Cakephp Authentication Versions Save

What's Changed

• 3.x: change composer.json to cake5 stable version by @LordSimal in https://github.com/cakephp/authentication/pull/632
• Bump actions/checkout from 3 to 4 by @dependabot in https://github.com/cakephp/authentication/pull/634
• Update constants by @ADmad in https://github.com/cakephp/authentication/pull/635
• adjust 3.x docs config by @LordSimal in https://github.com/cakephp/authentication/pull/637
• adjust 3.x dockerfiles by @LordSimal in https://github.com/cakephp/authentication/pull/638
• 3.x: adjust docs by @LordSimal in https://github.com/cakephp/authentication/pull/639
• add docs on how to test basic/digest auth by @LordSimal in https://github.com/cakephp/authentication/pull/640
• Fix Inline Code Formatting by @amayer5125 in https://github.com/cakephp/authentication/pull/642
• Allow psr/http-message ^1.0 next to ^2.0 by @swiffer in https://github.com/cakephp/authentication/pull/644
• Run composer normalize over composer.json by @dereuromark in https://github.com/cakephp/authentication/pull/649

Full Changelog: https://github.com/cakephp/authentication/compare/3.0.2...3.0.3

What's Changed

• Fix tests and improve CI by @LordSimal in https://github.com/cakephp/authentication/pull/611
• Adjust CI for PHP 8.2 by @LordSimal in https://github.com/cakephp/authentication/pull/620 https://github.com/cakephp/authentication/pull/621
• add array to @return tag to support composite primary keys by @voronoy in https://github.com/cakephp/authentication/pull/625
• allow manually dispatching ci workflow by @LordSimal in https://github.com/cakephp/authentication/pull/628
• Fix deprecations by @markstory in https://github.com/cakephp/authentication/pull/641

New Contributors

• @voronoy made their first contribution in https://github.com/cakephp/authentication/pull/625

Full Changelog: https://github.com/cakephp/authentication/compare/2.10.1...2.10.2

• Update to stable dependencies.

Full Changelog: https://github.com/cakephp/authentication/compare/3.0.0...3.0.2

First version compatible with CakePHP 5.0

What's Changed

• Add native type declarations by @othercorey in https://github.com/cakephp/authentication/pull/549
• Remove unnecessary exception on ObjectRegistry return type by @othercorey in https://github.com/cakephp/authentication/pull/550
• fix Uri class usage by @LordSimal in https://github.com/cakephp/authentication/pull/598
• add array to @return tag to support composite primary keys by @voronoy in https://github.com/cakephp/authentication/pull/625
• Move identifier constants into respective classes. by @ADmad in https://github.com/cakephp/authentication/pull/629

New Contributors

• @skie made their first contribution in https://github.com/cakephp/authentication/pull/617
• @voronoy made their first contribution in https://github.com/cakephp/authentication/pull/625

Full Changelog: https://github.com/cakephp/authentication/compare/2.10.1...3.0.0

What's Changed

• Added link to Users table structure by @yosus in https://github.com/cakephp/authentication/pull/601
• Add missing links to sidebar and further reading by @cleptric in https://github.com/cakephp/authentication/pull/603
• Fix impersonation version info in docs by @LordSimal in https://github.com/cakephp/authentication/pull/604
• Bump actions/stale from 6 to 7 by @dependabot in https://github.com/cakephp/authentication/pull/599
• Update index.rst by @luizcmarin in https://github.com/cakephp/authentication/pull/605
• Add example on how to mimic Auth->deny by @LordSimal in https://github.com/cakephp/authentication/pull/607
• Store only the original data in the impersonation session by @markstory in https://github.com/cakephp/authentication/pull/608

New Contributors

• @yosus made their first contribution in https://github.com/cakephp/authentication/pull/601
• @luizcmarin made their first contribution in https://github.com/cakephp/authentication/pull/605

Full Changelog: https://github.com/cakephp/authentication/compare/2.10.0...2.10.1

Updated Dependencies

• The 2.10.0 release requires a minimum of CakePHP 4.4.0 and PHP 7.4.0
• The optional dependency on firebase/jwt has changed from ^5.5 to ^6.2

