4.0.0
This release ships several API improvements, making this lib much more extensible and easier to use.
It requires PHP 7.4 and it's compatible with PHP 8.0 as well (the latest RC).
Please follow our upgrading guide to perform the necessary adjustments to your code.
- Total issues resolved: 32
- Total pull requests resolved: 196
- Total contributors: 23
BC-break
- 533: Extract interface for keys thanks to @lcobucci
- 538: Rename getters thanks to @lcobucci
- 247: Use OpenSSL to handle ECDSA signature thanks to @lcobucci
- 113: Improve token builder interface thanks to @lcobucci
- 73: Replaced Token->validate with Validator class handling token validation thanks to @dannydorfel
- 72: Token Validation API thanks to @schnittstabil
- 52: Do we really need to throw an exception when verifying the signature of an unsigned token? thanks to @lcobucci
- 51: Move to PHP 7 thanks to @lcobucci
Improvement
- 544: Only prefix file:// if doesn't exist already thanks to @Sephster
- 536: Rename key implementation thanks to @lcobucci
- 531: Use lib exceptions thanks to @lcobucci
- 526: Minor improvements on docs and performance thanks to @lcobucci
- 508: Pull JOSE encoder back thanks to @lcobucci
- 462: Fix base exception concept thanks to @lcobucci
- 454: Allow users to configure format for date registered claims thanks to @t0mmy742
- 431: PHP 8.0 compatibility thanks to @lcobucci
- 399: Move object initialisation to constructor thanks to @lcobucci
- 355: add toString method thanks to @p4veI
- 351: Validator: raise exception when no constraint is given thanks to @Slamdunk
- 325: Allow users to provide custom token builders thanks to @lcobucci
- 319: adds tests for ES512 algorithm thanks to @ffflabs
- 292: Make audience argument variadic in builder thanks to @lcobucci and @samjudge
- 287: Require PHPUnit v8.0 thanks to @lcobucci
- 286: Upgrade Infection to 0.12 thanks to @lcobucci
- 285: Upgrade PHPStan to v0.11 thanks to @lcobucci
- 281: Fix deprecation notices thanks to @lcobucci
- 277: Upgrade infection thanks to @lcobucci
- 276: ECDSA Alg improvements thanks to @Spomky
- 275: Revert "Remove assertion count manipulation" thanks to @lcobucci
- 272: Various minor improvements thanks to @lcobucci
- 271: Add leeway to ValidAt constraint thanks to @lcobucci
- 270: Remove assertion count manipulation thanks to @lcobucci
- 269: Make build more strict thanks to @lcobucci
- 264: Add validation constraints to configuration object thanks to @daniruizcamacho
- 224: Improve build tools thanks to @lcobucci
- 204: Add validation constraints to configuration object thanks to @lcobucci
- 202: Remove file level docblock from all files thanks to @lcobucci
- 201: Improve build process thanks to @lcobucci
- 200: Re-enable Humbug since we now have a RC version thanks to @lcobucci
- 199: 198: Add CS checking to build thanks to @vanbrabantf
- 198: Add PHPCS as a dev dependency thanks to @lcobucci
- 197: Switched public and final to match PSR2 thanks to @vanbrabantf
- 189: Add PHPBench as performance test tool thanks to @lcobucci
- 188: Add PHPCS configuration thanks to @lcobucci
- 187: Implement ECDSA signer that uses OpenSSL thanks to @lcobucci
- 180: Use a time provider instead on
ValidAt
constraint thanks to @lcobucci - 171: Handle claims conversion thanks to @lcobucci and @henriquemoody
- 170: Enhancement: Keep packages sorted without specifying --sort-packages thanks to @localheinz
- 169: Enhancement: Add .gitattributes thanks to @localheinz
