Doorkeeper v2.0.0 Release Notes
Release Date: 2014-12-16 // over 9 years ago-
Backward incompatible changes
- ๐ [#448] Removes
doorkeeper_for
helper. Now we usebefore_action :doorkeeper_authorize!
. - [#469] Allow client applications to restrict the set of allowable scopes.
Fixes #317.
oauth_applications
relation needs a newscopes
string column, non nullable, which defaults to an empty string. To add the column run:
rails generate doorkeeper:application_scopes
If youโd rather do it by hand, your ActiveRecord migration should contain:
add_column :oauth_applications, :scopes, :string, null: false, default: โโ
โ Removed deprecations
- Removes
test_redirect_uri
option. It is now callednative_redirect_uri
. - ๐ [#446] Removes
mount Doorkeeper::Engine
. Now we useuse_doorkeeper
.
Others
- ๐ [#484] Performance improvement - avoid performing order_by when not required.
- [#450] When password is invalid in Password Credentials Grant, Doorkeeper returned 'invalid_resource_owner' instead of 'invalid_grant', as the spec declares. Fixes #444.
- [#452] Allows
revoked_at
to be set in the future, for future expiry. Rationale: https://github.com/doorkeeper-gem/doorkeeper/pull/452#issuecomment-51431459 - ๐ [#480] For Implicit grant flow, access tokens can now be reused. Fixes #421.
- ๐จ [#491] Reworks of @jasl's #454 and #478. ORM refactor that allows doorkeeper to be extended more easily with unsupported ORMs. It also marks the boundaries between shared model code and ORM specifics inside of the gem.
- โ [#496] Tests with Rails 4.2.
- [#489] Adds
force_ssl_in_redirect_uri
to force the usage of the HTTPS protocol in non-native redirect uris. - [#516] SECURITY: Adds
protect_from_forgery
toDoorkeeper::ApplicationController
- [#518] Fix random failures in mongodb.
- ๐ [#448] Removes