Skip to content

Latest commit

 

History

History
807 lines (479 loc) · 41.5 KB

CHANGELOG.md

File metadata and controls

807 lines (479 loc) · 41.5 KB

CHANGELOG

7.5.0 (2020-11-16)

Full Changelog

Closed issues

  • createPasswordChangeTicket doesn't support 'ttl_sec' parameter #457
  • Make the CACHE_TTL used in the JWKFetcher configurable. #450
  • Allow programmatic clearing of cache values managed by Auth0Service #441

Added

  • Add support for Authorization Code Flow with PKCE #449 (ls-youssef-jlidat)
  • Allow specifying TTL when creating password change tickets #463 (evansims)
  • Expand control over TTL/Caching in JWKFetcher #462 (evansims)
  • Add support for Management V2 users export job endpoint #461 (evansims)

7.4.0 (2020-09-28)

Full Changelog

Added

  • Add support for new identity field for email verifications #455 (jimmyjames)

7.3.0 (2020-08-27)

Full Changelog

Closed issues

  • TokenVerifier::verify throws a \RuntimeException instead of an InvalidTokenException #438
  • Support Guzzle 7 #421

Added

Fixed

  • Throw InvalidTokenException instead of RuntimeException when parsing malformed token #439 (B-Galati)

7.2.0 (2020-04-23)

Full Changelog

Closed issues

  • Renew Tokens throws nonce error #432
  • email_passwordless_start not setting client_secret #431

Added

Fixed

7.1.0 (2020-02-19)

Full Changelog

Closed issues

  • Authorized Party (azp) claim mismatch in the ID token #422
  • JWTVerifier alternatives #419
  • Consider to customize the jwks path #417

Added

7.0.0 (2020-01-15)

Full Changelog

BEFORE YOU UPGRADE

This is a major release with several breaking changes. Please see the v5 to v7 migration guide here before you upgrade.

Added

Changed

Removed

5.7.0 (2019-12-09)

Full Changelog

Added

Deprecated

  • Add deprecation notices for removals in v7 major release #407 (joshcanhelp)

Fixed

  • Fix mkdir race condition in FileSystemCacheHandler #375 (B-Galati)

5.6.0 (2019-09-26)

Full Changelog

Closed issues

  • [Auth0\SDK\Exception\CoreException] Invalid domain when trying to run unit tests with Codeception 3.1.0 #358
  • JWT Verification fails everytime #356
  • Bulk User Imports - I can't Use upsert as a paramater for the importUsers feature #353

Added

  • Add \Auth0\SDK\Auth0::getLoginUrl() method and switch login() to use it #371 (joshcanhelp)
  • Add JWKFetcher::getFormatted() method and switch validator to use #369 (joshcanhelp)
  • Add additional API params to Jobs > importUsers #354 (pinodex)

Deprecated

Fixed

5.5.1 (2019-07-15)

Full Changelog

Closed issues

  • No packagist package created for 5.5.0 #346

Fixed

  • Fix empty url params #349 (joshcanhelp)
  • Fix tests to reduce the number of sensitive credentials used #348 (joshcanhelp)
  • Change normalizeIncludeTotals() in GenericResource to have sane defaults #347 (kler)

5.5.0 (2019-06-07)

Full Changelog

Closed issues

  • Consider dropping PHP-5.x version supports #343
  • Auth0 Error: 'Invalid state' in /auth0/vendor/auth0/auth0-php/src/Auth0.php: line#537 #333

Added

5.4.0 (2019-02-28)

Full Changelog

Notes for this release:

  • \Auth0\SDK\Auth0 now accepts a $config key called skip_userinfo that uses the decoded ID token for the user profile instead of a call to the /userinfo endpoint. This will save an HTTP call during login and should have no affect on most applications.

Closed issues

  • Auth0::exchange() assumes a valid id_token #317
  • Feature Request: Support sending auth0-forwarded-for header #208

Added

Changed

Deprecated

  • Official deprecation for JWKFetcher method #328 (joshcanhelp)
    • \Auth0\SDK\Helpers\JWKFetcher::fetchKeys()
  • Official deprecation for User methods #327 (joshcanhelp)
    • \Auth0\SDK\API\Management\Users::search()
    • \Auth0\SDK\API\Management\Users::unlinkDevice()
  • Official deprecation of ClientGrants method #326 (joshcanhelp)
    • \Auth0\SDK\API\Management\ClientGrants::get()
  • Official deprecation of legacy InformationHeaders methods #325 (joshcanhelp)
    • \Auth0\SDK\API\Helpers\InformationHeaders::setEnvironment()
    • \Auth0\SDK\API\Helpers\InformationHeaders::setDependency()
    • \Auth0\SDK\API\Helpers\InformationHeaders::setDependencyData()
  • Official deprecation of legacy Authentication methods #324 (joshcanhelp)
    • \Auth0\SDK\API\Authentication::setApiClient()
    • \Auth0\SDK\API\Authentication::sms_code_passwordless_verify()
    • \Auth0\SDK\API\Authentication::email_code_passwordless_verify()
    • \Auth0\SDK\API\Authentication::impersonate()

