Skip to content

8.1.0
Compare
Choose a tag to compare
@Sephster Sephster released this 29 Apr 22:20
· 628 commits to master since this release
8.1.0
b53d324

Added

  • Added support for PHP 7.4 (PR #1075)

Changed

  • If an error is encountered when running preg_match() to validate an RSA key, the server will now throw a RuntimeException (PR #1047)
  • Replaced deprecated methods with recommended ones when using Lcobucci\JWT\Builder to build a JWT token. (PR #1060)
  • When storing a key, we no longer touch the file before writing it as this is an unnecessary step (PR #1064)
  • Prefix native PHP functions in namespaces with backslashes for micro-optimisations (PR #1071)

Removed

  • Support for PHP 7.1 (PR #1075)

Fixed

  • Clients are now explicitly prevented from using the Client Credentials grant unless they are confidential to conform
    with the OAuth2 spec (PR #1035)
  • Abstract method getIdentifier() added to AccessTokenTrait. The trait cannot be used without the getIdentifier()
    method being defined (PR #1051)
  • An exception is now thrown if a refresh token is accidentally sent in place of an authorization code when using the
    Auth Code Grant (PR #1057)
  • Can now send access token request without being forced to specify a redirect URI (PR #1096)
  • In the BearerTokenValidator, if an implementation is using PDO, there is a possibility that a RuntimeException will be thrown when checking if an access token is revoked. This scenario no longer incorrectly issues an exception with a hint mentioning an issue with JSON decoding. (PR #1107)
Assets 2
Loading