Changelog

2.2.1 (2024-03-xx)

Bugfix: Prevent overwriting failure_path in AuthenticationFailureHandler when connect functionality is not enabled,
Bugfix: Prevent overwriting failure_handler in security configuration if set,

2.2.0 (2024-02-28)

BC Break: Dropped support for PHP 7.4 & 8.0,
Added: Telegram resource owner,
Bugfix: Allow use_authorization_to_get_token to be configured to false for generic OAuth2,
Bugfix: Update API version for Facebook to latest available
Bugfix: Replace custom authenticator passport with custom badge usage,
Bugfix: Fix registration of failure handler,
Bugfix: Don't miss refresh token in registration controller,
Bugfix: Allow null as $registrationForm in RegisterController,
Bugfix: Fix connect functionality with authentication managers,

2.1.0 (2023-11-30)

BC Break: Dropped support for Symfony: >6.0, <6.3,
Added: New Passage resource owner,
Bugfix: Remove deprecations reported by Symfony 6.4,
Chore: Added support for Symfony 7,

2.0.0 (2023-10-01)

Bugfix: Prevent refreshing non-expired tokens
Bugfix: Remove deprecations reported by Symfony 6.x
Bugfix: Prevent fatal error when token doesn't have resource owner name set

2.0.0-BETA3 (2023-08-20)

BC Break: Dropped support for Symfony: 6.0.*,
BC Break: Class Templating\Helper\OAuthHelper was merged into Twig\Extension\OAuthRuntime,
BC Break: When resource owner class doesn't define TYPE constant or is null, then key will be calculated by converting its class name without ResourceOwner suffix to snake_case, if neither is felt, then \LogicException will be thrown,
Deprecated: method UserResponseInterface::getUsername() was deprecated in favour of UserResponseInterface::getUserIdentifier() to match changes in Symfony Security component,
Enhancement: @internal resourceOwner oauth types in Configuration are calculated automatically by scandir. All classes extended from GenericOAuth[X]ResourceOwner get oauth[X] type. If class only implements ResourceOwnerInterface then its oauth type is unknown. ResourceOwner key (parameter type in configs) should have defined ResourceOwner::TYPE constant. Each user defined custom ResourceOwner class that implemented ResourceOwnerInterface will be registered automatically. If autoconfigure option is disabled user have to add the tag hwi_oauth.resource_owner to the service definition,
Enhancement: Class ConnectController was split into two smaller ones, Connect\ConnectController & Connect\RegisterController,
Bugfix: Added OAuth1ResourceOwner & OAuth2ResourceOwner to cover case of implementing custom oauth resource owners,
Bugfix: Fixed Authorization Header in CleverResourceOwner::doGetRequest,
Bugfix: Catch also the TransportExceptionInterface in AbstractResourceOwner::getResponseContent() method,
Bugfix: Current matched Firewall is respected during generation of resource owner check path links,
Bugfix: Prevent fatal error in OAuthUserProvider::loadUserByOAuthUserResponse() when nickname is not available in OAuth response,
Bugfix: Use newer version of firebase/php-jwt library,
Chore: Removed not used Symfony Templating component

2.0.0-BETA2 (2022-01-16)

Deprecated: configuration parameter firewall_names, firewalls are now computed automatically - all firewalls that have defined oauth authenticator/provider will be collected,
Added: Ability to automatically refresh expired access tokens (only for derived from GenericOAuth2ResourceOwner resource owners), if option refresh_on_expire set to true,
Enhancement: Refresh token listener is disabled by default and will only be enabled if at least one resource owner has option refresh_on_expure set to true,
Enhancement: (@internal) Removed/replaced redundant argument $firewallNames from controllers. If controller class was copied and replaced, adapt list of arguments: In controller use $resourceOwnerMapLocator->getFirewallNames(),
Bugfix: RefreshTokenListener cannot be lazy. If current firewall is lazy (or anonymous: lazy) then current auth token is often initializing on kernel.response. In this case new access token will not be stored in session. Therefore, the expired token will be refreshed on each request,
Bugfix: InteractiveLoginEvent will be triggered also for OAuthAuthenticator,
Maintain: Changed config files from *.xml to *.php (services and routes). Xml routing configs connect.xml, login.xml and redirect.xml are steel present but deprecated. Please use *.php variants in your includes instead.