Fixed

5.3.2 (2018-11-2)

Full Changelog

Closed issues

  • Something is wrong with the latest release 5.3.1 #303

Fixed

5.3.1 (2018-10-31)

Full Changelog

Closed issues

  • Array to String exception when audience is an array #296
  • Passing accessToken from frontend to PHP API #281
  • Deprecated method email_code_passwordless_verify #280

Added

  • Fix documentation for Auth0 constructor options #298 (biganfa)

Changed

Fixed

5.3.0 (2018-10-09)

Full Changelog

Closed issues

  • Question: Handling rate limits #277
  • Allow configuration of the JWKS URL #276
  • Allow changing the session key name #273
  • SessionStore overrides PHP session cookie lifetime setting #215

Added

Changed

  • Build/PHPCS: update/improve the PHPCS configuration #284 (jrfnl)

Deprecated

Removed

Fixed

  • Whitespace pass with new standards using composer phpcbf #268 (joshcanhelp)

Security

5.2.0 (2018-06-13)

Full Changelog

Closed issues

  • getAppMetadata - how to use? #248
  • Auth0 class missing action to renew access token #234
  • DOC maj #217

Added

Changed

Fixed

5.1.1 (2018-04-03)

Full Changelog

Closed issues

  • State Handler with Custom Session Store #233
  • Implement ResourceServices::getAll #200

Added

Fixed

5.1.0 (2018-03-02)

Full Changelog

Notes on this release:

State validation was added for improved security. Please see our troubleshooting page for more information on how this works and potential issues.

Closed issues

  • Support for php-jwt 5 #210

Added

  • Added XSRF State Storage / Validation #214 (cocojoe)
  • Adding tests for state handler; correcting storage method used #228 (joshcanhelp)

Changed

5.0.6 (2017-11-24)

Full Changelog

Added

  • Add support for the new users by email API #213 (erichard)

Fixed

5.0.4 (2017-06-26)

Full Changelog

Added

Changed

  • Restructured tests and fixed hhvm build #164 (Nyholm)
  • Update .env.example with more appropriate values #148 (AmaanC)

Removed

3.4.0 (2016-06-21)

Full Changelog

Closed issues:

  • More descriptive error message when code exchange fails #86

Merged pull requests:

3.3.7 (2016-06-09)

Full Changelog

3.3.6 (2016-06-09)

Full Changelog

Merged pull requests:

  • $this->access_token is an array, not object #85 (dev101)

3.3.5 (2016-05-24)

Full Changelog

Closed issues:

  • Create password change ticket fails #84
  • UnexpectedValueException is used in Auth0JWT.php but is not defined #80
  • Add support for auth api endpoints (/ro) #22

3.3.4 (2016-05-24)

Full Changelog

3.3.3 (2016-05-24)

Full Changelog

2.2.3 (2016-05-10)

Full Changelog

3.3.2 (2016-05-10)

Full Changelog

3.3.1 (2016-05-10)

Full Changelog

2.2.2 (2016-05-10)

Full Changelog

3.3.0 (2016-05-09)

Full Changelog

Merged pull requests:

  • deleted uneccessary code, fixed typos #83 (Amialc)
  • Add Docker support #82 (smtx)
  • changed UnexpectedValueException to CoreException #81 (dryror)
  • Added auth api support #78 (glena)

3.2.1 (2016-05-02)

Full Changelog

2.2.1 (2016-04-27)

Full Changelog

Closed issues:

  • outdated dependency in api example #75

Merged pull requests:

  • dependencies update in basic api example #79 (Amialc)

3.2.0 (2016-04-15)

Full Changelog

  • Now the SDK supports RS256 codes, it will decode using the .well-known/jwks.json endpoint to fetch the public key

2.2.0 (2016-04-15)

Full Changelog

Notes

  • Now the SDK fetches the user using the tokeninfo endpoint to be fully compliant with the openid spec
  • Now the SDK supports RS256 codes, it will decode using the .well-known/jwks.json endpoint to fetch the public key

Closed issues:

  • /tokeninfo API support #76
  • Specify GuzzleHttp config #73

Merged pull requests:

3.1.0 (2016-03-10)

Full Changelog

Closed issues:

Merged pull requests:

3.0.1 (2016-02-03)

Full Changelog

Merged pull requests:

1.0.11 (2016-01-27)

Full Changelog

Closed issues:

  • Exception: Cannot handle token prior to [timestamp] #56

Merged pull requests:

3.0.0 (2016-01-18)

Full Changelog

General 3.x notes

  • SDK api changes, now the Auth0 API client is not build of static classes anymore. Usage example:
$token = "eyJhbGciO....eyJhdWQiOiI....1ZVDisdL...";
$domain = "account.auth0.com";
$guzzleOptions = [ ... ];