- 168: Fix: Cache dependencies installed with composer between builds thanks to @localheinz
- 167: Fix: Remove unused imports thanks to @localheinz
- 166: Add keys to config thanks to @lcobucci
- 165: Simplify registered claims usage thanks to @lcobucci
- 164: Rename builder methods thanks to @lcobucci
- 163: Fix RSA failures and add tests to it thanks to @lcobucci
- 161: Add key(s) to configuration object thanks to @lcobucci
- 160: Create none signer thanks to @lcobucci
- 159: Move string references of registered claims to constants thanks to @lcobucci
- 153: Require PHP 7.1 thanks to @lcobucci
- 146: Require PHP 7.1 thanks to @lcobucci
- 139: Use a time provider to get the current system time thanks to @lcobucci
- 131: Make sure there are no duplicated audiences while building token thanks to @lcobucci
- 130: Extract the registered claim names to constants thanks to @lcobucci
- 129: Create new validation API thanks to @lcobucci
- 122: Simplify signer API thanks to @lcobucci
- 118: Improve tests and add humbug thanks to @lcobucci
- 117: Improve the token interface thanks to @lcobucci
- 95: Removing some bad mutations thanks to @lcobucci
- 84: Using external coverage (and keeping track of just unit tests coverage). thanks to @lcobucci
- 78: Allow arrays or audience claim and issuer validation. thanks to @SamThePsychoticLeprechaun
- 74: Introducing a configuration object thanks to @lcobucci
- 49: Introduce configuration object thanks to @lcobucci
- 38: Extract Encoder and Decoder so they can be used in other libs thanks to @lcobucci
- 29: Private/public claims validation thanks to @lcobucci
Documentation
- 534: Final preparations for 4.0.0-beta1 thanks to @lcobucci
- 326: Create documentation thanks to @lcobucci
- 94: Add information about how to extend the library thanks to @lcobucci
- 242: Fix travis link in readme thanks to @BackEndTea
- 221: Make it super obvious that the stable docs are at at 3.2 branch. thanks to @frankdejonge
- 218: Update license year thanks to @m1guelpf
- 208: Add information about Auth0's support thanks to @lcobucci
- 184: Fix README.md link to issue #37 thanks to @ricardoseriani
- 125: Documentation is incorrect / refers to changes not yet in dev-master thanks to @gramorris
- 87: Update required PHP version thanks to @Nyholm
Bug
- 121: Just try to send the report when it exists thanks to @lcobucci
- 111: Update to latest manter/ecc thanks to @lcobucci and @craigcarnell
CI
- 461: Add makefile thanks to @lcobucci
- 429: Migrate to GH actions thanks to @lcobucci
- 337: Add more files to .gitattributes thanks to @reedy
Dependencies
- 535: Bump infection/infection from 0.20.1 to 0.20.2 thanks to @dependabot-preview[bot]
- 532: Bump phpstan/phpstan from 0.12.55 to 0.12.56 thanks to @dependabot-preview[bot]
- 530: Bump phpstan/phpstan from 0.12.54 to 0.12.55 thanks to @dependabot-preview[bot]
- 529: Bump myclabs/deep-copy from 1.10.1 to 1.10.2 thanks to @dependabot-preview[bot]
- 528: Bump composer/xdebug-handler from 1.4.4 to 1.4.5 thanks to @dependabot-preview[bot]
- 527: Bump seld/jsonlint from 1.8.2 to 1.8.3 thanks to @dependabot-preview[bot]
- 523: Bump doctrine/instantiator from 1.3.1 to 1.4.0 thanks to @dependabot-preview[bot]
- 522: Bump phpunit/phpunit from 9.4.2 to 9.4.3 thanks to @dependabot-preview[bot]
- 509: Bump phpstan/phpstan from 0.12.53 to 0.12.54 thanks to @dependabot-preview[bot]
- 507: Bump infection/infection from 0.20.0 to 0.20.1 thanks to @dependabot-preview[bot]