2.0.0-BETA1 (2021-12-10)

BC Break: Dropped PHP 7.3 support,
BC Break: Dropped support for Symfony: >=5.1 & <5.4,
BC Break: OAuthExtension is now a lazy Twig extension using a Runtime,
BC Break: removed support for FOSUserBundle,
BC Break: changed process() argument for Form/RegistrationFormHandlerInterface, from Form $form to FormInterface $form,
BC Break: changed form class name in template Resources/views/Connect/connect_confirm.html.twig from fos_user_registration_register to registration_register,
BC Break: removed configuration option fosub from oauth_user_provider,
BC Break: removed configuration options hwi_oauth.fosub, & all related DI parameters,
BC Break: removed DI parameter hwi_oauth.registration.form.factory in favour of declaring form class name as DI parameter: hwi_oauth.connect.registration_form,
BC Break: changed ResourceOwnerMapInterface::hasResourceOwnerByName signature, update if you use a custom resource owner,
BC Break: changed ResourceOwnerMapInterface::getResourceOwnerByName signature, update if you use a custom resource owner,
BC Break: changed ResourceOwnerMapInterface::getResourceOwnerByRequest signature, update if you use a custom resource owner,
BC Break: changed ResourceOwnerMapInterface::getResourceOwnerCheckPath signature, update if you use a custom resource owner,
BC Break: ResourceOwnerMap uses service locator instead of DI container,
BC Break: Removed abstract services: hwi_oauth.abstract_resource_owner.generic, hwi_oauth.abstract_resource_owner.oauth1 & hwi_oauth.abstract_resource_owner.oauth2,
BC Break: Removed setName() method from OAuth/ResourceOwnerInterface,
BC Break: changed __construct() argument for OAuth/ResourceOwner/AbstractResourceOwner, from HttpMethodsClient $httpClient to HttpClientInterface $httpClient,
BC Break: replaced php-http/httplug-bundle with symfony/http-client
BC Break: removed hwi_oauth.http configuration,
BC Break: reworked bundles structure to match Symfony best practices:
- bundle code moved to: src/,
- tests moved to: tests/,
- docs moved from Resources/doc into: docs/,
BC Break: routes provided by bundle now have methods requirements:
- hwi_oauth_connect_service: GET & POST,
- hwi_oauth_connect_registration: GET & POST,
- hwi_oauth_connect: GET,
- hwi_oauth_service_redirect: GET,
Added support for PHP 8.1,
Added support for Symfony 5.6,

1.4.5 (2021-12-08)

Bugfix: Fixed: BC break by restoring wrongly moved AbstractOAuthToken::getCredentials() method,

1.4.3 (2021-12-07)

Bugfix: Fixed support for PHP 8.1,
Bugfix: Fixed support for Symfony 5.4,
Bugfix: Fixed VkontakteResourceOwner option: api_version to not point to deprecated one,
Bugfix: RequestStack::getMasterRequest() is deprecated since Symfony 5.3, use RequestStack::getMainRequest() if exists,
Maintain: Added GenericOAuth1ResourceOwnerTestCase, GenericOAuth2ResourceOwnerTestCase & ResourceOwnerTestCase test case classes for easier unit testing custom resource owners

1.4.2 (2021-08-09)

Bugfix: remove @final declaration from OAuthFactory & FOSUBUserProvider,
Maintain: added .gitattributes to reduce amount of code in archives,

1.4.1 (2021-07-28)

Bugfix: Define missing hwi_oauth.connect.confirmation parameter,
Bugfix: Added missing success/failure handlers,

1.4.0 (2021-07-26)