$auth0Api = new \Auth0\SDK\Auth0Api($token, $domain, $guzzleOptions); /* $guzzleOptions is optional */

$usersList = $auth0Api->users->search([ "q" => "[email protected]" ]);

Closed issues:

  • Missing instruccions step 2 Configure Auth0 PHP Plugin #55
  • Outdated Lock #52
  • Deprecated method in basic-webapp #50

Merged pull requests:

  • V3 with new API and full support for API V2 #57 (glena)

2.1.2 (2016-01-14)

Full Changelog

Merged pull requests:

2.1.1 (2015-11-29)

Full Changelog

Merged pull requests:

2.1.0 (2015-11-24)

Full Changelog

Closed issues:

  • Update to use v3.0 of firebase/php-jwt #47

Merged pull requests:

  • 2.0.1 updated JWT dependency #48 (glena)

2.0.0 (2015-11-23)

Full Changelog

General 2.x notes

  • Session storage now returns null (and null is expected by the sdk) if there is no info stored (this change was made since false is a valid value to be stored in session).
  • Guzzle 6.1 required

Closed issues:

  • Guzzle 6 #43
  • User is null not false #41
  • Issues with PHP Seed project #38
  • authParams... how do I retrieve the results? #37

Merged pull requests:

1.0.10 (2015-09-23)

Full Changelog

Closed issues:

  • Improve error message when no id_token is received after code exchange #35
  • PHP should be 5.4+, not 5.3+ #34

Merged pull requests:

  • Release 1.0.10 #36 (glena)
  • Remove code that rewrites user_id property in $body #33 (Ring)

1.0.9 (2015-08-03)

Full Changelog

Closed issues:

  • Stable dependencies in composer.json instead of "dev-master" #30

Merged pull requests:

  • tagged adoy to ~1.3 #31 (glena)
  • Bad reference in Android PHP API Seed Project Readme file #67 #29 (glena)

1.0.8 (2015-07-27)

Full Changelog

Closed issues:

  • Class 'JWT' not found #25
  • Correct way to use the JWT Token generated in API v2 if we want expanded scope #19

Merged pull requests:

  • Fix create client api call + new create user example #28 (glena)

1.0.7 (2015-07-17)

Full Changelog

Closed issues:

  • Error at Auth0JWT::encode when using custom payload #23
  • Error in composer install #21
  • Test #20

Merged pull requests:

1.0.6 (2015-06-12)

Full Changelog

Merged pull requests:

  • Make Auth0::setUser public in order to let update the stored user #17 (glena)

1.0.5 (2015-06-02)

Full Changelog

Merged pull requests:

  • Updates the changed endpoints (tickets) #15 (glena)
  • Api users search link accounts fix #14 (deboorn)
  • Auth0JWT encode fix to allow scope with null custom payload #13 (deboorn)

1.0.4 (2015-05-19)

Full Changelog

1.0.3 (2015-05-15)

Full Changelog

Merged pull requests:

  • Applied the new Info Headers schema #12 (glena)

1.0.2 (2015-05-13)

Full Changelog

Closed issues:

  • EU tenants are getting Unauthorize on api calls #10
  • PHP Fatal error: Class 'Auth0\SDK\API\ApiUsers' not found in vendor/auth0/auth0-php/src/Auth0.php on line 256 #9

Merged pull requests:

  • Fix EU api calls and autoloading issue #11 (glena)

1.0.1 (2015-05-12)

Full Changelog

Closed issues:

  • SDK Client headers spec compliant #7
  • Example is out of date #5

Merged pull requests:

  • SDK Client headers spec compliant #7 #8 (glena)

1.0.0 (2015-05-07)

Full Changelog

General 1.x notes

  • Now, all the SDK is under the namespace \Auth0\SDK
  • The exceptions were moved to the namespace \Auth0\SDK\Exceptions
  • The Auth0 class, now provides two methods to access the user metadata, getUserMetadata and getAppMetadata. For more info, check the API v2 changes
  • The Auth0 class, now provides a way to update the UserMetadata with the method updateUserMetadata. Internally, it uses the update user endpoint, check the method documentation for more info.
  • The new service \Auth0\SDK\API\ApiUsers provides an easy way to consume the API v2 Users endpoints.
  • A simple API client (\Auth0\SDK\API\ApiClient) is also available to use.
  • A JWT generator and decoder is also available (\Auth0\SDK\Auth0JWT)
  • Now provides an interface for the Authentication API.

Closed issues:

  • Unexpected token #4

Merged pull requests:

  • Auth0 API v2 support #6 (glena)
  • Fixed port number on PHP README #2 (mgonto)

0.6.6 (2014-04-14)

Full Changelog

Closed issues:

  • generateUrl() in BaseAuth0 is creating bad URLs #1

0.6.5 (2014-04-02)

Full Changelog

0.6.4 (2014-02-13)

Full Changelog

0.6.3 (2014-01-06)

* This Change Log was automatically generated by github_changelog_generator