Alex Bilbie
09c167ac43
Updated changelog and readme
2017-07-01 17:17:55 +01:00
Alex Bilbie
765a01021b
Updated error message
2017-07-01 16:45:29 +01:00
Alex Bilbie
0706d66c76
Don’t pad and shuffle the payload if an encryption key has been set
2017-07-01 16:45:29 +01:00
Alex Bilbie
e123fe82d0
Ignore error_log messages in code coverage
2017-07-01 16:45:29 +01:00
Alex Bilbie
107cfc3678
Updated examples
2017-07-01 16:45:29 +01:00
Alex Bilbie
1954120c3d
Use catch all exception
2017-07-01 16:45:29 +01:00
Alex Bilbie
dd5eee150d
Ensure response type also has access to the encryption key
2017-07-01 16:45:29 +01:00
Alex Bilbie
76c1349181
Updated random_compat version
2017-07-01 16:45:29 +01:00
Alex Bilbie
1af4012df4
New property on AuthorizationServer to receive an encryption key which is used for future encryption/decryption instead of keybased encryption/decryption
2017-07-01 16:45:29 +01:00
Alex Bilbie
4a717104fa
Shuffle the contents of the authorization code payload
2017-07-01 16:45:29 +01:00
Alex Bilbie
63530443fe
Better error checking when saving a temporary key to ensure file was written successfully and the server is the exclusive mode
2017-07-01 16:44:57 +01:00
Alex Bilbie
2f8de3d230
Ensure the server is the exclusive owner of the key
2017-07-01 16:44:51 +01:00
Alex Bilbie
57d199b889
Stricter validation of code challenge value to match RFC 7636 requirements
2017-07-01 16:44:43 +01:00
Alex Bilbie
6bdd108145
Escape scope parameter to reduce pontential XSS vector
2017-07-01 16:43:31 +01:00
Diogo Oliveira de Melo
170ce2fd2d
Replaces array_key_exists by isset, which is faster, on ImplicitGrant.
2017-06-30 15:42:23 -03:00
Erick Torres
4710743b87
Add "dist: trusty" into travis setting file
2017-06-16 17:09:13 -05:00
Erick Torres
11ad87b5f5
Update tests / Add missing.
2017-06-16 12:03:14 -05:00
Erick Torres
880e3b4590
Fix invalid code_challenge_method key.
2017-06-16 12:03:04 -05:00
Erick Torres
2167edf1d9
Validate codeVerifier and codeChallenge correctly.
2017-06-16 12:02:48 -05:00
Erick Torres
2482630221
Fix codeVerifier hash verification.
2017-06-16 12:02:34 -05:00
Dave Marshall
83228bdcd5
Change case for implict grant token_type
2017-03-27 12:11:25 +01:00
Stanimir Stoyanov
d73b15ae32
Getter and setter for the payload and ability to pass options to json_encode
2017-03-20 14:52:35 +02:00
Stanimir Stoyanov
945624eb51
Merge pull request #1 from thephpleague/master
...
Merging changes into my fork
2017-03-17 19:36:34 +02:00
Alex Bilbie
bf7084a147
Merge pull request #709 from toby-griffiths/fix-refresh-token-ttl
...
Corrected DateInterval from 1 min to 1 month
2017-03-02 14:06:27 +00:00
Toby Griffiths
13c608b849
Corrected DateInterval from 1 min to 1 month
2017-03-01 13:08:42 +00:00
Alex Bilbie
ded7c1ed47
Mentioned PHP 7.1 support
2017-02-02 17:29:06 +00:00
François Kooman
6426e597a3
Fix PKCE code verifier encoding to match specification
...
The current implementation of PKCE does not follow the specification
correctly regarding the encoding of the code verifier. This patch
correctly encodes the hash of the code verifier according to
Appenix A of RFC 7636.
2017-01-24 11:36:34 +01:00
Alex Bilbie
0da70c916a
Merge pull request #690 from Jalle19/patch-1
...
Fix typo in the first README sentence
2016-12-23 07:42:23 +00:00
Sam Stenvall
90cb1bf012
Fix typo in the first README sentence
2016-12-23 00:30:54 +02:00
Alex Bilbie
b32204bd91
Merge pull request #682 from wilsonge/patch-1
...
Fix middleware example fatal error
2016-11-08 13:18:13 +00:00
George Wilson
518c1fcec5
Fix middleware example fatal error
2016-11-08 12:27:49 +00:00
Pedro Cambra
ee8841fe66
Added Zend diactoros library dependency to the examples
2016-10-31 09:57:44 +09:00
Alex Bilbie
6946592553
Merge pull request #671 from duncan3dc/patch-1
...
[Travis] Test on PHP 7.1
2016-10-16 16:58:15 +01:00
Craig Duncan
25580b98b7
[Travis] Test on PHP 7.1
2016-10-16 16:48:44 +01:00
Alex Bilbie
f78dc2eca0
Updated README
2016-10-12 15:08:15 +01:00
Alex Bilbie
105b3116dc
Merge pull request #669 from jeremykendall/fix/www-authenticate-header
...
Fix WWW-Authenticate entry in $headers array
2016-10-12 15:05:19 +01:00
jeremykendall
01677a564e
Fix WWW-Authenticate entry in $headers array
...
In this context the header name should be the array key and the header
value the array value.
2016-10-11 22:27:24 -05:00
Alex Bilbie
4c4b0633b1
Merge pull request #668 from er0k/increase-ssl-key-length
...
Increase the recommended RSA key length from 1024 to 2048 bits
2016-10-11 14:27:16 +01:00
er0k
c4a75b2880
Increase the recommended RSA key length from 1024 to 2048 bits
2016-10-11 09:24:27 -04:00
Alex Bilbie
e091d48127
Changelog bump
2016-09-19 10:23:42 +01:00
Alex Bilbie
a798cfdc5d
Merge pull request #656 from thephpleague/issue-650-fix
...
Fix for #650
2016-09-19 10:19:05 +01:00
Alex Bilbie
56e8d374fb
Fix broken tests
2016-09-19 10:06:00 +01:00
Alex Bilbie
b1bfff7325
Don't pass in user because we don't know who user is
2016-09-19 10:05:55 +01:00
Alex Bilbie
32cde01ab2
Merge pull request #657 from thephpleague/analysis-86wPg4
...
Applied fixes from StyleCI
2016-09-13 15:19:56 +01:00
Alex Bilbie
11ccc305d0
Applied fixes from StyleCI
2016-09-13 14:17:09 +00:00
Alex Bilbie
d7df2f7e24
Fix for #650
2016-09-13 15:16:58 +01:00
Alex Bilbie
b8b92e5925
Changelog update
2016-07-26 15:42:03 -04:00
Alex Bilbie
0ebdcd2ab8
Merge pull request #614 from lookyman/better-tests
...
Improved tests
2016-07-25 12:17:28 -04:00
Alex Bilbie
9dee08ba3d
Merge pull request #625 from juliangut/key-file
...
Key file auto-generation from string
2016-07-19 17:24:12 +01:00
Julián Gutiérrez
065ef5db99
CryptKey tests
2016-07-19 17:15:36 +02:00