OAuth 2.0.3 #

  • Jan 10, 2017

Added Facebook API version can now be customized with the providerInfos.facebook.config.graphApiVersion config

Added Added a config attribute to Oauth_ProviderInfosModel

Improved Renamed $allProviderInfos to $configProviderInfos in OauthService::getProviderInfos()

Fixed Fixed a bug where the Twitter subscriber was not providing the proper HMAC-SHA1 OAuth signature method

OAuth 2.0.2 #

  • Nov 08, 2016

Improved Removed the cpTrigger from the action URL for redirect URIs

Improved The plugin is now using Facebook API v2.8

Improved Updated oauth2-facebook dependency to 1.4.4

Improved Updated oauth2-client dependency to 1.4.2

Fixed Fixed Facebook's scope docs URL

OAuth 2.0.1 #

  • Oct 26, 2016

Added Added BaseProvider::getManagerUrl() which returns null

Added OAuth providers can provide a createAccessToken() to customize access token instantiation

Improved Updated schema version to 1.0.1

Improved Altered accessToken, secret and refreshToken columns to text for oauth_tokens

Improved Forcing addTrailingSlashesToUrls config to false when redirectUri is getting generated

Improved Improved error handling when the OAuth client ID or secret is invalid

Improved Updated dukt/oauth2-google dependency to 1.0.0

Improved Updated league/oauth1-client dependency to 1.7.0

Improved Updated Vimeo dependency to saf33r/oauth2-vimeo 0.1.0

OAuth 2.0.0 #

  • Jun 03, 2016

Dependencies

Added Added dukt/oauth2-google 1.0.1

Added Added dukt/oauth2-vimeo 1.0.4

Added Added league/oauth2-facebook 1.4.1

Improved Updated league/oauth2-client to 1.4.1

Dev

Added Added BaseProvider::getRemoteResourceOwner()

Added Added BaseProvider::getResourceOwner()

Added Added name, description, authors and type to composer.json

Added Added Oauth_ResourceOwnerModel

Added Added OauthPlugin::getDescription()

Fixed Fixed a bug when tokens couldn't be listed if the token plugin or token provider are not set

Improved getAccount() is now an alias for getResourceOwner() for OAuth providers retro compatibility

Improved Now providing graphApiVersion parameter when instantiating a Facebook provider

Improved Now using text fields to show Web Origin and Redirect URI to make in order to make copy pasting easier

Improved Requiring files from OauthPlugin::init()

OAuth 1.0.14799908 #

  • May 17, 2016

Fixed Fixed a bug where BaseProvider.php and IOauth_Provider.php were not being loaded early enough for other plugins to use them

OAuth 1.0.12250616 #

  • Feb 19, 2016

Added Added the ability to manage OAuth tokens

Added Now showing OAuth CP section by default

Added Added release feed for plugin updates

Improved The plugin is now requiring custom classes manually instead of using PSR-4 auto-loading

Improved Throwing an exception when the OAuth provider handle can't be retrieved from session or query params

OAuth 1.0.79 #

  • Jan 14, 2016

Fixed Fixed providers infos save action value

Fixed Fixed a bug with routes that was preventing access to provider infos editing

OAuth 1.0.78 #

  • Jan 13, 2016

Added Added Oauth_ProvidersController for provider related controllers

Added Added OauthPlugin::getDocumentationUrl()

Added Added OauthService::getTokens()

Improved Cleaned up OauthController::actionConnect()

Improved Removed OauthHelper::log()

OAuth 1.0.77 #

  • Jan 12, 2016

Improved OAuth is now using its own log file

Fixed Fixed a bug where OAuth wouldn't connect if name, given_name, or family_name were not provided

Improved OauthController::actionConnect() is now only throwing Error with token exceptions when $error is false

Improved symfony/event-dispatcher 2.8.1

OAuth 1.0.76 #

  • Nov 24, 2015

Plugin

Added Added IOauth_Provider interface

Added Added Oauth_TokensController::actionProviderTokens()

Added Added OauthController::actionIndex()

Added Added OauthPlugin::getSchemaVersion()

Added Added Oauth_TokenModel::getProvider()

Added Added Oauth_TokenModel::getToken()

Added Added OauthHelper::log()

Added Added plugin icons

Improved Improved Oauth2Plugin::onRequestBeforeSend() to use Bearer authentication HTTP header

Improved Moved OauthController::actionDeleteToken() to Oauth_TokensController::actionDeleteToken()