- 506: Bump infection/infection from 0.19.2 to 0.20.0 thanks to @dependabot-preview[bot] and @lcobucci
- 505: Bump phpstan/phpstan from 0.12.52 to 0.12.53 thanks to @dependabot-preview[bot]
- 504: Bump phpunit/php-code-coverage from 9.2.2 to 9.2.3 thanks to @dependabot-preview[bot]
- 503: Bump infection/infection from 0.19.1 to 0.19.2 thanks to @dependabot-preview[bot]
- 500: Bump symfony/debug from 4.4.15 to 4.4.16 thanks to @dependabot-preview[bot]
- 499: Bump symfony/options-resolver from 5.1.7 to 5.1.8 thanks to @dependabot-preview[bot]
- 497: Bump infection/infection from 0.19.0 to 0.19.1 thanks to @dependabot-preview[bot]
- 496: Bump phpunit/php-code-coverage from 9.2.1 to 9.2.2 thanks to @dependabot-preview[bot]
- 493: Bump symfony/filesystem from 5.1.7 to 5.1.8 thanks to @dependabot-preview[bot]
- 492: Bump doctrine/annotations from 1.11.0 to 1.11.1 thanks to @dependabot-preview[bot] and @lcobucci
- 491: Bump infection/infection from 0.18.2 to 0.19.0 thanks to @dependabot-preview[bot] and @lcobucci
- 490: Bump phpunit/php-code-coverage from 9.2.0 to 9.2.1 thanks to @dependabot-preview[bot]
- 489: Bump sebastian/comparator from 4.0.5 to 4.0.6 thanks to @dependabot-preview[bot]
- 488: Bump sebastian/global-state from 5.0.1 to 5.0.2 thanks to @dependabot-preview[bot]
- 487: Bump phpunit/php-timer from 5.0.2 to 5.0.3 thanks to @dependabot-preview[bot]
- 486: Bump sebastian/type from 2.3.0 to 2.3.1 thanks to @dependabot-preview[bot]
- 485: Bump sebastian/object-enumerator from 4.0.3 to 4.0.4 thanks to @dependabot-preview[bot]
- 484: Bump sebastian/diff from 4.0.3 to 4.0.4 thanks to @dependabot-preview[bot]
- 483: Bump sebastian/code-unit from 1.0.7 to 1.0.8 thanks to @dependabot-preview[bot]
- 482: Bump sanmai/pipeline from 5.0.1 to 5.1.0 thanks to @dependabot-preview[bot]
- 481: Bump phpunit/php-text-template from 2.0.3 to 2.0.4 thanks to @dependabot-preview[bot]
- 480: Bump doctrine/coding-standard from 8.1.0 to 8.2.0 thanks to @dependabot-preview[bot]
- 479: Bump phpstan/phpstan from 0.12.50 to 0.12.52 thanks to @dependabot-preview[bot] and @lcobucci
- 478: Bump symfony/polyfill-mbstring from 1.18.1 to 1.20.0 thanks to @dependabot-preview[bot]
- 477: Bump symfony/polyfill-php73 from 1.18.1 to 1.20.0 thanks to @dependabot-preview[bot]
- 475: Bump symfony/polyfill-intl-grapheme from 1.18.1 to 1.20.0 thanks to @dependabot-preview[bot]
- 476: Bump symfony/polyfill-ctype from 1.18.1 to 1.20.0 thanks to @dependabot-preview[bot]
- 474: Bump symfony/polyfill-php80 from 1.19.0 to 1.20.0 thanks to @dependabot-preview[bot]
- 473: Bump symfony/polyfill-intl-normalizer from 1.19.0 to 1.20.0 thanks to @dependabot-preview[bot]
- 472: Bump doctrine/annotations from 1.10.4 to 1.11.0 thanks to @dependabot-preview[bot] and @lcobucci
- 471: Bump composer/xdebug-handler from 1.4.3 to 1.4.4 thanks to @dependabot-preview[bot]
- 469: Bump squizlabs/php_codesniffer from 3.5.6 to 3.5.8 thanks to @dependabot-preview[bot]
- 464: Bump symfony/polyfill-php80 from 1.18.1 to 1.19.0 thanks to @dependabot-preview[bot]
- 463: Bump symfony/polyfill-intl-normalizer from 1.18.1 to 1.19.0 thanks to @dependabot-preview[bot]
- 460: Bump thecodingmachine/safe from 1.3.1 to 1.3.2 thanks to @dependabot-preview[bot]
- 459: Bump infection/infection from 0.17.3 to 0.18.2 thanks to @dependabot-preview[bot]
- 458: Bump phpunit/phpunit from 9.4.1 to 9.4.2 thanks to @dependabot-preview[bot]