BC Break: dropped Symfony 5.0 support as it is EOL,
BC Break: dropped PHP 7.2 support as it is EOL,
BC Break: changed __construct() argument for OAuth/RequestDataStorage/SessionStorage, from SessionInterface $session to RequestStack $requestStack,
BC Break: all internal classes are "softly" marked as final,
Added: Symfony 5.1 Security system support,
Added: Forward compatibility layer for session service deprecation,
Added: state support for service authentication URL's,
Added: ability to change the response after HWIOAuthEvents::CONNECT_COMPLETED is fired,
Added: PHPStan static analyse into CI,
Fixed: OAuthProvide to properly refresh data inside tokens,
Fixed: PHP notice in AppleResourceOwner,
Fixed: use new GitHub API in GitHubResourceOwner,
Fixed: functional tests with & without FOSUserBundle,
Fixed: controller don't depend on service container if possible,
Maintain: removed Wunderlist resource owner,
Maintain: removed several Symfony BC layers,
Maintain: removed Prophecy in favour of PHPUnit mocking,

1.3.0 (2021-01-03)

BC Break: dropped support for Symfony <4.4,
BC Break: dropped support for Doctrine Bundle <2.0,
Added PHP 8 support,
Upgraded Facebook API to v8.0,
Upgraded Twitch resource owner to incorporate latest Twitch API,
Fixed: undefined id_token exception in Azure resource owner,
Docs: changed firewall name to match flex receipt,
Maintain: moved from Travis CI to Github Actions,

1.2.0 (2020-10-19)

BC Break: dropped Symfony 4.3 support,
Added first_name & last_name in AzureResourceOwner,
Added: support for multiple OAuth2 state parameters,
Added: Apple resource owner,
Fixed: updated Azure authorization & access_token urls,
Fixed: Doctrine persistence deprecation errors,
Allow modification of the response in FilterUserResponseEvent,

1.1.0 (2020-04-06)

Added Symfony 5 support,
Added domain whitelist service to avoid open redirect on target_path,
Fixed: session service was not injected in LoginController,
Fixed: missing setContainer call to service configuration for LoginController,
Fixed: client id and client secret must be set in Auth0ResourceOwner::doGetTokenRequest,
Fixed: missing client id and client secret in Auth0ResourceOwner,
Twig dependency on LoginController is now optional,

1.0.0 (2020-01-17)

Dropped support for PHP 5.6, 7.0 and 7.1,
Dropped support for FOSUserBundle 1.3,
Dropped support for Symfony 2.8,
Minimum Symfony 3 requirement is 3.4,
Minimum Symfony 4 requirement is 4.3,
Fixed: WindowsLive Resource Owner token request,
Fixed: Update Facebook API to v3.1,
Fixed: Update Linkedin API to v2,
Fixed: YahooResourceOwner::doGetUserInformationRequest uses wrong arguments,
Fixed: Symfony deprecation warning in symfony/config,
Fixed: SensioConnect now uses new API URLs,
Fixed: Do not add Authorization header if no client_secret is present,
Fixed: LoginController::connectAction should not fail if no token is available,
Added: Genius.com resource owner,
Added: HTTPlug 2.0 support,
Added: Keycloak resource owner,
Added: The controller is now available as a service,
Added: Allow to use HTTP Basic auth for token request,
[BC break] Class Configuration has been marked final,
[BC break] Class ConnectController has been marked final,
[BC break] Class HWIOAuthExtension has been marked final,
[BC break] Class OAuthExtension has been marked final,
[BC break] Class SetResourceOwnerServiceNameCompilerPass has been marked final,
[BC break] Class ConnectController extends AbstractController instead of Controller,
[BC break] Service hwi_oauth.http_client has been marked private,
[BC break] Service hwi_oauth.security.oauth_utils has been marked private,
[BC break] Several service class parameters have been removed,

0.6.3 (2018-07-31)

Fixed: Vkontakte profile picture & nickname path,
Fixed: Content-Length header must be a string,
Fixed: Upgraded GitLab end point to v4,
Fixed: Resource owner map parameters must be public,
Fixed: Azure resource owner infos_url should not be empty,
Fixed: Don't start sessions twice & don't start sessions if already started,
Fixed: Updated BitBucket docs,
Added: Further compatibility changes for Symfony 4.1,
Added: LinkedIn first- & last- names,
Added: Facebook profile picture

0.6.2 (2018-03-28)