Improved Moved resources/icons to resources/providers

Improved Removed Dukt\OAuth\OAuth2\Client\Provider\Dribbble

Improved Removed Dukt\OAuth\OAuth2\Client\Provider\Instagram

Improved Removed Oauth_TokensController::params property

Improved Removed unused namespaces in Dukt\OAuth\Guzzle\Plugin\Oauth2Plugin

Improved Renamed params by authorizationOptions

Improved Renamed scopes by scope

Improved Replaced OauthPlugin::getOAuthProviders() by OauthPlugin::getOauthProviders()

OAuth Providers

Improved Developers can now add a custom OAuth provider through a Craft Plugin

Improved Developers must assume that a token can expire

Added Added BaseProvder::getIconUrl() so that OAuth providers can define an icon

Added Added BaseProvider::createSubscriber()

Added Added BaseProvider::getDefaultScope()

Added Added BaseProvider::getScopeDocsUrl()

Improved BaseProvider::getAccount() now takes $token as a parameter

Improved BaseProvider::getSubscriber() now takes $token as a parameter

Improved Client ID & Secret of OAuth providers can now be defined with a providerInfos config in craft/config/oauth.php

Improved Removed BaseProvider::getAuthorizationMethod()

Improved Removed BaseProvider::getAuthorizationUrl()

Improved Removed BaseProvider::getParams()

Improved Removed BaseProvider::getScopes()

Improved Removed BaseProvider::setParams()

Improved Removed BaseProvider::setScopes()

Improved Removed BaseProvider::setToken()

Improved Removed BitBucket, Dribbble, GitHub, Instagram, LinkedIn, and Slack providers

Improved Replaced Dukt\OAuth\base\Provider by Dukt\OAuth\Providers\BaseProvider

Improved Replaced Providers' consoleUrl attribute by getManagerUrl() method

Improved Replaced Providers' oauthVersion attribute by getOauthVersion() method

Built-in OAuth providers

Added Added Dukt\OAuth\Providers\Facebook::getScopeDocsUrl()

Added Added Dukt\OAuth\Providers\Google::getScopeDocsUrl()

Added Added Dukt\OAuth\Providers\Vimeo::getScopeDocsUrl()

Added Added Dukt\OAuth\Providers\Vimeo::getScopeDocsUrl()

Dependencies

Improved Updated league/oauth1-client to 1.6.1

Improved Updated league/oauth2-client to 0.12.1

OAuth 0.9.73 #

  • Oct 05, 2015

Improved Improved connect for OAuth 1.0 providers

OAuth 0.9.72 #

  • May 29, 2015

Fixed Fixed a bug where Google's provider was expecting Google+ API to be turned on to work

OAuth 0.9.71 #

  • May 20, 2015

Improved OauthHelper methods are now static, which also fixes compatibility with PHP 5.6

Improved Set Oauth_ProviderInfosModel::defineAttributes() as protected

Improved Set Oauth_TokenModel::defineAttributes() as protected

Improved Now using OauthPlugin::getSettingsUrl() instead of OauthPlugin::getSettingsHtml()'s redirect for specifying plugin's settings URL

Fixed Fixed a bug with OauthController::actionProviderInfos() 404 errors

OAuth 0.9.70 #

  • May 10, 2015

Added Developers can now register custom OAuth providers using getOAuthProviders() plugin method

Added Now using The PHP League OAuth 1 & OAuth 2 libraries

Added Added OauthPlugin::getOAuthProviders()

Improved Improved provider instantiation

Improved Moved console controller to Oauth_ConsoleController

Improved Moved console to oauth/console

Improved Moved getRealToken(), tokenToArray(), arrayToToken(), realTokenToArray() to OauthHelper

Improved Removed hasRefreshToken(), requestAccessToken() and refreshAccessToken() for oauth/base/Provider class

Improved Removed oauth.connect variable

Improved Removed OauthVariable::disconnect()

Improved Removed OauthVariable::getAccount()

Improved Removed OauthVariable::pluginCheckUpdates()

Improved Removed OauthVariable::pluginUpdatePluginsUrl()

Improved Removed Oauth_TokenModel::getHash()

Improved Removed Oauth_TokenModel::refreshToken()

OAuth 0.9.65 #

  • Mar 28, 2015

Added Added CSRF Protection support

Fixed Fixed a bug where redirect URL was wrong after saving provider settings

OAuth 0.9.64 #

  • Mar 19, 2015

Fixed Fixed a bug where Oauth_TokenRecord::endOfLife was not defined

OAuth 0.9.63 #

  • Mar 18, 2015

Added Added a message when clientId or clientSecret is being overridden by a config variable

Added Added BaseOAuthProviderSource::getAccount(), alias of getUserDetails() for retro compatibility

Added Added BaseOAuthProviderSource::getAuthorizationMethod()

Added Added BaseOAuthProviderSource::getAuthorizationUri()

Added Added BaseOAuthProviderSource::hasRefreshToken()

