Merge branch 'hotfix/13'

Close #13

CHANGELOG.md

@@ -2,6 +2,39 @@
 
 All notable changes to this project will be documented in this file, in reverse chronological order by release.
 
+## 0.3.0 - 2017-11-28
+
+### Added
+
+- [#13](https://github.com/zendframework/zend-expressive-authorization/pull/13) adds
+  a requirement on the zend-expressive-authentication package, v 0.2.0 and up.
+
+### Changed
+
+- [#13](https://github.com/zendframework/zend-expressive-authorization/pull/13)
+  modifies the `AuthorizationMiddleware` workflow. It now looks for a
+  `Zend\Expressive\Authentication\UserInterface` request parameter that
+  implements that interface; with none available, it returns a 401 status.
+  Additionally, it now uses `UserInterface::getUserRoles()`, which returns an
+  array of roles; as such, it loops through each, delegating request processing
+  for the first role granted permission.
+
+- [#13](https://github.com/zendframework/zend-expressive-authorization/pull/13)
+  pins to http-interop/http-middleware 0.4.1, as that is the most recent version
+  supported by zend-expressive-authentication.
+
+### Deprecated
+
+- Nothing.
+
+### Removed
+
+- Nothing.
+
+### Fixed
+
+- Nothing.
+
 ## 0.2.0 - 2017-10-09
 
 ### Added

composer.json

@@ -22,9 +22,11 @@
     },
     "require": {
         "php": "^7.1",
+        "http-interop/http-middleware": "^0.4.1",
         "psr/container": "^1.0",
         "psr/http-message": "^1.0.1",
         "webimpress/http-middleware-compatibility": "^0.1.1",
+        "zendframework/zend-expressive-authentication": "^0.2 || ^1.0",
         "zendframework/zend-expressive-router": "^2.2"
     },
     "require-dev": {