CHANGES-2.1.0 2.4 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152
  1. * API Changes
  2. * AX::FetchResponse::fromSuccessResponse - return null when AX
  3. response arguments are absent
  4. * Alter AX fromOpenIDRequest() to take Auth_OpenID_AuthRequest
  5. object instead of Auth_OpenID_Message object so that it matches
  6. its counterpart methods in SREG and PAPE extensions.
  7. * PAPE (Provider Authentication Policy Extension) module
  8. * Updated extension for specification draft 2
  9. * Auth_OpenID_PAPE_Request::fromSuccessResponse returns None if
  10. PAPE response arguments were not signed
  11. * Added functions to generate request/response HTML forms with
  12. auto-submission javascript
  13. * Consumer (relying party) API:
  14. Auth_OpenID_AuthRequest::htmlMarkup
  15. * Server API: Auth_OpenID_OpenIDResponse::toHTML
  16. * New Features
  17. * Added examples/discover.php, an OpenID service discovery tool
  18. * Add optional form_tag_attrs argument to
  19. Auth_OpenID_ServerResponse::toFormMarkup for setting arbitrary
  20. FORM element attributes
  21. * Fetchers now only read/request first megabyte of response
  22. * Bug Fixes
  23. * NOT NULL constraints were added to SQLStore tables where
  24. appropriate
  25. * Yadis discovery now properly falls back to HTML-based discovery if
  26. it fails to get an XRDS document
  27. * Auth_OpenID_Decoder now behaves correctly when given a protocol
  28. message with an invalid OpenID namespace or a missing OpenID mode
  29. * Auth_OpenID_OpenIDResponse::toFormMarkup: Use return_to from the
  30. request, not the response fields (Not all responses (i.e. cancel,
  31. setup_needed) include a return_to field.)
  32. * normalize return_to URL before performing return_to verification
  33. * Auth_OpenID_Consumer::_verifyDiscoveryResults: fall back to OpenID
  34. 1.0 type if 1.1 endpoint cannot be found
  35. * Auth_Yadis_ParanoidHTTPFetcher now works correctly with both array
  36. and non-array CURL versions
  37. * Clarified licensing language in all source files
  38. * OpenID 1 association requests no longer explicitly set
  39. no-encryption session type
  40. * Auth_OpenID_ServiceEndpoint::getDisplayIdentifier no longer
  41. includes a fragment, if present, in display identifiers
  42. * check_authentication requests: copy entire response, not just
  43. signed fields. Fixes missing namespace in check_authentication
  44. requests
  45. * Yadis discovery now includes application/xhtml+xml and qualities
  46. in the Accept header
  47. * Normalize URLs correctly with URINorm.php
  48. * Auth_OpenID_MySQLStore: Use ENGINE instead of TYPE when creating
  49. tables