New Features

• Implement Impersonation by @ajibarra in https://github.com/cakephp/authentication/pull/532
• Add AuthenticationComponent identityCheckEvent option by @Erwane in https://github.com/cakephp/authentication/pull/555
• Token Identifier: Add Option to Hash Token Before Resolving by @amayer5125 in https://github.com/cakephp/authentication/pull/559
• Adds tls option to LDAP identifier by @eardkdw in https://github.com/cakephp/authentication/pull/510
• Added EnvironmentAuthenticator to allow integration with Shiboleth authentication by @MolbioUnige in https://github.com/cakephp/authentication/pull/565

Bug fixes

• Bump to php-jwt 6.2 and remove temporary/deprecated code by @swiffer in https://github.com/cakephp/authentication/pull/507
• User friendly exception when auth middleware is not loaded by @cnizzardini in https://github.com/cakephp/authentication/pull/513
• Fix null value causing a type error in the password identifier. by @ndm2 in https://github.com/cakephp/authentication/pull/542
• Fix deprecations in tests by @markstory in https://github.com/cakephp/authentication/pull/544
• Fix return type for offsetSet() by @othercorey in https://github.com/cakephp/authentication/pull/547
• Fix invalid default value for $config parameter by @othercorey in https://github.com/cakephp/authentication/pull/546
• Fix return type annotation for Identity::__isset() by @othercorey in https://github.com/cakephp/authentication/pull/548

Documentation and tooling changes

• Fixed syntax errors in documentation @cnizzardini in https://github.com/cakephp/authentication/pull/511
• Add more context to testing docs. by @markstory in https://github.com/cakephp/authentication/pull/515
• Updated documentation tooling by @ndm2 in https://github.com/cakephp/authentication/pull/516, https://github.com/cakephp/authentication/pull/519
• Update french doc translation by @zachee54 in https://github.com/cakephp/authentication/pull/523
• Update to PHPStan 1.5 and Psalm to 4.22 by @LordSimal in https://github.com/cakephp/authentication/pull/522
• よりわかりやすく by @yuki-yasumura in https://github.com/cakephp/authentication/pull/524
• Add note on Authentication.Password Identifier resolvers default finder by @cnizzardini in https://github.com/cakephp/authentication/pull/525
• firebase/php-jwt compatibility note by @cnizzardini in https://github.com/cakephp/authentication/pull/531
• Replaced Legacy AuthComponent Update password-hashers.rst by @markusramsak in https://github.com/cakephp/authentication/pull/534
• update phpstan and psalm by @LordSimal in https://github.com/cakephp/authentication/pull/537
• Fix typo by @PhantomWatson in https://github.com/cakephp/authentication/pull/540
• Refactor example code by @PhantomWatson in https://github.com/cakephp/authentication/pull/539
• [doc][fr] Translate d2db3176 by @zachee54 in https://github.com/cakephp/authentication/pull/541
• Remove redundant logic from login action example by @nishimura-d in https://github.com/cakephp/authentication/pull/543
• Add docs for account impersonation. by @markstory in https://github.com/cakephp/authentication/pull/551
• Update the middleware example by @B3none in https://github.com/cakephp/authentication/pull/552
• Note about IDE comp improvement by @dereuromark in https://github.com/cakephp/authentication/pull/561
• update docs links by @Arhell in https://github.com/cakephp/authentication/pull/568
• Use newer ubuntu for tests. by @markstory in https://github.com/cakephp/authentication/pull/578

New Contributors

• @cnizzardini made their first contribution in https://github.com/cakephp/authentication/pull/511
• @yuki-yasumura made their first contribution in https://github.com/cakephp/authentication/pull/524
• @dependabot made their first contribution in https://github.com/cakephp/authentication/pull/526
• @markusramsak made their first contribution in https://github.com/cakephp/authentication/pull/534
• @nishimura-d made their first contribution in https://github.com/cakephp/authentication/pull/543
• @ajibarra made their first contribution in https://github.com/cakephp/authentication/pull/532
• @B3none made their first contribution in https://github.com/cakephp/authentication/pull/552
• @amayer5125 made their first contribution in https://github.com/cakephp/authentication/pull/559
• @eardkdw made their first contribution in https://github.com/cakephp/authentication/pull/510
• @MolbioUnige made their first contribution in https://github.com/cakephp/authentication/pull/565

