Mathieu Alorent
|
0f1ddaaacf
|
Fix #772 - PR should be based on master branch
|
2017-07-29 17:41:44 +02:00 |
|
Alex Bilbie
|
a1b8d87b47
|
Updated changelog
|
2017-07-19 07:58:56 +01:00 |
|
Alex Bilbie
|
80fc8e654b
|
Trigger E_USER_NOTICE instead of throwing an exception if key cannot be chmod to 600
|
2017-07-19 07:57:47 +01:00 |
|
Alex Bilbie
|
317f46b7ae
|
Merge pull request #754 from Lctrs/fix/missing-sprintf
Fix missing sprintf() calls
|
2017-07-07 16:50:08 +01:00 |
|
Jérôme Parmentier
|
88bf8b2367
|
Fix missing sprintf
|
2017-07-03 20:28:28 +02:00 |
|
Alex Bilbie
|
315d079033
|
Added link to security release information page
|
2017-07-02 18:44:55 +01:00 |
|
Alex Bilbie
|
2824f7d27e
|
Fixed examples
|
2017-07-01 18:46:48 +01:00 |
|
Alex Bilbie
|
0a6a4deca6
|
5.1.4 not 5.1.14
|
2017-07-01 18:38:35 +01:00 |
|
Alex Bilbie
|
00c645545a
|
Updated changelog
|
2017-07-01 18:33:17 +01:00 |
|
Alex Bilbie
|
417a64ad43
|
Added security notice
|
2017-07-01 18:33:03 +01:00 |
|
Alex Bilbie
|
f5c3ba0b24
|
Removed dead code
|
2017-07-01 18:22:51 +01:00 |
|
Alex Bilbie
|
e1ef133067
|
Dropped PHP 5.5 compatability
|
2017-07-01 18:22:44 +01:00 |
|
Alex Bilbie
|
523434902c
|
Removed dead code
|
2017-07-01 18:15:41 +01:00 |
|
Alex Bilbie
|
aac467e616
|
Fixed broken tests
|
2017-07-01 18:11:19 +01:00 |
|
Alex Bilbie
|
76c2b6f88c
|
AuthorizationServer no longer needs to know about the public key
|
2017-07-01 18:11:10 +01:00 |
|
Alex Bilbie
|
72349ef22f
|
Encryption key is now always required so remove redundent code
|
2017-07-01 18:10:53 +01:00 |
|
Alex Bilbie
|
850793ab88
|
Added missing methods
|
2017-07-01 18:08:49 +01:00 |
|
Alex Bilbie
|
0f73bf0054
|
Encryption key just uses Defuse\Crypto now, no key based crypto
|
2017-07-01 18:07:51 +01:00 |
|
Alex Bilbie
|
7953f27b38
|
Stop testing HHVM
|
2017-07-01 18:07:09 +01:00 |
|
Alex Bilbie
|
cc2c3a7044
|
Removed unnecessary stuff from composer.json
|
2017-07-01 18:07:01 +01:00 |
|
Alex Bilbie
|
06424fdbe2
|
Use Trusty for TravisCI
|
2017-07-01 17:24:11 +01:00 |
|
Alex Bilbie
|
55f93f9400
|
Merge pull request #752 from thephpleague/analysis-qBDGNm
Apply fixes from StyleCI
|
2017-07-01 17:20:19 +01:00 |
|
Alex Bilbie
|
aee1779432
|
Apply fixes from StyleCI
|
2017-07-01 16:19:23 +00:00 |
|
Alex Bilbie
|
09c167ac43
|
Updated changelog and readme
|
2017-07-01 17:17:55 +01:00 |
|
Alex Bilbie
|
765a01021b
|
Updated error message
|
2017-07-01 16:45:29 +01:00 |
|
Alex Bilbie
|
0706d66c76
|
Don’t pad and shuffle the payload if an encryption key has been set
|
2017-07-01 16:45:29 +01:00 |
|
Alex Bilbie
|
e123fe82d0
|
Ignore error_log messages in code coverage
|
2017-07-01 16:45:29 +01:00 |
|
Alex Bilbie
|
107cfc3678
|
Updated examples
|
2017-07-01 16:45:29 +01:00 |
|
Alex Bilbie
|
1954120c3d
|
Use catch all exception
|