- 457: Bump phpstan/phpstan from 0.12.49 to 0.12.50 thanks to @dependabot-preview[bot]
- 455: Bump lstrojny/functional-php from 1.14.0 to 1.14.1 thanks to @dependabot-preview[bot]
- 453: Bump phpstan/phpstan from 0.12.48 to 0.12.49 thanks to @dependabot-preview[bot]
- 451: Bump phpunit/phpunit from 9.4.0 to 9.4.1 thanks to @dependabot-preview[bot]
- 450: Bump thecodingmachine/safe from 1.3 to 1.3.1 thanks to @dependabot-preview[bot]
- 449: Bump thecodingmachine/safe from 1.2.1 to 1.3 thanks to @dependabot-preview[bot]
- 448: Bump sebastian/type from 2.2.2 to 2.3.0 thanks to @dependabot-preview[bot]
- 447: Bump slevomat/coding-standard from 6.4.0 to 6.4.1 thanks to @dependabot-preview[bot]
- 446: Bump symfony/filesystem from 5.1.6 to 5.1.7 thanks to @dependabot-preview[bot]
- 445: Bump symfony/options-resolver from 5.1.6 to 5.1.7 thanks to @dependabot-preview[bot]
- 444: Bump symfony/process from 5.1.6 to 5.1.7 thanks to @dependabot-preview[bot]
- 442: Bump symfony/debug from 4.4.14 to 4.4.15 thanks to @dependabot-preview[bot]
- 441: Bump symfony/finder from 5.1.6 to 5.1.7 thanks to @dependabot-preview[bot]
- 440: Bump symfony/console from 5.1.6 to 5.1.7 thanks to @dependabot-preview[bot]
- 439: Bump phpunit/phpunit from 9.3.11 to 9.4.0 thanks to @dependabot-preview[bot]
- 438: Bump phpstan/phpstan from 0.12.47 to 0.12.48 thanks to @dependabot-preview[bot]
- 437: Bump sebastian/comparator from 4.0.4 to 4.0.5 thanks to @dependabot-preview[bot]
- 436: Bump phpstan/phpstan from 0.12.45 to 0.12.47 thanks to @dependabot-preview[bot]
- 435: Bump phpspec/prophecy from 1.12.0 to 1.12.1 thanks to @dependabot-preview[bot]
- 434: Bump symfony/finder from 5.1.5 to 5.1.6 thanks to @dependabot-preview[bot]
- 430: Bump phpunit/php-invoker from 3.1.0 to 3.1.1 thanks to @dependabot-preview[bot]
- 428: Bump phpstan/phpstan from 0.12.43 to 0.12.45 thanks to @dependabot-preview[bot]
- 427: Bump symfony/process from 5.1.5 to 5.1.6 thanks to @dependabot-preview[bot]
- 426: Bump symfony/filesystem from 5.1.5 to 5.1.6 thanks to @dependabot-preview[bot]
- 425: Bump symfony/console from 5.1.5 to 5.1.6 thanks to @dependabot-preview[bot]
- 423: Bump symfony/debug from 4.4.13 to 4.4.14 thanks to @dependabot-preview[bot]
- 421: Bump symfony/options-resolver from 5.1.5 to 5.1.6 thanks to @dependabot-preview[bot]
- 420: Bump nikic/php-parser from 4.10.0 to 4.10.2 thanks to @dependabot-preview[bot]
- 419: Bump thecodingmachine/safe from 1.2.0 to 1.2.1 thanks to @dependabot-preview[bot]
- 417: Bump phpunit/phpunit from 9.3.10 to 9.3.11 thanks to @dependabot-preview[bot]
- 414: Bump phpstan/phpstan from 0.12.42 to 0.12.43 thanks to @dependabot-preview[bot]
- 413: Bump phpunit/php-code-coverage from 9.1.9 to 9.1.11 thanks to @dependabot-preview[bot]
- 412: Bump nikic/php-parser from 4.9.1 to 4.10.0 thanks to @dependabot-preview[bot]
- 409: Bump phpdocumentor/reflection-docblock from 5.2.1 to 5.2.2 thanks to @dependabot-preview[bot]
- 408: Bump phpdocumentor/type-resolver from 1.3.0 to 1.4.0 thanks to @dependabot-preview[bot]
- 407: Bump phpunit/php-code-coverage from 9.1.8 to 9.1.9 thanks to @dependabot-preview[bot]
- 406: Bump phpunit/phpunit from 9.3.9 to 9.3.10 thanks to @dependabot-preview[bot]
- 405: Bump phpunit/phpunit from 9.3.8 to 9.3.9 thanks to @dependabot-preview[bot]
- 404: Bump symfony/deprecation-contracts from 2.1.3 to 2.2.0 thanks to @dependabot-preview[bot]
- 402: Bump symfony/service-contracts from 2.1.3 to 2.2.0 thanks to @dependabot-preview[bot]
