
- Introduced an authenticator cookie to track users. The Play session is not used anymore.
- Fixed issue #144: Successful change password logs user out.
- Fixed wrong package names for the XING, Foursquare and Instagram providers.
- Fixed the error message for invalid token (thanks @playtypii).
- Added Instagram Providers (thanks @poornerd).
- Added Foursquare (tm) and XING Providers (thanks @poornerd).
- Added VK provider (thanks @KonstantinGrigoriev).
- Static files injection to SecureSocial (thanks @pvillega).
- Option to auto-login after completing signup (thanks @platypii).
2.0.10 - 2013-02-06
- Changed the save() method in UserService to return an Identity so that event callback implementations can receive Identity instances from custom classes.
- Added an event API that can be used to track events(only login/logout yet). Scala only for now.
2.0.9 - 2013-01-25
- The login action redirects the user to the app if he is already authenticated now.
2.0.8 - 2013-01-01
- PasswordHasher and Password validator are abstract classes instead of traits now (simplifies Java integration).
- Fixed: wrong LinkedIn key for getting fullName (thanks @chazmcgarvey).
- Removed servceInfo from OAuth1Info. That object can be retrieved from SecureSocial.serviceInfoFor method now.
- Backward incompatible changes to the Java API: deleted AuthenticationMethod, OAuth1Info, OAuth2Info, PasswordInfo, SocialUser and UserId. This was required because after introducing the Identity trait I need to make sure the user gets its own object in the actions instead of a SocialUser instance. Even though there's not a Java equivalent, the Scala classes can be called from Java easily.
- Added new message to messages file: securesocial.login.errorLoggingIn
- Improved ProviderController.handleAuth to show an error if an error occurrs while logging the user in (eg: if the implemewntation throws an exception)
- Fixed: Identity providers were filling wrong provider id values
- Added: UsernamePasswordProvider updates the user avatar if gravatar support is enabled now.
- Added timeout for sessions (30 mins by default, use sessionTimeOut property to change).
- Fixed: PasswordValidator was not being used in password reset
- Fixed: When a token is expired the user is properly redirected to the sign up or reset pages now
- Added enableTokenJob property to enable/disable the background job
- Fixed method typo AuthenticationMethod: toScala.
- Right http codes are returned for ajax calls now
- New assetsController property to override the assets class in RoutesHelper. Needed when a custom Asset controller is used by the app.
- Added hasher id to PasswordInfo
- Added support for registering multiple PasswordHashers to allow upgrading the hashing algorithm.
- Introduced Identity trait. SocialUser now implements it (this will allow developers to return their own user class from UserService.find methods)
2.0.7 - 2012-11-25
- Added password change functionality
- Changed SecureSocial.currentUser/userFromSession methods to support websockets (thanks @KimStevel for catching this)
- Use HTTPS for avatar URL in the Facebook provider (thanks @chazmcgarvey)
- Added documentation for password plugins
- Added base class for Java based password hashers: BasePasswordHasher
- Added PasswordValidator to allow customization of password rules/strength
- Added DefaultPasswordValidator that enforces the length of passwords
- Fixed a RuntimeException in the github provider (thanks @chazmcgarvey)
- Changes to TwitterProvider: use of API 1.1 and https for the image avatar (thanks @chazmcgarvey)
2.0.6 - 2012-11-16
- Fixed a problem where plugins were not being registered when Play recompiled the app
- Added a scheduled task to delete expired signup/password reset tokens
- Added tokenDuration and tokenDeleteInterval properties for userpass
- Changed findByEmail to findByEmailAndProvider in UserService to make it clearer that both fields must match
- Fixed bug: OAuth1Provider was clearing the session at login time (thanks @chazmcgarvey)
2.0.5 - 2012-11-14
- Simplified installation by providing an ivy style repository
- Updated installation steps in the user guide
- Added a change log page to the docs
- Changed the assets directory for SecureSocial to avoid conflicts with apps using it
- Added Bootstrap to demo apps
2.0.4 - 2012-11-11
- Improved signup flow (validates email before allowing registration)
- Added reset password functionality
- Added email notifications
- Added a way to customise views & mails (TemplatesPlugin)
- Added a setting to enable HTTPS in the URLSs for OAUTH callbacks and routes
- Replaced displayName in SocialUser for firstName, lastName and fullName fields
- Added RoutesHelper to build urls using the routes file of the app using the module
- Added a user guide
2.0.3 - 2012-11-02
- Fix to prevent not serializable exception in OAuth1Provider (thanks to @chazmcgarvey)
2.0.2 - 2012-09-24
- Added GitHub provider
- Changed FacebookProvider to use the new Facebook API (user picture)
- Moved to Play 2.0.3
- Fixed #71: Context not available in UserAwareAction
2.0.1 - 2012-06-22
- Added LinkedIn provider
2.0.0 - 2012-06-05
- Initial release of SecureSocial for Play 2 published
- Facebook, Google and Twitter providers
Jump to Line
Something went wrong with that request. Please try again.