5.8 KiB
5.8 KiB
Changelog
All notable changes to this project will be documented in this file.
1.0.1 - 2022-03-10
Added
- Output granted scopes in credentials block of the auth hash.
- Migrated to GitHub actions.
Deprecated
- Nothing.
Removed
- Nothing.
Fixed
- Overriding the
redirect_uri
via params or JSON request body.
1.0.0 - 2021-03-14
Added
- Support for Omniauth 2.x!
Deprecated
- Nothing.
Removed
- Support for Omniauth 1.x.
Fixed
- Nothing.
0.8.2 - 2021-03-14
Added
- Constrains the version to Omniauth 1.x.
Deprecated
- Nothing.
Removed
- Nothing.
Fixed
- Nothing.
0.8.1 - 2020-12-12
Added
- Support reading the access token from a json request body.
Deprecated
- Nothing.
Removed
- No longer verify the iat claim for JWT.
Fixed
- A few minor issues with .rubocop.yml.
- Issues with image resizing code when the image came with size information from Google.
0.8.0 - 2019-08-21
Added
- Updated omniauth-oauth2 to v1.6.0 for security fixes.
Deprecated
- Nothing.
Removed
- Ruby 2.1 support.
Fixed
- Nothing.
0.7.0 - 2019-06-03
Added
- Ensure
info[:email]
is always verified, and includeunverified_email
Deprecated
- Nothing.
Removed
- Nothing.
Fixed
- Nothing.
0.6.1 - 2019-03-07
Added
- Return
email
andemail_verified
keys in response.
Deprecated
- Nothing.
Removed
- Nothing.
Fixed
- Nothing.
0.6.0 - 2018-12-28
Added
- Support for JWT 2.x.
Deprecated
- Nothing.
Removed
- Support for JWT 1.x.
- Support for
raw_friend_info
andraw_image_info
. - Stop using Google+ API endpoints.
Fixed
- Nothing.
0.5.4 - 2018-12-07
Added
- New recommended endpoints for Google OAuth.
Deprecated
- Nothing.
Removed
- Nothing.
Fixed
- Nothing.
0.5.3 - 2018-01-25
Added
- Added support for the JWT 2.x gem.
- Now fully qualifies the
JWT
class to prevent conflicts with theOmniauth::JWT
strategy.
Deprecated
- Nothing.
Removed
- Removed the
multijson
dependency. - Support for versions of
omniauth-oauth2
< 1.5.
Fixed
- Nothing.
0.5.2 - 2017-07-30
Added
- Nothing.
Deprecated
- Nothing.
Removed
- New
authorize_url
andtoken_url
endpoints are reverted until JWT 2.0 ships.
Fixed
- Nothing.
0.5.1 - 2017-07-19
Added
- Breaking JWT iss verification can be enabled/disabled with the
verify_iss
flag - see the README for more details. - Authorize options now includes
device_id
anddevice_name
for private ip ranges.
Deprecated
- Nothing.
Removed
- Nothing.
Fixed
- Updated
authorize_url
andtoken_url
to new endpoints.
0.5.0 - 2017-05-29
Added
- Rubocop checks to specs.
- Defaulted dev environment to ruby 2.3.4.
Deprecated
- Nothing.
Removed
- Testing support for older versions of ruby not supported by OmniAuth 1.5.
- Key
[:urls]['Google']
no longer exists, it has been renamed to[:urls][:google]
.
Fixed
- Updated all code to rubocop conventions. This includes the Ruby 1.9 hash syntax when appropriate.
- Example javascript flow now picks up ENV vars for google key and secret.
0.4.1 - 2016-03-14
Added
- Nothing.
Deprecated
- Nothing.
Removed
- Nothing.
Fixed
- Fixed JWT iat leeway by requiring ruby-jwt 1.5.2
0.4.0 - 2016-03-11
Added
- Addedd ability to specify multiple hosted domains.
- Added a default leeway of 1 minute to JWT token validation.
- Now requires ruby-jwt 1.5.x.
Deprecated
- Nothing.
Removed
- Removed support for ruby 1.9.3 as ruby-jwt 1.5.x does not support it.
Fixed
- Nothing.
0.3.1 - 2016-01-28
Added
- Verify Hosted Domain if hd is set in options.
Deprecated
- Nothing.
Removed
- Dependency on addressable.
Fixed
- Nothing.
0.3.0 - 2016-01-09
Added
- Updated verify_token to use the v3 tokeninfo endpoint.
Deprecated
- Nothing.
Removed
- Nothing.
Fixed
- Compatibility with omniauth-oauth2 1.4.0
0.2.10 - 2015-11-05
Added
- Nothing.
Deprecated
- Nothing.
Removed
- Removed some checks on the id_token. Now only parses the id_token in the JWT processing.
Fixed
- Nothing.
0.2.9 - 2015-10-29
Added
- Nothing.
Deprecated
- Nothing.
Removed
- Nothing.
Fixed
- Issue with omniauth-oauth2 where redirect_uri was handled improperly. We now lock the dependency to ~> 1.3.1
0.2.8 - 2015-10-01
Added
- Added skip_jwt option to bypass JWT decoding in case you get decoding errors.
Deprecated
- Nothing.
Removed
- Nothing.
Fixed
- Resolved JWT::InvalidIatError. https://github.com/zquestz/omniauth-google-oauth2/issues/195
0.2.7 - 2015-09-25
Added
- Now strips out the 'sz' parameter from profile image urls.
- Now uses 'addressable' gem for URI actions.
- Added image data to extras hash.
- Override validation on JWT token for open_id token.
- Handle authorization codes coming from an installed applications.
Deprecated
- Nothing.
Removed
- Nothing.
Fixed
- Fixes double slashes in google image urls.
0.2.6 - 2014-10-26
Added
- Nothing.
Deprecated
- Nothing.
Removed
- Nothing.
Fixed
- Hybrid authorization issues due to bad method alias.
0.2.5 - 2014-07-09
Added
- Support for versions of omniauth past 1.0.x.
Deprecated
- Nothing.
Removed
- Nothing.
Fixed
- Nothing.
0.2.4 - 2014-04-25
Added
- Now requiring the "Contacts API" and "Google+ API" to be enabled in your Google API console.
Deprecated
- The old Google OAuth API support was removed without deprecation.
Removed
- Support for the old Google OAuth API.
OAuth2::Error
will be thrown and state that access is not configured when you attempt to authenticate using the old API. See Added section for this release.
Fixed
- Nothing.