v2.1.1

What's Changed

• For user claims, substitute invalid utf8 chars with replacement char by @cicnavi in #194

Full Changelog: v2.1.0...v2.1.1

v2.1.0

What's Changed

• Add support for 'offline_access' scope by @cicnavi in #191

New configuration option 'alwaysIssueRefreshToken' was added which is true by default to preserve backwards compatibility. If this option is set to false, refresh token will be released only if the client requests it using the 'offline_access' scope. Note that in that case, the client must have 'offline_access' scope registered.

Full Changelog: v2.0.4...v2.1.0

v2.0.4

What's Changed

• Attempt fix for 'pull access denied for symfonycorp/cli' by @pradtke in #188
• Add Access-Control-Allow-Origin header to responses, if not already present by @cicnavi in #190

Full Changelog: v2.0.3...v2.0.4

v2.0.3

What's Changed

• Use InMemory::empty by @pkoenig10 in #186

New Contributors

• @pkoenig10 made their first contribution in #186

Full Changelog: v2.0.2...v2.0.3

v2.0.2

What's Changed

• Correct readme typo for module_oidc.php template path by @dgoosens in #168
• Allow overriding cert+key name/location by @pradtke in #167
• Fix access token timestamps, add issuer by @cicnavi in #174
• Fix PK constraint name for allowed origin table - make it unique by @cicnavi in #173
• Set restart url for authorize commands by @pradtke in #180
• Fix admin-clients link by @Pyrex-FWI in #177
• Logout tokens should have typ header with value 'logout+jwt' by @IlanaRadinsky in #185
• Fail actions on code quality issues by @pradtke in #175

New Contributors

• @dgoosens made their first contribution in #168
• @Pyrex-FWI made their first contribution in #177
• @IlanaRadinsky made their first contribution in #185

Full Changelog: v2.0.1...v2.0.2

v2.0.1

What's Changed

• Resolving issue #162 (logout feature (#149) and some incompatibilitie… by @dlgroep in #163
• Update changelog for v2.0.1 by @cicnavi in #166

New Contributors

• @dlgroep made their first contribution in #163

Full Changelog: v2.0.0...v2.0.1

v2.0.0

What's Changed

• Add Github actions workflow by @sgomez in #56
• Generate 'kid' parameter based on public certificate fingerprint by @cicnavi in #46
• Add 'name' claim to the SAML to OIDC translate table by @cicnavi in #47
• Enable prefixed and multi value private claims by @cicnavi in #48
• Make client auth source optional by @cicnavi in #54
• Implement nonce feature by @cicnavi in #55
• Remove required class and fix helper message by @cicnavi in #60
• Update readme regarding private scope options by @cicnavi in #61
• Fix refresh token deletion by @cicnavi in #64
• Fix CI github action by @sgomez in #66
• Feature/authproc by @cicnavi in #63
• Force json response in OIDC controllers by @sgomez in #68
• Fix CSRF token protection with nette forms by @sgomez in #69
• Change id column length in all tables by @sgomez in #70
• Add pagination by @sgomez in #71
• Feature/authproc by @cicnavi in #72
• Search clients by name by @sgomez in #77
• Use dedicated methods for registered claims and DateTimeImmutable timestamps by @mdusher in #67
• Feature/docker by @pradtke in #75
• Fix/98 jwt lib update by @pradtke in #99
• Fix session start in client form pages by @sgomez in #104
• Fix/error messages by @cicnavi in #101
• Feature/prompt by @sgomez in #100
• Refactor authorization request validation to Checkers by @sgomez in #107
• Set token_endpoint_auth_methods_supported by @sgomez in #110
• Return request parameter not supported error by @sgomez in #111
• Fix refresh token issues by @sgomez in #113
• Return invalid grant error when auth code is not valid by @sgomez in #114
• #80 add config setting to control claims in id_token by @pradtke in #108
• Fix/claim warnings by @pradtke in #105
• Implements max_age parameter by @sgomez in #115
• Add basic conformance test by @sgomez in #106
• Dependency updates; real certificates by @pradtke in #116
• Add implicit conformance test by @sgomez in #117
• Enable implicit grant by @sgomez in #118
• Fix/namespaces by @cicnavi in #125
• Implement additional ImplicitFlow features by @sgomez in #124
• Fix/code reuse by @cicnavi in #127
• Fix phpcs psalm issues by @cicnavi in #130
• Fix userinfo post body by @cicnavi in #131
• Remove vendor dir from ignored files in psalm config by @cicnavi in #132
• Merge version2 to master by @cicnavi in #135
• Feauture/request claims by @pradtke in #129
• Fix error logging by @cicnavi in #133
• Fix CORS by @cicnavi in #136
• Bump required PHP version to 7.4 by @cicnavi in #140
• Feature/user register client by @pradtke in #121
• Change package name by @cicnavi in #141
• Change package refs from rediris-es/* to simplesamlphp/* by @cicnavi in #143
• Adjust status badges URIs in README by @cicnavi in #144
• Fix ACR values by @cicnavi in #139
• GitHub actions run conformance tests by @pradtke in #145
• Move claim type information inside individual claim array by @pradtke in #146
• Rename access_token.php to token.php by @cicnavi in #150
• Feature/logout by @cicnavi in #149
• Add changelog and upgrade readme by @pradtke in #152
• Increase security of example RSA key generation from 1024 to 2048 bits by @rpocklin in #153

New Contributors

• @mdusher made their first contribution in #67
• @pradtke made their first contribution in #75
• @rpocklin made their first contribution in #153

Full Changelog: v1.0.0...v2.0.0

v1.0.0

First release.

Please, read the template config to see the final options.