ยซ Changelog History


Doorkeeper v5.4.0.rc1 Release Notes

Release Date: 2020-04-08 // about 4 years ago

    ๐Ÿ›  [#1366] Sets expiry of token generated using refresh_token to that of original token. (Fixes #1364)

    [#1354] Add authorize_resource_owner_for_client option to authorize the calling user to access an application.

    [#1355] Allow to enable polymorphic Resource Owner association for Access Token & Grant
    models (use_polymorphic_resource_owner configuration option).

    [IMPORTANT] Review your custom patches or extensions for Doorkeeper internals if you
    have such - since now Doorkeeper passes Resource Owner instance to every objects and not
    ๐Ÿ‘€ just it's ID. See PR description for details.

    ๐Ÿšš [#1356] Remove duplicated scopes from Access Tokens and Grants on attribute assignment.

    [#1357] Fix Doorkeeper::OAuth::PreAuthorization#as_json method causing
    Stack level too deep error with AMS (fix #1312).

    [#1358] Deprecate active_record_options configuration option.

    ๐Ÿ”จ [#1359] Refactor Doorkeeper configuration options DSL to make it easy to reuse it
    in external extensions.

    [#1360] Increase matching_token_for lookup size to 10 000 and make it configurable.

    ๐Ÿ”ง [#1371] Fix controllers to use valid classes in case Doorkeeper has custom models configured.

    ๐Ÿ›  [#1370] Fix revocation response for invalid token and unauthorized requests to conform with RFC 7009 (fixes #1362).

    [IMPORTANT] now fully according to RFC 7009 nobody can do a revocation request without client_id
    โšก๏ธ (for public clients) and client_secret (for private clients). Please update your apps to include that
    ๐Ÿ›ฐ info in the revocation request payload.

    [#1373] Make Doorkeeper routes mapper reusable in extensions.

    ๐Ÿ”’ [#1374] Revoke and issue client credentials token in a transaction with a row lock.

    [#1384] Add context object with auth/pre_auth and issued_token for authorization hooks.

    [#1387] Add AccessToken#create_for and use in RefreshTokenRequest.

    [#1392] Fix enable_polymorphic_resource_owner migration template to have proper index name.

    [#1393] Improve Applications #show page with more informative data on client secret and scopes.

    ๐Ÿ’Ž [#1394] Use Ruby autoload feature to load Doorkeeper files.