Releases: auth0/auth0-PHP
Releases · auth0/auth0-PHP
5.1.0
State validation was added in 5.1.0 for improved security. By default, this uses session storage and will happen automatically if you are using a combination of Auth0::login()
and any method which calls Auth0::exchange()
in your callback.
If you need to use a different storage method, implement your own StateHandler and set it using the state_handler
config key when you initialize an Auth0
instance.
If you are using Auth0::exchange()
and a method other than Auth0::login()
to generate the Authorize URL, you can disable automatic state validation by setting the state_handler
key to false
when you initialize the Auth0
instance. It is highly recommended to implement state validation, either automatically or otherwise
Closed issues
- Support for php-jwt 5 #210
Added
- Adding tests for state handler; correcting storage method used #228 (joshcanhelp)
Changed
- Bumping JWT package version #229 (joshcanhelp)
5.0.6
5.0.5: Merge pull request #207 from auth0/5.x.x-dev
5.0.4
5.0.3: Merge pull request #147 from auth0/5.x.x-dev
Fix oauth token realm call + exception class name
5.0.0: Merge pull request #127 from auth0/5.x.x-dev
v5.0.0 - Oauth2 Api authentication
4.0.12: Merge pull request #141 from auth0/4.x.x-dev
Release 4.0.12
4.0.11
4.0.10
4.0.9: Merge pull request #130 from SeanZicari/get_or_post_code
Look for code in _GET or _POST explicitly.