Fixed: VK requires API version now,
Fixed: Updated Slack resource owner to use new Slack API methods,
Fixed: Changing authorization and access token to v2 for LinkedIn,
Fixed: Fix double call of getUserInformation() in ConnectController,
Fixed: Fix serialization of AccountNotLinkedException,
Fixed: Check for grant_rule value IS_AUTHENTICATED_FULLY in DI configuration,
Fixed: Don't execute OAuthProvider::refreshAccessToken() when there is no refresh token

0.6.1 (2018-01-23)

BC BREAK: Replaced PHPUnit_Framework_TestCase with PHPUnit\Framework\TestCase in tests,
Added: Implemented getUserInformation() for Dropbox v2,
Fixed: Headers passed to httpRequest() method in various resource owners,
Fixed: Marked some services as public to make code compatible with Symfony 4

0.6.0 (2017-12-01)

BC BREAK: Fully replaced Buzz library with usage of HTTPlug & Guzzle 6,
BC BREAK: hwi.http_client config options are remove. HTTP configuration must rely on the HTTPlug client,
BC BREAK: Template engine other than Twig are no longer supported,
BC BREAK: Option hwi_oauth.templating_engine was removed,
Added: Symfony 4 support,
Added: php-http/httplug-bundle support, to auto-provide needed HTTPlug services and get full Symfony integration,
Added: hwi.http.client and hwi.http.message_factory config keys to provide your own HTTPlug services,
Added: HWIOAuthEvents,
Added: ResourceOwnerInterface::addPaths() method for easier managing paths in resource owners,
Fixed: Update Facebook API to v2.8,

0.5.3 (2017-01-08)

Fixed: Bitbucket2 resource owner,
Fixed: GitHub resource owner documentation,
Fixed: Don't require any form for the connect feature,
Fixed: Uncaught exception with custom error page,
Fixed: php-cs-fixer updated to latest version & run on base code

0.5.2 (2016-12-12)

Fixed: Prevent uncaught exception when redirecting to invalid route,
Fixed: Add more details too exception when account was not linked,
Fixed: Odnoklassinki resource owner,
Fixed: Office365 resource owner,
Fixed: StackExchange resource owner,
Fixed: WeChat resource owner,
Fixed: WindowsLive resource owner

0.5.1 (2016-10-03)

Fixed error that could occur with message "302 Header already sent",
Exclude tests from Composer autoloader

0.5.0 (2016-09-11)

Fixed: OAuthHelper should fallback to new Request in case of receiving null,
Fixed: Better FOSUserBundle integration,
Fixed: Serialization issue in WechatResourceOwner,
Fixed: Incorrect refresh token in WechatResourceOwner,
Fixed: Broken TrelloResourceOwner,
Fixed: Removed dead code in OAuthProvider,
Fixed: Update Facebook API to v2.7,
Added: Symfony 3 support,
Added: Redirect to target_path after successful registration/connection,
Added: Asana resource owner,
Added: Bitbucket resource owner,
Added: Clever resource owner,
Added: Itembase resource owner,
Added: Jawbon resource owner,
Added: Office365 resource owner,
Added: Wunderlist resource owner,
Added: Hungarian translation

0.4.3 (2016-09-11)

Fixed: Request parameters are not copied into new Request on forward,
Fixed: Fixed scope deprecating message,
Fixed: Resolved deprecated message in ConnectController,
Fixed: Removed usage of deprecated code in tests

0.4.2 (2016-07-27)

Fixed: Change Discogs URL from http to https,
Fixed: Update Facebook API URLs to not use outdated ones

0.4.1 (2016-03-08)

Fixed: Remove usage of deprecated Twig function form_enctype & replace with usage of form_start/form_end,
Fixed: Mark as not fully compatible with Symfony ~3.0,
Fixed: Multiple firewalls can now have different resource owners,
Fixed: Wrong URL generated for Safesforce resource owner,
Added: include_email option into Twitter resource owner,
Added: Hungarian translation,
Added: Documentation about FOSUser integration

0.4.0 (2015-12-04)

