PHP OAuth 2.0 Server v8.1.0 Release Notes

Release Date: 2020-04-29 // over 1 year ago
  • โž• Added

    • โž• Added support for PHP 7.4 (PR #1075)

    ๐Ÿ”„ Changed

    • If an error is encountered when running preg_match() to validate an RSA key, the server will now throw a RuntimeException (PR #1047)
    • ๐Ÿ— Replaced deprecated methods with recommended ones when using Lcobucci\JWT\Builder to build a JWT token. (PR #1060)
    • When storing a key, we no longer touch the file before writing it as this is an unnecessary step (PR #1064)
    • Prefix native PHP functions in namespaces with backslashes for micro-optimisations (PR #1071)

    โœ‚ Removed

    • ๐Ÿ‘Œ Support for PHP 7.1 (PR #1075)

    ๐Ÿ›  Fixed

    • Clients are now explicitly prevented from using the Client Credentials grant unless they are confidential to conform
      with the OAuth2 spec (PR #1035)
    • Abstract method getIdentifier() added to AccessTokenTrait. The trait cannot be used without the getIdentifier()
      method being defined (PR #1051)
    • ๐Ÿ‘ป An exception is now thrown if a refresh token is accidentally sent in place of an authorization code when using the
      Auth Code Grant (PR #1057)
    • Can now send access token request without being forced to specify a redirect URI (PR #1096)
    • ๐Ÿ‘ป In the BearerTokenValidator, if an implementation is using PDO, there is a possibility that a RuntimeException will be thrown when checking if an access token is revoked. This scenario no longer incorrectly issues an exception with a hint mentioning an issue with JSON decoding. (PR #1107)