OpenID Connect PHP Versions Save

Minimalist OpenID Connect client

v1.0.0

5 months ago

v0.9.10

1 year ago

Fixed

  • private_key_jwt and client_secret_jwt need to explicitly be enabled #331

v0.9.9

1 year ago

Added

  • Added support for back-channel logout. #302
  • Added support for private_key_jwt Client Authentication method #322

Fixed

  • Harden self-signed JWK header usage. #323

v0.9.8

1 year ago

Fixed

  • Do not use PKCE if IdP does not support it. #317

v0.9.7

1 year ago

Added

  • Support for Self-Contained JWTs. #308
  • Support for RFC8693 Token Exchange Request. #275

Fixed

  • PHP 5.4 compatibility. #304
  • Use session_status(). #306

v0.9.6

2 years ago

Added

  • Support for phpseclib/phpseclib version 3. #260
  • Support client_secret on token endpoint with PKCE. #293
  • Added new parameter to requestTokens() to pass custom HTTP headers #297

Changed

  • Allow serializing OpenIDConnectClient using serialize() #295

v0.9.5

2 years ago

Changed

  • signOut() Method parameter $accessToken -> $idToken to prevent confusion about access and id tokens usage. #127
  • Fixed issue where missing nonce within the claims was causing an exception. #280

v0.9.4

2 years ago

Added

  • Enabled client_secret_basic authentication on refreshToken() #215
  • Basic auth support for requestResourceOwnerToken #271

v0.9.3

2 years ago

Added

  • getRedirectURL() will not log a warning for PHP 7.1+ #179
  • it is now possible to disable upgrading from HTTP to HTTPS for development purposes by calling setHttpUpgradeInsecureRequests(false) #241
  • bugfix in getSessionKey when _SESSION key does not exist #251
  • Added scope parameter to refresh token request #225
  • bugfix in verifyJWTclaims when $accessToken is empty and $claims->at_hash is not #276
  • bugfix with the empty function in PHP 5.4 #267

v0.9.2

3 years ago

Added

  • Support for PKCE. Currently the supported methods are 'plain' and 'S256'.