Full Changelog: https://github.com/cakephp/authentication/compare/2.9.0...2.10.0

What's Changed

• Support for JSON Web Key Sets by @swiffer in https://github.com/cakephp/authentication/pull/505

New Contributors

• @swiffer made their first contribution in https://github.com/cakephp/authentication/pull/505

Full Changelog: https://github.com/cakephp/authentication/compare/2.8.0...2.9.0

What's Changed

• Allow skipping the challenge exception generation for Http Basic/Digest Auth. by @ADmad in https://github.com/cakephp/authentication/pull/498
• Fixed translation errors in documents. by @karintou8710 in https://github.com/cakephp/authentication/pull/503
• Added the default option to add the application salt to the cookie by @RobertoRoos in https://github.com/cakephp/authentication/pull/467

⚠️ Important Upgrade Information for Cookie Authenticator Users

This release changes the default stored token for Cookie Authenticator. The token is now comprised of hash(username + password-hash + hmac(username + password, salt)). This helps prevent forged tokens from being created in case an application database is compromised. This change will invalidate all existing cookie tokens. If you do not desire that, be sure to set salt => false in your configuration for CookieAuthenticator

New Contributors

• @karintou8710 made their first contribution in https://github.com/cakephp/authentication/pull/503
• @RobertoRoos made their first contribution in https://github.com/cakephp/authentication/pull/467

Full Changelog: https://github.com/cakephp/authentication/compare/2.7.0...2.8.0

What's Changed

• Bump firebase/php-jwt to v5.5, and deprecate algorithms in favour of only using a single algorithm in JwtAuthenticator. by @markstory, @ADmad, @pabloelcolombiano in https://github.com/cakephp/authentication/pull/500

Full Changelog: https://github.com/cakephp/authentication/compare/2.6.2...2.7.0

What's Changed

• Improve Documentation including translations to Spanish and French @zachee54, @davidyell, @opeadeyomoye, @enviniom, @Arhell, @LordSimal, @ADmad, @ndm2, @ravage84 in https://github.com/cakephp/authentication/pull/452, https://github.com/cakephp/authentication/pull/455, https://github.com/cakephp/authentication/pull/456, https://github.com/cakephp/authentication/pull/457, https://github.com/cakephp/authentication/pull/461, https://github.com/cakephp/authentication/pull/463, https://github.com/cakephp/authentication/pull/466, https://github.com/cakephp/authentication/pull/469, https://github.com/cakephp/authentication/pull/474, https://github.com/cakephp/authentication/pull/475, https://github.com/cakephp/authentication/pull/477, https://github.com/cakephp/authentication/pull/480, https://github.com/cakephp/authentication/pull/478, https://github.com/cakephp/authentication/pull/487, https://github.com/cakephp/authentication/pull/490
• Improve CI tooling @othercorey, @CriztianiX in https://github.com/cakephp/authentication/pull/483, https://github.com/cakephp/authentication/pull/460, https://github.com/cakephp/authentication/pull/489, https://github.com/cakephp/authentication/pull/491
• Add php 8.1 to matrix by @othercorey in https://github.com/cakephp/authentication/pull/484, https://github.com/cakephp/authentication/pull/482, https://github.com/cakephp/authentication/pull/492, https://github.com/cakephp/authentication/pull/496
• Fix cakephp 4.3 deprecations by @othercorey in https://github.com/cakephp/authentication/pull/486

Security Improvements

• Overwrite "algorithms" config of JWT authenticator instead of merging. by @ADmad in https://github.com/cakephp/authentication/pull/501

New Contributors

• @zachee54 made their first contribution in https://github.com/cakephp/authentication/pull/452
• @opeadeyomoye made their first contribution in https://github.com/cakephp/authentication/pull/463
• @enviniom made their first contribution in https://github.com/cakephp/authentication/pull/469
• @albertcansado made their first contribution in https://github.com/cakephp/authentication/pull/472
• @Arhell made their first contribution in https://github.com/cakephp/authentication/pull/477
• @LordSimal made their first contribution in https://github.com/cakephp/authentication/pull/478
• @CriztianiX made their first contribution in https://github.com/cakephp/authentication/pull/482

Full Changelog: https://github.com/cakephp/authentication/compare/2.6.1...2.6.2