PHP OAuth 2.0 Server v8.3.3 Release Notes
Release Date: 2021-10-11 // 9 months ago-
๐ Security
- โ Removed the use of
LocalFileReference()
in lcobucci/jwt. Function deprecated as per GHSA-7322-jrq4-x5hf (PR #1249)
- โ Removed the use of
Previous changes from v8.3.2
-
๐ Changed
- ๐ Conditionally support the
StrictValidAt()
method in lcobucci/jwt so we can use version 4.1.x or greater of the library (PR #1236) - When providing invalid credentials, the library now responds with the error message The user credentials were incorrect (PR #1230)
- Keys are always stored in memory now and are not written to a file in the /tmp directory (PR #1180)
- The regex for matching the bearer token has been simplified (PR #1238)
- ๐ Conditionally support the