52 lines
2.4 KiB
Plaintext
52 lines
2.4 KiB
Plaintext
* API Changes
|
|
* AX::FetchResponse::fromSuccessResponse - return null when AX
|
|
response arguments are absent
|
|
* Alter AX fromOpenIDRequest() to take Auth_OpenID_AuthRequest
|
|
object instead of Auth_OpenID_Message object so that it matches
|
|
its counterpart methods in SREG and PAPE extensions.
|
|
* PAPE (Provider Authentication Policy Extension) module
|
|
* Updated extension for specification draft 2
|
|
* Auth_OpenID_PAPE_Request::fromSuccessResponse returns None if
|
|
PAPE response arguments were not signed
|
|
* Added functions to generate request/response HTML forms with
|
|
auto-submission javascript
|
|
* Consumer (relying party) API:
|
|
Auth_OpenID_AuthRequest::htmlMarkup
|
|
* Server API: Auth_OpenID_OpenIDResponse::toHTML
|
|
|
|
* New Features
|
|
* Added examples/discover.php, an OpenID service discovery tool
|
|
* Add optional form_tag_attrs argument to
|
|
Auth_OpenID_ServerResponse::toFormMarkup for setting arbitrary
|
|
FORM element attributes
|
|
* Fetchers now only read/request first megabyte of response
|
|
|
|
* Bug Fixes
|
|
* NOT NULL constraints were added to SQLStore tables where
|
|
appropriate
|
|
* Yadis discovery now properly falls back to HTML-based discovery if
|
|
it fails to get an XRDS document
|
|
* Auth_OpenID_Decoder now behaves correctly when given a protocol
|
|
message with an invalid OpenID namespace or a missing OpenID mode
|
|
* Auth_OpenID_OpenIDResponse::toFormMarkup: Use return_to from the
|
|
request, not the response fields (Not all responses (i.e. cancel,
|
|
setup_needed) include a return_to field.)
|
|
* normalize return_to URL before performing return_to verification
|
|
* Auth_OpenID_Consumer::_verifyDiscoveryResults: fall back to OpenID
|
|
1.0 type if 1.1 endpoint cannot be found
|
|
* Auth_Yadis_ParanoidHTTPFetcher now works correctly with both array
|
|
and non-array CURL versions
|
|
* Clarified licensing language in all source files
|
|
* OpenID 1 association requests no longer explicitly set
|
|
no-encryption session type
|
|
* Auth_OpenID_ServiceEndpoint::getDisplayIdentifier no longer
|
|
includes a fragment, if present, in display identifiers
|
|
* check_authentication requests: copy entire response, not just
|
|
signed fields. Fixes missing namespace in check_authentication
|
|
requests
|
|
* Yadis discovery now includes application/xhtml+xml and qualities
|
|
in the Accept header
|
|
* Normalize URLs correctly with URINorm.php
|
|
* Auth_OpenID_MySQLStore: Use ENGINE instead of TYPE when creating
|
|
tables
|