Skip to content

Latest commit

 

History

History
672 lines (368 loc) · 29.4 KB

CHANGELOG.md

File metadata and controls

672 lines (368 loc) · 29.4 KB

Release Notes

v11.10.6 - 2024-03-01

  • Check that properties grant_types and scopes exist by @uintaam in #1722

v11.10.5 - 2024-02-09

  • [11.x] Fix getting/setting client scopes and grant types by @axlon in #1717

v11.10.4 - 2024-01-30

  • Consistently retrieve client uuids value from Passport by @rojtjo in #1711
  • [11.x] Allow developers to disable the password grant type by @axlon in #1712

v11.10.2 - 2024-01-17

  • Add getScopesAttribute and getScopesAttribute methods by @uintaam in #1709

v11.10.1 - 2024-01-10

  • [11.x] Allow unsetting a user's access token by @axlon in #1698
  • [11.x] Add getGrantTypesAttribute method to fix Eloquent strict mode error by @gdebrauwer in #1705

v11.10.0 - 2023-11-02

v11.9.2 - 2023-10-16

v11.9.1 - 2023-09-01

  • [11.x] Allow scope repository to be constructed without parameters by @axlon in #1686

v11.9.0 - 2023-08-29

  • [11.x] Add the ability to limit scopes by client by @axlon in #1682
  • [11.x] Add support for inherited scopes when limiting scopes on clients by @axlon in #1683

v11.8.8 - 2023-07-07

v11.8.7 - 2023-04-28

  • Revert "[11.x] Add Provider Guard to ClientRepository for Personal Access Clients" by @driesvints in #1658

v11.8.6 - 2023-04-24

  • Add Provider Guard to ClientRepository for Personal Access Clients by @michaelnabil230 in #1655

v11.8.5 - 2023-04-04

  • Allow lcobucci/jwt v5 and cleaned up version constraints by @GrahamCampbell in #1649
  • Pass user identifier through to finalize scopes in personal access grant by @GrahamCampbell in #1650

v11.8.4 - 2023-03-18

  • Removed deprecated dates property from RefreshToken model by @siarheipashkevich in #1645
  • Removed deprecated dates property from AuthCode model by @siarheipashkevich in #1644
  • Fix doc block types by @hafezdivandari in #1647

v11.8.3 - 2023-03-01

  • Allow overriding the AccessToken class by @hafezdivandari in #1638
  • Make $userId nullable in ClientRepository->createPersonalAccessClient by @bram-pkg in #1642

v11.8.2 - 2023-02-20

v11.8.1 - 2023-02-20

v11.8.0 - 2023-02-17

  • Move AuthenticationException into the scope of Laravel Passport by @chrispage1 in #1633
  • Custom authorization view response by @JonErickson in #1629
  • Fix deprecated $dates property by @TonyWong9527 in #1636

v11.7.0 - 2023-02-08

Added

  • Add support for EncryptCookies middleware by @axlon in #1628

v11.6.1 - 2023-02-03

Changed

  • Indicate current token can be TransientToken by @axlon in #1627

v11.6.0 - 2023-01-31

Changed

  • Update ClientCommand.php's user_id description by @Smoggert in #1619
  • Get model PK instead of forcibly id column by @lucaspanik in #1626

Fixed

  • Fix doc block for withAccessToken() by @axlon in #1620

v11.5.1 - 2023-01-16

Fixed

  • Get authenticated user from the guard by @hafezdivandari in #1617

v11.5.0 - 2023-01-09

Added

  • Laravel v10 Support by @driesvints in #1615

v11.4.0 - 2023-01-03

Changed

  • Uses PHP Native Type Declarations 🐘 by @nunomaduro in #1594

v11.3.1 - 2022-12-02

Changed

  • Add auth guard to routes by @hafezdivandari in #1603

v11.3.0 - 2022-10-22

Added

  • Support prompting login when redirecting for authorization by @hafezdivandari in #1577

Changed

  • Update PurgeCommand.php by @fatoskurtishi in #1586
  • Fix ClientRepository doc blocks by @axlon in #1587
  • Update docblock by @mnabialek in #1588

v11.2.1 - 2022-09-29

Fixed

  • Improve token guard return type by @axlon in #1579

v11.2.0 - 2022-09-07

Changed

  • Let OAuth2 server handle the denying response by @hafezdivandari in #1572

v11.1.0 - 2022-09-05

Added

  • Support prompting re-consent when redirecting for authorization by @hafezdivandari in #1567
  • Support disabling prompt when redirecting for authorization by @hafezdivandari in #1569

v11.0.1 - 2022-08-29

Changed

  • Custom days and hours to passport purge command by @rubengg86 in #1563
  • Allow for bootstrapping without loading routes by @axlon in #1564

v11.0.0 - 2022-08-19

Added

  • Allow authenticated client to be retrieved from the guard by @axlon in #1508

Changed

  • Revert model DB connection customization by @driesvints in #1412
  • Allow timestamps on Token model by @driesvints in #1425
  • Improve authenticateViaBearerToken() performance by @alecpl in #1447
  • Refactor routes to dedicated file by @driesvints in #1464

Fixed

  • Stub client on guard when calling Passport::actingAsClient() by @axlon in #1519
  • Fix scope inheritance when using Passport::actingAs() by @axlon in #1551

Removed

  • Drop PHP 7.x and Laravel v8 by @driesvints in #1558
  • Remove deprecated properties by @driesvints in #1560
  • Remove deprecated functionality and simplify some feature tests by @driesvints in #1559

v10.4.1 - 2022-04-16

Changed

  • Add new URI Rule to validate URI and use it to RedirectRule. by @victorbalssa in #1544

v10.4.0 - 2022-03-30

Changed

  • Upgrade firebase/php-jwt to ^6.0 by @prufrock in #1538

v10.3.3 - 2022-03-08

Changed

  • Use anonymous migrations by @mmachatschek in #1531

v10.3.2 - 2022-02-22

Fixed

  • Fix Faker deprecations by @X-Coder264 in #1530

Changed

  • Allow to use custom authorization server response (#1521)

Changed

  • Laravel 9 Support (#1516)

Fixed

  • Fix jsonSerialize PHP 8.1 issue (#1512)

Fixed

  • Fix str_replace error when third parameter ($subject) is null (#1511)

Added

  • Add custom encryption key for JWT tokens (#1501)

Changed

  • Refactor expiry dates to intervals (#1500)

Fixed

  • Ensure client model factory always creates models with a primary key (#1492

Changed

Fixed

Fixed

  • Backport phpseclib v2 (#1418)

Changed

  • Update to phpseclib v3 (#1410)

Added

Removed

  • Remove Vue components (#1352)

Fixed

  • Use newFactory to properly reference factory (#1349)

Added

  • Support Laravel 8 & drop PHP 7.2 support (#1336)

Changed

  • forceFill new auth code attributes (#1266)
  • Use only one PSR 7 implementation (#1330)

Removed

  • Remove old static personal client methods (#1325)
  • Remove Guzzle dependency (#1327)

Fixes

Fixed

  • Use custom models in purge command if set (#1316)
  • Apply table responsive on table class (#1318)

Added

  • Guzzle 7 support (#1311)

Fixed

  • Fix maxlength for token names (#1300)
  • Improve passport:install command (#1294)

Fixed

  • Fix actingAsClient token relation (#1268)
  • Fix HashCommand (bedf02c)

Added

  • Allow to change Models database connection (#1255, 7ab3bdb)

Fixed

  • Nonstandard ID in the token's relationship with the user (#1267)

Added

  • Implement secret modal (#1258)
  • Warn about one-time-hashed-secret (#1259)
  • Add force option to hash command (#1251)

Fixed

  • Implement personal access client config (#1260)

Fixed

  • Fix displaying secret in Vue component (#1244)
  • Moved provider check to bearer token only (#1246)
  • Fix create client call (aff9d09)

Added

  • Allow client credentials secret to be hashed (#1145, ccbcfeb, 1c40ae0)
  • Implement passport:hash command (#1238)
  • Initial support for multiple providers (#1220)

Changed

  • Client credentials middleware should allow any valid client (#1132)
  • Switch from getKey() to getAuthIdentifier() to match Laravel core (#1134)
  • Use Hasher interface instead of HashManager (#1157)
  • Bump league server dependency (#1237)

Removed

  • Remove deprecated functionality (#1235)
  • Drop support for old JWT versions (#1236)

Added

  • Automatic configuration of client UUIDs (#1231)

Fixed

  • Fix 500 Internal Server Error response (#1222)

Fixed

  • Fix resolveInheritedScopes (#1207)

Fixed

  • mergeConfigFrom already checked if app is running with config cached (#1205)

Fixed

  • Forget session keys on invalid match (#1192)
  • Update dependencies for PSR request (#1201)

Changed

  • Implement auth token for access requests (#1188)

Fixed

  • Revoke refresh tokens when auth tokens get revoked (#1186)

Fixed

Added

  • Add a Passport Client factory to Passport publishing (#1171)

Changed

  • Use bigIncrements and indexes on relationships (#1169, 140a693)

Added

  • Update ClientCommand to support public clients (#1151)
  • Purge Command for revoked and/or expired tokens and auth codes (#1159, 6c1ea42)

Changed

  • Replace deprecated package and namespaces (#1158)

Added

  • Allow access to HTTP response status code on OAuthServerException (#1148)
  • Modify UserRepository to check for 'findAndValidateForPassport' method (#1144)

Changed

  • Add abstract CheckCredentials middleware and allows to create (#1127)

Fixed

  • Fix actingAsClient testing method (#1119)

Added

  • Add ability to customize the RefreshToken (#966)
  • Add support for "public" clients (#1065)

Changed

  • Rework HandlesOAuthErrors trait to middleware (#937)
  • Use a renderable exception for OAuth errors (#1066)
  • Use diactoros 2.0 and psr-http-factory (aadf603)
  • Replaced helpers with Blade directives (#939)
  • Use caret for constraints (d906804)
  • Dropped support for Laravel 5.8 (654cc09)
  • Dropped support for PHP 7.1 (3c830ac)
  • Upgrade to league/oauth2-server 8.0 (97e3026)

Fixed

  • Fix exception will thrown if token belongs to first party clients (#1040)
  • Fix auth codes table customization (#1044)
  • Add key type to refresh token model (e400c2b)

Fixed

  • Cast returned client identifier value to string (#1091)

Added

  • Add actingAsClient method for tests (#1083)

Fixed

Added

  • Let Passport support inherited parent scopes (#1068)
  • Accept requests with the encrypted X-XSRF-TOKEN HTTP header (#1069)

Fixed

  • Use bigInteger column type for user_id columns (#1057)

Changed

  • Remove old 5.9 constraints (58eb99c)

Changed

  • Update version constraints for Laravel 6.0 (609b5e8)

Fixed

Changed

  • Change server property type in CheckClientCredentialForAnyScope (#1034)

Added

  • Allow first party clients to skip the authorization prompt (#1022)

Fixed

  • Fix AccessToken docblock (#996)

Fixed

  • Allow installs of zend-diactoros 2 (c0c3fca)

Fixed

  • Change wasRecentlyCreated to false (#979)

Changed

  • Changed the way to get action path from url() to route() (#950)
  • Allow '*' scope to be used with Client Credentials (#949)

Fixed

  • Replace fire() with dispatch() (#952)

Added

  • Added redirect_uri and user_id options to cli (#921, 8b8570c)
  • Add ext-json dependency (#940)

Changed

  • Make name an optional question (#926)

Fixed

  • Do not auto increment AuthCode ID (#929)
  • Allow multiple redirects when creating clients (#928)
  • Add responses for destroy methods (#942)

Fixed

  • Rename property (#920)

Added

  • Add middleware CheckClientCredentialsForAnyScope (#855)
  • Support a default scope when no scope was requested by the client (#879)
  • Allow setting expiration of personal access tokens (#919)

Changed

  • Change auth code table to the model's table (#865)
  • Made whereRevoked consistent (#868)
  • Use unsignedInteger column type for client_id columns (47f0021)

Fixed

  • Prevent passing empty string variable to retrieveById method (#861)

Added

  • Add names to routes for re-usability (#846)
  • Add user relationship to client model (#851, 3213be8)
  • Add the ability to retrieve current client (#854)

Fixed

  • Fix migrations tag publish (#832)

Changed

  • Authcode model is now used for persisting new authcodes (#808)
  • resources/assets directory was flattened (#813)

Fixed

Added

  • Add option to enable cookie serialization (9012496)

Changed

  • Don't serialize by default (29e9d53)