PHP SDK for Auth0 Authentication and Management APIs.
MIT License
Bot releases are hidden (Show)
Published by evansims 11 months ago
Fixed
Published by evansims 11 months ago
Published by evansims over 1 year ago
Added
Auth0\SDK\API\Authentication\PushedAuthorizationRequest
is a new class for issuing Pushed Authorization Requests and producing authorization links for them.Auth0\SDK\API\Authentication::pushedAuthorizationRequest()
has been added as a shortcut method for returning a configured instantiation of the above class.Auth0\SDK\Auth0::login()
has been updated to support issuing Pushed Authorization Requests and returning authorization links for them.Auth0\SDK\Configuration\SdkConfiguration
has been updated to accept a pushedAuthorizationRequest
boolean to enable this feature.Auth0\SDK\Auth0::isAuthenticated()
has been added as a shortcut method. It is an alias for getCredentials() !== null
.¹ Note: To use this feature, an Auth0 tenant must have support for it enabled. This feature is not yet available to all tenants.
Published by evansims over 1 year ago
This release improves the SDK's automatic discovery process of compatible HTTP clients, factories and messages (PSR-18, 17 and 7, respectively). If you encounter issues with your implementation not being discovered, please open an issue.
This release also introduces support for a number of additional Management API endpoints.
Added
State Management
Auth0\SDK\Auth0::refreshState()
to force a refresh of the SDK's internal state. This is useful when you have updated the SDK's configuration and want to ensure the SDK is using the latest values.Management API
Auth0\APIs\Management\Users
DELETE /users/:id/authenticators
→ deleteAllAuthenticators()
(#702) (Documentation)GET /api/v2/users/:user/authentication-methods
→ getAuthenticationMethods()
(Documentation)PUT /api/v2/users/:user/authentication-methods
→ replaceAuthenticationMethods()
(Documentation)DELETE /api/v2/users/:user/authentication-methods
→ deleteAuthenticationMethods(string user)
(Documentation)POST /api/v2/users/:user/authentication-methods
→ createAuthenticationMethod()
(Documentation)GET /api/v2/users/:user/authentication-methods/:method
→ getAuthenticationMethod()
(Documentation)PATCH /api/v2/users/:user/authentication-methods/:method
→ updateAuthenticationMethod()
(Documentation)DELETE /api/v2/users/:user/authentication-methods/:method
→ deleteAuthenticationMethod()
(Documentation)Fixed
Auth0\SDK\API\Authentication
with manually assigned client_id
or client_secret
parameters could have those values overwritten by the SDK's assigned configuration. #705
Changed
php-http/discovery
dependency with psr-discovery/all
.php-http/httplug
dependency with psr-discovery/all
.ergebnis/composer-normalize
as it now runs in CI.firebase/php-jwt
as it was replaced by an in-library generator.hyperf/event
with symfony/event-dispatcher
.laravel/pint
with friendsofphp/php-cs-fixer
.nyholm/psr7
with psr-mock/http-factory-implementation
.php-http/mock-client
with psr-mock/http-client-implementation
.vimeo/psalm
to 5.8.phpstan/phpstan
to 1.10.rector/rector
to 0.15.Thanks to our contributors for this release: knash94
Published by evansims over 1 year ago
Published by evansims almost 2 years ago
Published by evansims almost 2 years ago
Fixed
params
as array
under some conditions #670 (evansims)getItem()
call in Auth0\SDK\Token\Verifier::getKeySet()
#669 (pkivits-litebit)Published by evansims almost 2 years ago
Published by evansims almost 2 years ago
Fixed
Published by evansims about 2 years ago
Fixed
Published by evansims about 2 years ago
Published by evansims about 2 years ago
Changed
Fixed
Note: Previously in some circumstances, cookie secrets were not always being required in strategies where they should have been required. This has been resolved as part of the fixes in this release. If you are suddenly prompted to configure a cookie secret in an app that doesn't use sessions/cookies, please ensure you are using the correct strategy: https://github.com/auth0/auth0-PHP/tree/8.3.1#configuration-strategies
Published by evansims about 2 years ago
Added
Changed
samesite
property #645 (evansims)getRequestParameter()
filter to use FILTER_SANITIZE_FULL_SPECIAL_CHARS and allow passing extra filter options #642 (evansims)login()
for transient cookies, and clear()
#641 (evansims)Published by evansims over 2 years ago
Fixed
Auth0\SDK\Configuration\SdkConfiguration
where customDomain
was not properly formatted in some configurations, leading to inconsistencies in certain SDK functions, such as Token validation. customDomain
is now formatted identically to domain
. #633 (evansims)Closed Issues
Published by evansims over 2 years ago
Many thanks to our community contributors for this release: elbebass, fullstackfool, jeromefitzpatrick, marko-ilic and sepiariver.
Added
Auth0\SDK\Auth0::getBearerToken()
#620 (evansims)Auth0\SDK\Configuration\SdkConfiguration::STRATEGY_API
#619 (evansims)Changed
Auth0\SDK\Exception\InvalidTokenException
on JsonException #614 (marko-ilic)Auth0\SDK\Exception\NetworkException
when Management API credential exchange fails #608 (sepiariver)Documentation Contributions
management
configuration strategy (domain
is required) #604 (fullstackfool)Other Improvements
Published by evansims over 2 years ago