Added Added BaseOAuthProviderSource::refreshAccessToken()

Added Added BaseOAuthProviderSource::requestAccessToken()

Added Added craft.oauth.getProviderSource() method

Added Added OAuth 2.0 Guzzle plugin

Added Added OauthController::actionProvider()

Added Added TwitterOAuthProviderSource::requestAccessToken()

Improved BaseOAuthProviderSource::service is now protected

Improved Improved OauthService::arrayToToken()

Improved Improved plugin settings controller and templates

Improved Improved the way providers were loaded

Improved Improved token refresh

Improved Moved providers classes to oauth/src/Providers

Improved OauthService::connect() now returns a token model instead of an oauth object in its response

Improved Removed AbstractProvider::initProviderSource()

Improved Removed BaseOAuthProviderSource::hasAccessToken()

Improved Removed client id & secret attributes from BaseOAuthProviderSource

Improved Removed craft.oauth.getEncodedToken() and craft.oauth.getDecodedToken()

Improved Removed OauthProviderInfosModel::getAccount() and OauthProviderInfosModel::isConfigured()

Improved Removed Oauth_ProviderModel::initSource()

Improved Removed Oauth_TokenModel::getDecodedToken()

Improved Removed OauthService::_getProviderRecords()

Improved Removed OauthService::getToken() and OauthVariable::getToken()

Improved Removed OauthService::getTokenByEncodedToken()

Improved Removed OauthVariable::getProviderSource()

Improved Removed response errorRedirect and redirect values

Improved Renamed OauthProviderModel to OauthProviderInfosModel

Improved Renamed OauthProviderRecord to OauthProviderInfosRecord

Improved Replaced provider source's getAccount() method by getUserDetails()

Improved Token providerHandle and pluginHandle are now automatically populated in token response, making saving tokens easier

Improved Tokens now have their own column in the db instead of being stored as an encoded token object

Fixed Fixed a bug with refresh token

Fixed Fixed a bug where config infos were not being used properly on the OAuth provider edition page

Fixed Fixed a bug where the token returned by OauthService::connect() was not containing access token secret

Fixed Fixed a bug with providerId hidden field in oauth provider template

Fixed Fixed migrations

OAuth 0.9.60 #

  • Nov 24, 2014

Added Added LinkedIn OAuth provider

Added Added RunKeeper OAuth provider

Fixed Fixed a bug where OAuth couldn't connect if the user didn't have a Facebook username set

Fixed Fixed BitBucket console URL

Fixed Fixed Dribbble console URL

OAuth 0.9.58 #

  • Nov 07, 2014

Added Added Dribbble provider

Added Added Oauth_TokenModel::refreshToken()

Added Added OauthService::tokenToArray()

Added Added OauthService::arrayToToken()

Added Added OauthService::getTokenByEncodedToken()

Improved Now autoloading composer class from OauthPlugin

Improved Improved error handling

Improved Improved refresh token

Improved Removed chrisnharvey/oauth in composer.json

OAuth 0.9.57 #

  • Sep 27, 2014

Fixed Fixed a connect bug which was throwing an error when CURLOPTFOLLOWLOCATION used with openbasedir set

OAuth 0.9.56 #

  • Jun 26, 2014

Added New authentication logic

Added Added Instragram provider

Added Added BitBucket Provider

Added Now using a new OAuth library: lusitanian/oauth

Improved Improved connect endpoint url to actions/oauth/connect

Improved Dropped OAuth section and moved settings to OAuth plugin settings

Improved Dropped system and user tokens (Part of new authentication logic, see the docs)

Fixed Removed unnecessary logs

OAuth 0.9.54 #

  • May 01, 2014

Added Added support for Socialize plugin

Fixed Fixed a bug where socialRedirect session variable was not cleared before connect

OAuth 0.9.53 #

  • Apr 17, 2014

Added Added OAuth 2.0 support for Vimeo

Improved Now try catching OauthService::getToken() errors

Improved Replaced filegetcontents() by CURL to prevent errors when allowurlfopen is off

Fixed Fixed a bug where wrong indexes on the tokens table were preventing user tokens from being saved

OAuth 0.9.50 #

  • Apr 03, 2014

Improved Improved compatibility with Craft 2.0

Improved Changed hookRegisterCpRoutes() deprecated method to registerCpRoutes()

OAuth 0.9.49 #

  • Jan 31, 2014

Fixed Fixed a bug where refresh token with Google was not working because refresh_token was null.

