Releases: indieweb/indieauth-client-php
v1.1.6
Update to November 26 2020 version of IndieAuth
Warning: This version has major breaking changes compared to the previous version! Please review the docs in the README before updating to this version.
Update to November 26 2020 version of IndieAuth
Warning: This version has major breaking changes compared to the previous version! Please review the docs in the README before updating to this version.
Update to September 26 2020 Spec
The main change is the client now always sends response_type=code
Resolve the URL the user enters before beginning
Resolves the user's URL they enter before the flow begins. This allows someone to begin the IndieAuth flow by entering a short domain that redirects to their primary domain.
IndieAuth Client Quickstart
This release includes two new methods for quickly developing an IndieAuth client.
The library can now handle all the boilerplate work of generating a state parameter, URL canonicalization, and state management between the request and callback.
Developing an IndieAuth client now requires just setting a few configuration variables and deciding how to show error messages in your application. See the gist below for an example of using the new features!
https://gist.github.com/aaronpk/099d037a79441974e085bb919ac9f1b7
Bugfixes
Bugfixes
- Now sends a proper HTTP
Acceptheader requesting JSON and form-encoded responses - Resolves relative URLs during endpoint discovery
- Better random number generation for state parameter
OAuth 2.0 Compatibility (removes state parameter)
This fixes the client to not send the state parameter when making a token request. https://tools.ietf.org/html/rfc6749#section-4.1.3
OAuth 2.0 Compatibility
Makes the client compatible with OAuth 2.0:
- Accepts JSON responses from token endpoints
- Sends
grant_type=authorization_codein token request