[BC break] Added UserResponseInterface#getFirstName() method, also a new default path firstname was added, this path holds the first name of user,
[BC break] Added UserResponseInterface#getLastName() method, also a new default path lastname was added, this path holds the last name of user,
[BC break] Added UserResponseInterface::getOAuthToken() & basic implementation in AbstractUserResponse,
[BC break] GenericOAuth1ResourceOwner::getRequestToken() is now public method (was protected),
Added: configuration parameter firewall_name (will be removed in next major version) renamed to firewall_names to support multiple firewalls,
Added: configuration parameter: failed_auth_path which contains route name, on which user will be redirected after failure when connecting accounts (i.e. user denies connection),
Added: appsecret_proof functionality support to the Facebook resource owner,
Added: sandbox functionality support to the Salesforce resource owner,
Added Auth0 resource owner,
Added Azure resource owner,
Added BufferApp resource owner,
Added Deezer resource owner,
Added Discogs resource owner,
Added EveOnline resource owner,
Added Fiware resource owner,
Added Hubic resource owner,
Added Paypal resource owner,
Added Reddit resource owner,
Added Runkeeper resource owner,
Added Slack resource owner,
Added Spotify resource owner,
Added Soundcloud resource owner,
Added Strava resource owner,
Added Toshl resource owner,
Added Trakt resource owner,
Added Wechat resource owner,
Added Wordpress resource owner,
Added Xing resource owner,
Added Youtube resource owner,
Fixed: Revoking tokens for Facebook & Google resource owners,
Fixed: Instagram allows only GET calls to fetch user details,
Fixed: ResourceOwnerMap no longer depends on deprecated ContainerAware class,
Fixed: Wrong usage of json_decode in Mail.ru resource owner,
Fixed: Transform storage exceptions in OAuth1 resource owners into AuthenticationException
Fixed: Default scopes & fields for VKontakte resource owner

0.3.9 (2015-08-28)

Fix: Remove deprecated Twig features
Fix: Undefined variable in FOSUBUserProvider::refreshUser
Fix: Restore property accessor for Symfony 2.3

0.3.8 (2015-05-04)

Fix: Remove BC break for Symfony < 2.5,
Fix: Compatibility issues with Symfony 2.6+,
Fix: Deprecated graph URLs for FacebookResourceOwner

0.3.7 (2014-11-15)

Fix: SessionStorage::save() could throw php error,
Fix: OAuthToken::isExpired() always returned false,
Fix: FoursquareResourceOwner, TwitchResourceOwner, SensioConnectResourceOwner not working with bearer header,
Fix: Don't use deprecated fields in FacebookResourceOwner,
Fix: FOSUBUserProvider::refreshUser() always returning old user,

0.3.6 (2014-06-02)

Fix: InstagramResourceOwner regression while getting user details,
Fix: Add smooth migration for session (de)serialization

0.3.5 (2014-05-30)

Fix: LinkedinResourceOwner regression while getting user details,
Fix: OAuth revoke functionality to be available wider,
Fix: Removed undocumented functionality from SinaWeiboResourceOwner,
Fix: Always remove default ports from URLs to match OAuth 1.0a, Spec: 9.1.2

0.3.4 (2014-05-12)

Fix: Instagram OAuth redirect to one url,
Fix: FOSUBUserProvider should also implement UserProviderInterface,
Fix: YahooResourceOwner infos_url to use new format,
Fix: Send authorization via headers instead of URL parameter,
Fix: GithubResourceOwner revoke method,
Fix: Add login routing documentation note

0.3.3 (2014-02-17)

Fix: Incorrect redirect URL when no parameters are set,
Fix: Add missing parameter prompt for GoogleResourceOwner,
Fix: WordpressResourceOwner user details API call,
Fix: PHP Notice when oauth_callback_confirmed was set too false,
Fix: PHP Fatal when session returns boolean instead of object,
Fix: Add missing query parameters for FacebookResourceOwner

0.3.2 (2014-02-07)

Fix: Prevent SessionUnavailableException when returns back from service,
Fix: EntityUserProvider should implement UserProviderInterface,
Fix: createdAt property was missing when serializing the OAuthToken,
Added Italian translations

0.3.1 (2014-01-17)

