Version 4.2.0

What's Changed

• Add IndieAuth Metadata Endpoint by @dshanske in #226
• New Endpoints by @dshanske in #227

Full Changelog: 4.1.1...4.2.0

Version 4.1.0

• Add experimental ticket auth endpoint
• Bug fix on endpoint discovery discovered during ticket auth development
• Introduce Token Introspection Endpoint as per proposal to integrate RFC7662. For now, will exist concurrently with the older token verification response until it is deprecated.
• Ensure profile responses are returned when appropriate.
• Misc Bug Fixes discovered in unit testing
• Updating of settings configuration
• Improved default for user who gets to identify as root of site.
• Introduce Refresh Token Functionality
• Create was not pre-checked in new selections when offered as an option.

Version 4.0.0

Adds expiring tokens

Version 3.6.0

Major release to update to latest revision of the spec.

Release 3.5.1

Merge pull request #180 from dshanske/3.5.1

3.5.1

Release 3.5.0

Merge pull request #179 from dshanske/deploy

Do not know how that happened

3.4.2

• Repair issue with other flow caused by function name issue

3.4.1

Adds setting in plugin to set the user using the site URL as their identity. Otherwise, users use their /author/username URLs. This removed the dependency on the Indieweb plugin to supply that info.

3.4.0

• Enforce unique URLs for user accounts
• Add user url to user table
• Redo association for URL to user account. At this time, only the root path and the author archive URLs are allowed as a return. Hoping to add more options in future
• Add Site Health Check
• Improve text and links for authorization failure

Version 3.3.2

• Add new diagnostic script that will nag you until you run it at least once
• Add cache control headers on return from endpoint
• Verifying the token at the token endpoint did not use REDIRECT_HTTP_AUTHORIZATION now added
• Add header check to settings page
• Add option to generate tokens on the backend with any scope
• Add option to bulk expire tokens
• Add cleanup option