- 401: Bump lcobucci/coding-standard from 6.0.0 to 6.0.1 thanks to @dependabot-preview[bot]
- 400: Bump ondram/ci-detector from 3.5.0 to 3.5.1 thanks to @dependabot-preview[bot]
- 398: Bump thecodingmachine/safe from 1.1.3 to 1.2.0 thanks to @dependabot-preview[bot]
- 397: Bump phpunit/php-code-coverage from 9.1.4 to 9.1.7 thanks to @dependabot-preview[bot]
- 396: Bump symfony/filesystem from 5.1.4 to 5.1.5 thanks to @dependabot-preview[bot]
- 395: Bump symfony/options-resolver from 5.1.4 to 5.1.5 thanks to @dependabot-preview[bot]
- 394: Bump phpstan/phpstan from 0.12.40 to 0.12.42 thanks to @dependabot-preview[bot]
- 393: Bump symfony/console from 5.1.4 to 5.1.5 thanks to @dependabot-preview[bot]
- 392: Bump symfony/finder from 5.1.3 to 5.1.5 thanks to @dependabot-preview[bot] and @lcobucci
- 391: Bump symfony/process from 5.1.3 to 5.1.5 thanks to @dependabot-preview[bot]
- 390: Bump symfony/string from 5.1.4 to 5.1.5 thanks to @dependabot-preview[bot]
- 389: Bump symfony/debug from 4.4.11 to 4.4.13 thanks to @dependabot-preview[bot]
- 388: Bump symfony/filesystem from 5.1.3 to 5.1.4 thanks to @dependabot-preview[bot]
- 387: Bump symfony/console from 5.1.3 to 5.1.4 thanks to @dependabot-preview[bot] and @lcobucci
- 384: Bump symfony/options-resolver from 5.1.3 to 5.1.4 thanks to @dependabot-preview[bot]
- 382: Bump slevomat/coding-standard from 6.3.11 to 6.4.0 thanks to @dependabot-preview[bot]
- 379: Bump infection/abstract-testframework-adapter from 0.3.0 to 0.3.1 thanks to @dependabot-preview[bot]
- 378: Bump nikic/php-parser from 4.9.0 to 4.9.1 thanks to @dependabot-preview[bot]
- 377: Bump phpstan/phpstan-strict-rules from 0.12.4 to 0.12.5 thanks to @dependabot-preview[bot]
- 376: Bump phpstan/extension-installer from 1.0.4 to 1.0.5 thanks to @dependabot-preview[bot]
- 373: Bump sanmai/pipeline from 5.0 to 5.0.1 thanks to @dependabot-preview[bot]
- 363: Update phpunit/phpunit requirement from ^9.2 to ^9.3 thanks to @dependabot-preview[bot]
- 361: Upgrade lcobucci/coding-standard to v5.0 thanks to @lcobucci
- 360: Update phpunit/phpunit requirement from ^9.1 to ^9.2 thanks to @dependabot-preview[bot]
- 359: Upgrade dependencies thanks to @lcobucci
- 352: Update phpunit/phpunit requirement from ^9.0 to ^9.1 thanks to @dependabot-preview[bot]
- 350: Update infection/infection requirement from ^0.15 to ^0.16 thanks to @dependabot-preview[bot]
- 347: Update phpunit/phpunit requirement from ^8.5 to ^9.0 thanks to @dependabot-preview[bot] and @lcobucci
- 345: Update phpunit/php-invoker requirement from ^2.0 to ^3.0 thanks to @dependabot-preview[bot]
- 343: Update phpmd/phpmd requirement from ^2.7 to ^2.8 thanks to @dependabot-preview[bot] and @lcobucci
- 342: Update phpunit/phpunit requirement from ^8.4 to ^8.5 thanks to @dependabot-preview[bot]
- 340: Update infection/infection requirement from ^0.14 to ^0.15 thanks to @dependabot-preview[bot]
- 328: Upgrade coding standards thanks to @lcobucci
- 324: Require latest PHP version thanks to @lcobucci
- 323: Upgrade InfectionPHP thanks to @lcobucci
- 321: Update squizlabs/php_codesniffer requirement from ^3.4 to ^3.5 thanks to @dependabot-preview[bot]
- 318: Update lcobucci/jose-parsing requirement from ~2.1 to ~2.2 thanks to @dependabot-preview[bot]
- 541: Bump beberlei/assert from 3.2.7 to 3.3.0 thanks to @dependabot-preview[bot]
- 540: Bump phpstan/phpstan from 0.12.56 to 0.12.57 thanks to @dependabot-preview[bot]