Fix: Change Twitter API call to use SSL URL,
Fix: Problems with options in VkontakteResourceOwner,
Fix: Problems with OAuth 1.0a token & YahooResourceOwner,
Fix: Throw exception in FOSUBUserProvider when username is missing
Added SalesForce resource owner

0.3.0 (2013-09-28)

[BC break] AccountConnectorInterface::connect() method now requires the first parameter to be instance of Symfony\Component\Security\Core\User\UserInterface
[BC break] ConnectController::authenticateUser() method now requires the first parameter to be instance of Symfony\Component\HttpFoundation\Request
[BC break] Removed AbstractResourceOwner::addOptions() method
[BC break] OAuthUtils::getAuthorizationUrl() & OAuthUtils::getLoginUrl() methods now expect first parameter to be instance of Symfony\Component\HttpFoundation\Request
[BC break] LinkedIn resource owner now uses OAuth2 approach, visit official web page for details how to migrate: https://developer.linkedin.com/documents/authentication#migration
[BC break] Dropbox resource owner now uses OAuth2 approach
Added ability to merge response parts into single path
Added Bitly resource owner
Added Box resource owner
Added Dailymotion resource owner
Added DeviantArt resource owner
Added Eventbrite resource owner
Added Mail.ru resource owner
Added Sina Weibo resource owner
Added QQ.com resource owner
Added Trello resource owner
Added Wordpress resource owner

0.3.0-alpha2 (2013-07-29)

[BC break] Added ResourceOwnerInterface::isCsrfTokenValid() method
[BC break] Removed OAuth1RequestTokenStorageInterface along with the implementations
[BC break] AbstractResourceOwner::__construct() now requires RequestDataStorageInterface instance as last argument
Fix: Yandex resource owner using invalid parameter when requesting user data
Fix: To prevent unusual content headers response from resource owners should be first threaten as json and only in case of failure threaten as query text
Fix: Instagram resource owner is not able to receive user data more than once
Added ability to disable confirmation page when connecting accounts
Added CSRF protection for OAuth2 providers (turned off by default)
Added RequestDataStorageInterface along with implementation
Added Stereomood resource owner

0.3.0-alpha1 (2013-07-03)

[BC break] GenericOAuth2ResourceOwner::getAccessToken() now returns an array instead of a string. This array contains the access token and its 'expires_in' value, along with any other parameters returned from the authentication provider
[BC break] Added OAuthAwareExceptionInterface#setToken(), OAuthAwareExceptionInterface#getRefreshToken(), OAuthAwareExceptionInterface#getRawToken(), OAuthAwareExceptionInterface#getExpiresIn() methods
[BC break] Renamed AbstractResourceOwner::doGetAccessTokenRequest to doGetTokenRequest
[BC break] Removed AdvancedPathUserResponse & AdvancedUserResponseInterface
[BC break] Added UserResponseInterface#getEmail(), UserResponseInterface#getProfilePicture(), UserResponseInterface#getRefreshToken(), UserResponseInterface#getExpiresIn(), UserResponseInterface#setOAuthToken() methods
[BC break] Removed UserResponseInterface::setAccessToken() method
[BC break] Removed AbstractUserResponse::getOAuthToken() method because it was ambiguous
[BC break] PathUserResponse#setPaths() method no longer overwrite default paths
[BC break] PathUserResponse#getPath() method no longer throws an exception if path not exists
[BC break] PathUserResponse#getValueForPath() removed second argument from this method, it will not throw exception anymore if response or value is missing, but now will return null instead
[BC break] Added ResourceOwnerInterface#getOption($name) method
[BC break] ResourceOwnerInterface#getUserInformation() now must receive array ($accessToken) as first parameter, also added second parameter ($extraParameters) to be consistent along all implementations
Added OAuthToken::getRefreshToken(), OAuthToken::setRefreshToken(), OAuthToken::getExpiresIn(), OAuthToken::setExpiresIn(), OAuthToken::getRawToken(), OAuthToken::setRawToken()
Added AbstractResourceOwner#addOptions() & ResourceOwnerInterface#setOption($name, $value) methods which allows easy overwriting resource specific options
Added support for options: access_type, request_visible_actions, approval_prompt & hd in Google resource owner
Added 37signals resource owner
Added Amazon resource owner
Added Bitbucket resource owner
Added Disqus resource owner
Added Dropbox resource owner
Added Flickr resource owner
Added Instagram resource owner
Added Odnoklassniki resource owner
Added Yandex resource owner