OAuth 0.9.48 #

  • Dec 20, 2013

Added Client ID & Secret can now be defined in general.php

Added Added errors to httpSession for error handling when user is not logged

Improved Improved support for minimum scope required

Improved Providers needs to have clientId set in order to be considered as configured

Fixed Fixed bug where minimum scope was not taken into account

OAuth 0.9.47 #

  • Dec 11, 2013

Added Added Oauth_TokenModel::getSecret()

Added Added Oauth_TokenModel::getAccessToken()

Improved Oauth_TokenModel::getRealToken() now only returns a token if $this->token is defined

Improved craft()->oauth->getSystemToken() now returns null if real token is not defined of false

Fixed Fixed a bug where OauthService::getSystemToken would break if token was not defined or false

OAuth 0.9.46 #

  • Dec 04, 2013

Added Added Vimeo OAuth provider source

Added Added Oauth_ProviderModel::refreshToken() method

Improved Removed Guzzle as it's already packed with Craft

Improved Remove symfony/finder which is not used anymore

OAuth 0.9.35 #

  • Nov 28, 2013

Added Added BaseOAuthProviderSource::connectToken() and BaseOAuthProviderSource::connectScope()

Improved Improved providerSource->process() error handling

Improved Inverted web origin & redirect uri to match with Google Console new layout

Improved Improved API errors handling

Improved Improved settings template

Improved Improved OauthService::getAccount() error handling

Improved Improved token.scope support in OAuth tokens system and user cp sections

Improved Removed account caching. Now it's up to plugin developers to set up caching in their software

Improved Renamed OauthProviderModel::setScope() to OauthProviderModel::connectScope()

Fixed Fixed a problem where user tokens page would break if token.scope was not defined

Fixed Fixed a problem where system tokens page would break if token.scope was not defined

Fixed Fixed a bug where some objects were becoming incomplete because they were saved into sessions. It’s now calling social login callback straight away instead of redirecting to it.

Fixed Fixed bug with OauthPublicController::connectSystem and provider connectScope

OAuth 0.9.31 #

  • Oct 17, 2013

Fixed Fixed "callable" bug

OAuth 0.9.30 #

  • Oct 10, 2013

Added Added cache for provider getAccount()

Improved craft()->oauth->getToken() now returns a TokenModel

Improved Provider only needs clientId defined to be considered as configured

Fixed getRemotePlugin() returns null if simplexmlload_file fails

OAuth 0.9.29 #

  • Sep 13, 2013

Added Added OauthService->getTokenFromUserMapping($handle, $userMapping = null)

Added Added getMd5Token() method to Oauth_TokenModel

Improved Improved user mapping

Improved Added several unique indexes for Oauth_TokenRecord

Improved Removed account column from templates/fields/connect.html

Fixed Fixed a bug with Oauth_TokenModel getEncodedToken() method which was returning a token encoded twice

Fixed Fixed bug with FacebookOAuthProviderSource console url

Fixed Fixed bug with BaseOAuthProviderSource->_initProviderSource() which was trying trying to connect with empty clientId and clientSecret values

OAuth 0.9.23 #

  • Sep 10, 2013

Added Added System authentication with scope and namespace support

Added Added User authentication with smart scope support

Added Added Oauth_ProviderModel

Added Added Oauth_TokenModel

Added Added support for Facebook, GitHub, Google, Twitter and Flickr providers

Added Added craft()->oauth->getAccount()

Improved Improved auto-updating process

Improved Improved support for scopes

Improved OauthService refactoring

OAuth 0.9.12 #

  • Aug 18, 2013

Added Added OauthService->deleteTokenById($tokenId)

Added Added OauthService->instantiateProvider()

Added Added OauthService->connectProviderObject()

Improved Improved user & system tokens

Improved Improved user & system connect / disconnect

Improved Improved scopes

Improved Removed OauthPublicController->getSessionDuration()

Improved Removed OauthService->getProviderLibrary()

OAuth 0.9.11 #

  • Jul 17, 2013

Improved Removed useless authentication with namespace oauth.user

Fixed Fixed a bug with craft()->oauth->providerIsConnected and user tokens

Fixed Fixed a bug where OAuth plugin was crashing because the record didn't exist

OAuth 0.9.10 #

  • Jul 16, 2013

Added Added User ID column to tokens/user.html

Improved Improved User tokens support

Improved Try/catching $provider->getAccount() in order to prevent errors

OAuth 0.9.9 #

  • Jul 02, 2013

Added Log messages

Improved Improved OAuth process

Improved Removed & ignored vendor

OAuth 0.9.6 #

  • Jun 27, 2013

Fixed Fixed a bug where plugin would crash when Inspect plugin not installed

OAuth 0.9.3 #

  • Jun 25, 2013

Added GitHub support

Added README instructions for setting up system & user tokens

OAuth 0.9.2 #

  • Jun 24, 2013

Added OAuth authentication plugin for Craft