2017-07-01 16:45:29 +01:00 |
|
Alex Bilbie
|
dd5eee150d
|
Ensure response type also has access to the encryption key
|
2017-07-01 16:45:29 +01:00 |
|
Alex Bilbie
|
76c1349181
|
Updated random_compat version
|
2017-07-01 16:45:29 +01:00 |
|
Alex Bilbie
|
1af4012df4
|
New property on AuthorizationServer to receive an encryption key which is used for future encryption/decryption instead of keybased encryption/decryption
|
2017-07-01 16:45:29 +01:00 |
|
Alex Bilbie
|
4a717104fa
|
Shuffle the contents of the authorization code payload
|
2017-07-01 16:45:29 +01:00 |
|
Alex Bilbie
|
63530443fe
|
Better error checking when saving a temporary key to ensure file was written successfully and the server is the exclusive mode
|
2017-07-01 16:44:57 +01:00 |
|
Alex Bilbie
|
2f8de3d230
|
Ensure the server is the exclusive owner of the key
|
2017-07-01 16:44:51 +01:00 |
|
Alex Bilbie
|
57d199b889
|
Stricter validation of code challenge value to match RFC 7636 requirements
|
2017-07-01 16:44:43 +01:00 |
|
Alex Bilbie
|
6bdd108145
|
Escape scope parameter to reduce pontential XSS vector
|
2017-07-01 16:43:31 +01:00 |
|
Alex Bilbie
|
bf7084a147
|
Merge pull request #709 from toby-griffiths/fix-refresh-token-ttl
Corrected DateInterval from 1 min to 1 month
|
2017-03-02 14:06:27 +00:00 |
|
Toby Griffiths
|
13c608b849
|
Corrected DateInterval from 1 min to 1 month
|
2017-03-01 13:08:42 +00:00 |
|
Alex Bilbie
|
ded7c1ed47
|
Mentioned PHP 7.1 support
|
2017-02-02 17:29:06 +00:00 |
|
Alex Bilbie
|
0da70c916a
|
Merge pull request #690 from Jalle19/patch-1
Fix typo in the first README sentence
|
2016-12-23 07:42:23 +00:00 |
|
Sam Stenvall
|
90cb1bf012
|
Fix typo in the first README sentence
|
2016-12-23 00:30:54 +02:00 |
|
Alex Bilbie
|
b32204bd91
|
Merge pull request #682 from wilsonge/patch-1
Fix middleware example fatal error
|
2016-11-08 13:18:13 +00:00 |
|
George Wilson
|
518c1fcec5
|
Fix middleware example fatal error
|
2016-11-08 12:27:49 +00:00 |
|
Alex Bilbie
|
6946592553
|
Merge pull request #671 from duncan3dc/patch-1
[Travis] Test on PHP 7.1
|
2016-10-16 16:58:15 +01:00 |
|
Craig Duncan
|
25580b98b7
|
[Travis] Test on PHP 7.1
|
2016-10-16 16:48:44 +01:00 |
|
Alex Bilbie
|
f78dc2eca0
|
Updated README
|
2016-10-12 15:08:15 +01:00 |
|
Alex Bilbie
|
105b3116dc
|
Merge pull request #669 from jeremykendall/fix/www-authenticate-header
Fix WWW-Authenticate entry in $headers array
|
2016-10-12 15:05:19 +01:00 |
|
jeremykendall
|
01677a564e
|
Fix WWW-Authenticate entry in $headers array
In this context the header name should be the array key and the header
value the array value.
|
2016-10-11 22:27:24 -05:00 |
|
Alex Bilbie
|
4c4b0633b1
|
Merge pull request #668 from er0k/increase-ssl-key-length
Increase the recommended RSA key length from 1024 to 2048 bits
|
2016-10-11 14:27:16 +01:00 |
|