0.2.10 (2013-12-09)

Fix: use Symfony\Component\Security\Core\User\UserInterface in EntityUserProvider::refreshUser
Fix: made SessionStorage compatible with Symfony 2.0

0.2.9 (2013-09-25)

Fix: Regression done in version 0.2.8 blocking usage without FOSUserBundle
Fix: OAuthUtils::getAuthorizationUrl() ignoring given redirect URL

0.2.8 (2013-09-19)

Fix: Added missing parts in user providers like: loadUserByUsername() or refreshUser() methods
Fix: Registering of user provider services
Fix: Make OAuthUtils::signRequest() compatible with OAuth1.0a specification

0.2.7 (2013-08-03)

Fix: Polish oauth error detection to cover cases from i.e. Facebook resource owner
Fix: Changed authorization url for Vkontakte resource owner

0.2.6 (2013-06-24)

Fix: Use same check for FOSUserBundle compatibility to prevent strange errors with calls of undefined services
Fix: User-land aliased (resource owner) services have the appropriate name

0.2.5 (2013-05-29)

Fix: Use user identifier represented as string for Twitter to prevent issues with losing accuracy for large numbers (i.e. Javascript) or type comparison (i.e. MongoDB)
Fix: Don't depend on arg_separator.output data for URL generation to prevent issues

0.2.4 (2013-05-15)

Fix: Throw Symfony\Component\Security\Core\Exception\AccessDeniedException & Symfony\Component\HttpKernel\Exception\NotFoundHttpException instead of \Exception to make cases more clear
Fix: Detect oauth_problem as authorization error and inform user instead logging error in background
Fix: Request extra parameters should have higher priority than default
Fix: How urls are build in resource owners
Fix: Missing parameter in YahooResourceOwner

0.2.3 (2013-05-06)

Added AbstractUserResponse::getOAuthToken() method to allow fetching only OAuth token details
Added french translation
Fix: FB incompatibility with 'error' field in response

0.2.2 (2013-04-15)

Fix: FOSUB registration form handler
Fix: Use API 1.1 for Twitter, not the deprecated 1.0

0.2.1 (2013-03-27)

Fixed issue with FOSUserBundle 2.x integration

0.2.0 (2013-03-26)

Added support for a target_path_parameter in order to control the redirect path after login
Added hwi_oauth_authorization_url() twig helper function
Added Jira resource owner
Added Yahoo resource owner
Added setting realm in configuration
Added support for FOSUserBundle 2.x integration
Added Stack Exchange resource owner
Fix: configuration parameter firewall_name is required
Fix: prevent throwing AlreadyBoundException when using FOSUserBundle 1.x integration
Fix: check for availability of profilePicture in views before calling it
Fix: InMemoryProvider now shows user nickname as name instead of unique identifier
Fix: don't set realm option if is empty in request headers
Fix: for infinity loop blockade and error token response handling

0.1-alpha (2012-08-27)

[BC break] Renamed path username to identifier to make it more clear that this path should hold the unique user identifier (previously username)
[BC break] Method UserResponseInterface#getUsername() now always returns a real unique user identifier, and uses path identifier
[BC break] OAuth1RequestTokenStorageInterface#save() second param $token must now be an array
[BC break] Configuration type 'generic' is renamed to 'oauth2'
[BC break] redirect.xml routing has to be imported. See the setup docs
Added UserResponseInterface#getRealName() method, also a new default path realname was added, this path holds the real name of user
Added UserResponseInterface#getNickName() method, also a new default path nickname was added, this path holds the nickname of user
Added UserResponseInterface#getAccessToken() and UserResponseInterface#setAccessToken
Added OAuthToken#getCredentials() returns an empty string to be consistent with the security component. The access token can still be retrieved from the getAccessToken() method
Added change that forces all authentication requests are now redirected to the login path
Added change that makes firewall_name option required setting
Added OAuth 1.0a support (linkedin/twitter/generic)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly