2020-01-27 14:28:40 -05:00
## 6.0.0 (2020-01-27)
2020-01-27 14:24:41 -05:00
Changes:
- bumped version of FB Graph API to v3.0
2018-03-29 12:48:21 -04:00
## 5.0.0 (2018-03-29)
2018-03-14 10:21:38 -04:00
Changes:
2018-03-29 14:30:14 -04:00
- bumped version of FB Graph API to v2.10 (#297, @piotrjaworski )
- use only CRuby 2.0+ on CI (#298, @simi )
2018-03-14 10:21:38 -04:00
2016-07-27 00:22:32 -04:00
## 4.0.0 (2016-07-26)
2016-06-26 20:46:57 -04:00
Changes:
2016-06-26 21:12:52 -04:00
- drop support for Ruby < 1.9.3 (@ mkdynamic )
2016-06-26 20:46:57 -04:00
- switch to versioned FB APIs, currently using v2.6 (#245, @printercu , @mkdynamic )
- remove deprecated :nickname field from README example (#223, @abelorian )
2016-06-27 22:33:57 -04:00
- add Ruby 2.2 + 2.3.0 to CI (#225, @tricknotes , @mkdynamic , @anoraak )
2016-08-01 17:27:32 -04:00
- update example app (@mkdynamic)
2016-06-26 20:46:57 -04:00
2015-10-27 01:56:53 -04:00
## 3.0.0 (2015-10-26)
2015-02-24 16:51:27 -05:00
2015-10-27 01:56:53 -04:00
Changes:
2016-06-26 20:45:47 -04:00
- remove query string from redirect_uri on callback by default (#221, @gioblu )
- signed request parsing extracted to `OmniAuth::Facebook::SignedRequest` class. (#183, @simi , @Vrael )
- change default value of `info_fields` to `name,email` for the [graph-api-v2.4 ](https://developers.facebook.com/blog/post/2015/07/08/graph-api-v2.4/ ). ([#209](https://github.com/mkdynamic/omniauth-facebook/pull/209))
2015-02-24 16:51:27 -05:00
2015-02-21 17:46:04 -05:00
## 2.0.1 (2015-02-21)
2015-02-13 16:02:01 -05:00
Bugfixes:
2016-06-26 20:45:47 -04:00
- allow versioning by not forcing absolute path for graph requests (#180, @frausto )
- allow the image_size option to be set as a symbol. (#182, @jgrau )
2015-02-13 16:02:01 -05:00
2014-08-07 19:53:27 -04:00
## 2.0.0 (2014-08-07)
2014-08-07 20:03:33 -04:00
Changes:
2016-06-26 20:45:47 -04:00
- remove support for canvas app flow (765ed9, @mkdynamic )
2014-08-07 20:03:33 -04:00
2014-08-07 19:53:27 -04:00
Bugfixes:
2016-06-26 20:45:47 -04:00
- bump omniauth-oauth2 dependency which addresses CVE-2012-6134 (#162, @linedotstar )
- rescue `NoAuthorizationCodeError` in callback_phase (a0036b, @tomoya55 )
- fix CSRF exception when using FB JS SDK and parsing signed request (765ed9, @mkdynamic )
2014-08-07 19:53:27 -04:00
2014-01-11 17:07:44 -05:00
## 1.6.0 (2014-01-13)
2013-12-02 21:07:58 -05:00
Features:
- ability to specify `auth_type` per-request (#78, @sebastian -stylesaint)
- image dimension can be set using `image_size` option (#91, @weilu )
- update Facebook authorize URL to fix broken authorization (#103, @dlackty )
- adds `info_fields` option (#109, @bloudermilk )
- adds `locale` parameter (#133, @donbobka , @simi )
2013-12-02 22:41:20 -05:00
- add automatically `appsecret_proof` (#140, @nlsrchtr , @simi )
2013-12-02 21:07:58 -05:00
Changes:
2013-12-03 03:59:17 -05:00
- `NoAuthorizationCodeError` and `UnknownSignatureAlgorithmError` will now `fail!` (#117, @nchelluri )
2013-12-02 21:07:58 -05:00
- don't try to parse the signature if it's nil (#127, @oriolgual )
2013-12-03 02:56:50 -05:00
## 1.5.1 (2013-11-18)
2013-12-02 21:07:58 -05:00
Changes:
- don't use `access_token` in URL [CVE-2013-4593 ](https://github.com/mkdynamic/omniauth-facebook/wiki/Access-token-vulnerability:-CVE-2013-4593 ) (@homakov, @mkdynamic , @simi )
2013-12-03 02:56:50 -05:00
## 1.5.0 (2013-11-13)
2013-12-02 21:07:58 -05:00
Changes:
- remove `state` param to fix CSRF vulnerabilty [CVE-2013-4562 ](https://github.com/mkdynamic/omniauth-facebook/wiki/CSRF-vulnerability:-CVE-2013-4562 ) (@homakov, @mkdynamic , @simi )
2013-12-03 02:56:50 -05:00
## 1.4.1 (2012-07-07)
2013-12-02 21:07:58 -05:00
Changes:
- update to omniauth-oauth2 1.1.0 for csrf protection (@mkdynamic)
2013-12-03 02:56:50 -05:00
## 1.4.0 (2012-06-24)
2013-12-02 21:07:58 -05:00
Features:
- obey `skip_info?` config (@mkdynamic)
- add support of the `:auth_type` option to `:authorize_options` (#58, @JHeidinga , @mkdynamic )
- support `access_token` parameter as part of the callback request (#62, @steverandy )
2013-12-03 02:56:50 -05:00
## 1.3.0 (2012-05-05)
2013-12-02 21:07:58 -05:00
Features:
- dynamic permissions in the auth params (#30, @famoseagle )
- add support for facebook canvas (@mkdynamic)
- add verified key to the info hash (#34, @ryansobol )
- add option to use secure url for image in auth hash (@mkdynamic)
- add option to specify image size (@mkdynamic)
Changes:
- have `raw_info` return an empty hash if the Facebook response returns false (#44, @brianjlandau )
- prevent oauth2 from interpreting Facebook's expires field as `expires_in` , when it's really `expires_at` (#39, @watsonbox )
- remove deprecated `offline_access` permission (@mkdynamic)
- tidy up the `callback_url` option (@mkdynamic)
2013-12-03 02:56:50 -05:00
## 1.2.0 (2012-01-06)
2013-12-02 21:07:58 -05:00
Features:
- add `state` to authorization params (#19, @GermanDZ )
Changes:
- lock to `rack ~> 1.3.6` (@mkdynamic)
2013-12-03 02:56:50 -05:00
## 1.1.0 (2011-12-10)
2013-12-02 21:07:58 -05:00
Features:
- add `callback_url` option (#13, @gumayunov )
- support for parsing code from signed request cookie (client-side flow) (@mkdynamic)
2013-12-03 02:56:50 -05:00
## 1.0.0 (2011-11-19)
2013-12-02 21:07:58 -05:00
Features:
- allow passing of display via option (@mkdynamic)
Bugfixes:
2013-12-03 02:56:50 -05:00
2013-12-02 21:07:58 -05:00
- fix `ten_mins_from_now` calculation (#7, @olegkovalenko )
2013-12-03 02:56:50 -05:00
## 1.0.0.rc2 (2011-11-11)
2013-12-02 21:07:58 -05:00
Features:
- allow passing `display` parameter (@mkdynamic)
- included default scope (@mkdynamic)
2013-12-03 02:56:50 -05:00
## 1.0.0.rc1 (2011-10-29)
2013-12-02 21:07:58 -05:00
- first public gem release (@mkdynamic)