Official support for rubinius was removed.
- enhancements
- Configure the way access token is retrieved from request (default to bearer header)
- Authorization Code expiration time is now configurable
- Add support for mongoid
- [#92] Allow users to skip controllers
- [#99] Remove deprecated warnings for data-* attributes @towerhe
- [#101] Return existing access_token for PasswordAccessTokenRequest @benoist
- [#104] Changed access token scopes example code to default_scopes and optional_scopes @amkirwan
- [#107] Fix typos in initializer
- bugfixes
- [#102] Not returning 401 when access token generation fails @cslew
- bugfixes:
- [#94] Uninitialized Constant in Password Flow
- enhancements:
- Backport: Move doorkeeper_for extension to Filter helper
- deprecation
- Deprecate authorization_scopes
- database changes
- AccessToken#resource_owner_id is not nullable
- enhancements
- [#83] Add Resource Owner Password Credentials flow @jaimeiniesta
- [#76] Allow token expiration to be disabled @mattgreen
- [#89] Configure the way client credentials are retrieved from request
- [#b6470a] Add Client Credentials flow
- internals
- [#2ece8d, #f93778] Introduce Client and ErrorResponse classes
- Fix attr_accessible for rails 3.2.x
- [#86] shrink gem package size
- enhancements
- [#54] Ignore Authorization: headers that are not Bearer @miyagawa
- [#58, #64] Add destroy action to applications endpoint @jaimeiniesta, @davidfrey
- [#63] TokensController responds with
401 unauthorized@jaimeiniesta - [#67, #72] Fix for mass-assignment @cicloid
- internals
- [#49] Add Gemnasium status image to README @laserlemon
- [#50] Fix typos @tomekw
- [#51] Updated the factory_girl_rails dependency, fix expires_in response which returned a float number instead of integer @antekpiechnik
- [#62] Typos, .gitignore @jaimeiniesta
- [#65] Change _path redirections to _url redirections @jaimeiniesta
- [#75] Fix unknown method #authenticate_admin! @mattgreen
- Remove application link in authorized app view
- enhancements
- [#48] Add if, else options to doorkeeper_for
- Add views generator
- internals
- Namespace models
- enhancements
- [#17, #31] Add support for client credentials in basic auth header @GoldsteinTechPartners
- [#28] Add indices to migration @GoldsteinTechPartners
- [#29] Allow doorkeeper to run with rails 3.2 @john-griffin
- [#30] Improve client's redirect uri validation @GoldsteinTechPartners
- [#32] Add token (implicit grant) flow @GoldsteinTechPartners
- [#34] Add support for custom unathorized responses @GoldsteinTechPartners
- [#36] Remove repetitions from the Authorised Applications view @carvil
- When user revoke an application, all tokens for that application are revoked
- Error messages now can be translated
- Install generator copies the error messages localization file
- internals
- Fix deprecation warnings in ActiveSupport::Base64
- Remove deprecation in doorkeeper_for that handles hash arguments
- Depends on railties instead of whole rails framework
- CI now integrates with rails 3.1 and 3.2
- enhancements
- [#4] Add authorized applications endpoint
- [#5, #11] Add access token scopes
- [#10] Add access token expiration by default
- [#9, #12] Add refresh token flow
- internals
- [#7] Improve configuration options with :default
- Improve configuration options with :builder
- Refactor config class
- Improve coverage of authorization request integration
- bug fixes
- [#6, #20] Fix access token response headers
- Fix issue with state parameter
- deprecation
- deprecate :only and :except options in doorkeeper_for
- enhancements
- [#3] Authorization code must be short lived and single use
- [#2] Improve views provided by doorkeeper
- [#1] Skips authorization form if the client has been authorized by the resource owner
- Improve readme
- bugfixes
- Fix issue when creating the access token (wrong client id)
- Authorization Code flow
- OAuth applications endpoint