All Versions
99
Latest Version
Avg Release Cycle
61 days
Latest Release
-
Changelog History
Page 5
Changelog History
Page 5
-
v4.4.0 Changes
- ๐ [#1120] Backport security fix from 5.x for token revocation when using public clients
[IMPORTANT]: all the applications (clients) now are considered as private by default. You need to manually change
confidential
column tofalse
if you are using public clients, in other case your mobile (or other) applications will not be able to authorize. See #1142 for more details. -
v4.3.2 Changes
- [#1053] Support authorizing with query params in the request
redirect_uri
if explicitly present in app'sApplication#redirect_uri
- [#1053] Support authorizing with query params in the request
-
v4.3.1 Changes
- โ Remove
BaseRecord
and introduce additional concern for ordering methods to fix braking changes for Doorkeeper models. - ๐จ [#1032] Refactor BaseRequest callbacks into configurable lambdas
- [#1040] Clear mixins from ActiveRecord DSL and save only overridable API. It allows to use this mixins in Doorkeeper ORM extensions with minimum code boilerplate.
- โ Remove
-
v4.3.0 Changes
- [#976] Fix to invalidate the second redirect URI when the first URI is the native URI
- [#1035] Allow
Application#redirect_uri=
to handle array of URIs. - [#1036] Allow to forbid Application redirect URI's with specific rules.
- [#1029] Deprecate
order_method
and introduceordered_by
. Sort applications bycreated_at
in index action. - [#1033] Allow Doorkeeper configuration option #force_ssl_in_redirect_uri to be a callable object.
- ๐ Fix Grape integration & add specs for it
- [#913] Deferred ORM (ActiveRecord) models loading
- [#943] Fix Access Token token generation when certain errors occur in custom token generators
- [#1026] Implement RFC7662 - OAuth 2.0 Token Introspection
- ๐ [#985] Generate valid migration files for Rails >= 5
- [#972] Replace Struct subclassing with block-form initialization
- [#1003] Use URL query param to pass through native redirect auth code so automated apps can find it.
[IMPORTANT]: Previously authorization code response route was
/oauth/authorize/<code>
, now it isoauth/authorize/native?code=<code>
(in order to help applications to automatically find the code value).- [#868]
Scopes#&
andScopes#+
now take an array or any other enumerable object. - [#1019] Remove translation not in use:
invalid_resource_owner
. - ๐ Use Ruby 2 hash style syntax (min required Ruby version = 2.1)
- [#948] Make Scopes.<=> work with any "other" value.
- [#974] Redirect URI is checked without query params within AuthorizationCodeRequest.
- [#1004] More explicit help text for
native_redirect_uri
. - โก๏ธ [#1023] Update Ruby versions and test against 2.5.0 on Travis CI.
- [#1024] Migrate from FactoryGirl to FactoryBot.
- ๐ [#1025] Improve documentation for adding foreign keys
- [#1028] Make it possible to have composite strategy names.
-
v4.2.6 Changes
- [#970] Escape certain attributes in authorization forms.
-
v4.2.5 Changes
- ๐ง [#936] Deprecate
Doorkeeper#configured?
,Doorkeeper#database_installed?
, andDoorkeeper#installed?
- [#909] Add
InvalidTokenResponse#reason
reader method to allow read the kind of invalid token error. - โ [#928] Test against more recent Ruby versions
- ๐จ Small refactorings within the codebase
- โ [#921] Switch to Appraisal, and test against Rails master
- ๐ [#892] Add minimum Ruby version requirement
- ๐ง [#936] Deprecate
-
v4.2.0 Changes
- ๐ Security fix: Address CVE-2016-6582, implement token revocation according to spec (tokens might not be revoked if client follows the spec).
- [#873] Add hooks to Doorkeeper::ApplicationMetalController
- ๐ [#871] Allow downstream users to better utilize doorkeeper spec factories by
eliminating name conflict on
:user
factory.
-
v4.1.0 Changes
- [#845] Allow customising the
Doorkeeper::ApplicationController
base controller
- [#845] Allow customising the
-
v4.0.0 Changes
- [#834] Fix AssetNotPrecompiled error with Sprockets 4
- โช [#843] Revert "Fix validation error messages"
- [#847] Specify Null option to timestamps
-
v4.0.0.rc4 Changes
- ๐ [#777] Add support for public client in password grant flow
- ๐ง [#823] Make configuration and specs ORM independent
- [#745] Add created_at timestamp to token generation options
- โ [#838] Drop
Application#scopes
generator and warning, introduced for upgrading doorkeeper from v2 to v3. - โ [#801] Fix Rails 5 warning messages
- โ Test against Rails 5 RC1