Releases: auth0/auth0-PHP
Releases · auth0/auth0-PHP
8.6.0
Added
- PAR (Pushed Authorization Request) support¹ (#714):
Auth0\SDK\API\Authentication\PushedAuthorizationRequestis a new class for issuing Pushed Authorization Requests and producing authorization links for them.Auth0\SDK\API\Authentication::pushedAuthorizationRequest()has been added as a shortcut method for returning a configured instantiation of the above class.Auth0\SDK\Auth0::login()has been updated to support issuing Pushed Authorization Requests and returning authorization links for them.Auth0\SDK\Configuration\SdkConfigurationhas been updated to accept apushedAuthorizationRequestboolean to enable this feature.
Auth0\SDK\Auth0::isAuthenticated()has been added as a shortcut method. It is an alias forgetCredentials() !== null.
¹ Note: To use this feature, an Auth0 tenant must have support for it enabled. This feature is not yet available to all tenants.
8.5.0
This release improves the SDK's automatic discovery process of compatible HTTP clients, factories and messages (PSR-18, 17 and 7, respectively). If you encounter issues with your implementation not being discovered, please open an issue.
This release also introduces support for a number of additional Management API endpoints.
Added
-
State Management
- Added
Auth0\SDK\Auth0::refreshState()to force a refresh of the SDK's internal state. This is useful when you have updated the SDK's configuration and want to ensure the SDK is using the latest values.
- Added
-
Management API
Auth0\APIs\Management\UsersDELETE /users/:id/authenticators→deleteAllAuthenticators()(#702) (Documentation)
- Support for Authentication Method endpoints: (#707):
GET /api/v2/users/:user/authentication-methods→getAuthenticationMethods()(Documentation)PUT /api/v2/users/:user/authentication-methods→replaceAuthenticationMethods()(Documentation)DELETE /api/v2/users/:user/authentication-methods→deleteAuthenticationMethods(string user)(Documentation)POST /api/v2/users/:user/authentication-methods→createAuthenticationMethod()(Documentation)GET /api/v2/users/:user/authentication-methods/:method→getAuthenticationMethod()(Documentation)PATCH /api/v2/users/:user/authentication-methods/:method→updateAuthenticationMethod()(Documentation)DELETE /api/v2/users/:user/authentication-methods/:method→deleteAuthenticationMethod()(Documentation)
Fixed
- Transient storage would sometimes not be fully cleared after a successful code exchange under certain conditions.
- Calls to certain methods under
Auth0\SDK\API\Authenticationwith manually assignedclient_idorclient_secretparameters could have those values overwritten by the SDK's assigned configuration. #705
Changed
- Upgraded test suite to PEST 2.0 framework.
- Updated code styling rules, along with some light refactoring.
- Updated production dependencies:
- Replaced
php-http/discoverydependency withpsr-discovery/all. - Replaced
php-http/httplugdependency withpsr-discovery/all.
- Replaced
- Updated development dependencies:
- Removed
ergebnis/composer-normalizeas it now runs in CI. - Removed
firebase/php-jwtas it was replaced by an in-library generator. - Replaced
hyperf/eventwithsymfony/event-dispatcher. - Replaced
laravel/pintwithfriendsofphp/php-cs-fixer. - Replaced
nyholm/psr7withpsr-mock/http-factory-implementation. - Replaced
php-http/mock-clientwithpsr-mock/http-client-implementation. - Updated
vimeo/psalmto 5.8. - Updated
phpstan/phpstanto 1.10. - Updated
rector/rectorto 0.15.
- Removed
Thanks to our contributors for this release: knash94
8.4.0
8.3.8
8.3.7
Fixed
- fix: emailPasswordlessStart() incorrectly passes
paramsasarrayunder some conditions #670 (evansims) - fix: Remove redundant Cache
getItem()call inAuth0\SDK\Token\Verifier::getKeySet()#669 (pkivits-litebit)