- Added a
prefersEphemeralSession
parameter for external user-agents. (#645) - Fixed errors encountered when using secure coding to decode
OIDAuthState
. (#656, #721)
- Support for Swift Package Manager
- Removed
UIWebView
reference in comment
- Support for Mac Catalyst
- Support for iOS 13
- OpenID Connect RP-Initiated Logout implemented
- Added logic for the
azp
claim
- Scheme comparison for redirects is now case insensitive
- Improved error handling during discovery when a non-JSON document is encountered.
1.0.0! 🎉
- All deprecated APIs removed. Please ensure your code builds on version 0.95.0 with no deprecation warnings before upgrading! Notably, if you started with a version of AppAuth prior to 0.93.0 you will need to follow the instructions in Upgrading to 0.93.0
- Updated for iOS 12, and Xcode 10. Xcode 10 is now required. NB. per policy, AppAuth supports many older versions of iOS and macOS, but only the current Xcode toolchain. If you need to stay on old versions of Xcode for some reason, stay on the pre-1.0 releases.
- macOS 32-bit support removed. If you need this support, stay on the pre-1.0 releases.
AppAuth/Core
subspec, and AppAuthCore Framework added to support iOS extensions.
AppAuth/Core
subspec, and AppAuthCore Framework added to support iOS extensions.
First 1.0.0 beta! HEAD is now tracking changes for the 1.0.0 release.
The pre-1.0
branch was cut prior to the breaking changes for 1.0.0,
bug fixes for critical issues may be backported for a time.
- All deprecated APIs removed. Please ensure your code builds on version 0.95.0 with no deprecation warnings before upgrading! Notably, if you started with a version of AppAuth prior to 0.93.0 you will need to follow the instructions in Upgrading to 0.93.0
- Updated for iOS 12, and Xcode 10. Xcode 10 is now required. NB. per policy, AppAuth supports many older versions of iOS and macOS, but only the current Xcode toolchain. If you need to stay on old versions of Xcode for some reason, stay on the pre-1.0 releases.
- macOS 32-bit support removed. If you need this support, stay on the pre-1.0 releases.
- All fixes in the 0.95.0 release are incorporated in this release.
-
x-www-form-urlencoded
encoding and decoding should be 100% spec compliant now, previously the+
character was not decoded as 0x20 space. openid#291 -
scope
no longer sent during token refresh (was redundant) openid#301
form-urlencode
client ID and client secret in Authorization header
- Samples have icons now!
- Output trace logs by defining
_APPAUTHTRACE
-
Implements OpenID Connect (ID Token handling) and the OpenID Connect RP Certification test suite. openid#101
-
The
OIDAuthorizationUICoordinator
pattern was genericized to support non-authorization external user-agent flows like logout (though none are directly implemented by AppAuth, yet).OIDAuthorizationUICoordinator*
classes renamed toOIDExternalUserAgent*
. openid#196 openid#212 See Upgrading to 0.93.0. -
Added custom browser support on iOS. Provides several convenience implementations of alternative external user-agents on iOS such as Chrome and Firefox. These are intended for enterprise use only, where the app developers have greater control over the operating environment and have special requirements that require a custom browser like Chrome. See the code example. openid#200 openid#201
0.93.0 deprecates several methods. To update your code to avoid the deprecated methods (which will be required for the 1.0.0 release), you will need to make changes.
If you implemented your own OIDAuthorizationUICoordinator
, or called
the methods which accepted a UICoordinator
instance, you will need to
update to the new method names. See the deprecation error messages
for the new methods to use in those cases.
Most users who are using the convenience methods of AppAuth will only need to make the following 3 minor changes to their AppDelegate:
Change
@protocol OIDAuthorizationFlowSession;
to
@protocol OIDExternalUserAgentSession;
Change
@property(nonatomic, strong, nullable) id<OIDAuthorizationFlowSession> currentAuthorizationFlow;
to
@property(nonatomic, strong, nullable) id<OIDExternalUserAgentSession>currentAuthorizationFlow;
Change
if ([_currentAuthorizationFlow resumeAuthorizationFlowWithURL:url]) {
to
if ([_currentAuthorizationFlow resumeExternalUserAgentFlowWithURL:url]) {
See also the changes made to the sample which you can copy: https://github.com/openid/AppAuth-iOS/commit/619bb7c7d5f83cc2ed19380d425ca8afa279644c?diff=unified
- Added an official Swift sample, and included Swift testing in the continuous integration tests.
No changelog entries exist for changes prior to 2018, please review the git history.