4.2 KiB
4.2 KiB
CHANGELOG
1.15.0 - 2021-04-19
- Use fallback cache duration (defaults to 1 hour) when fetching public keys from Google and the response doesn't contain cache headers.
- Add additional URL to fetch Google's public keys.
1.14.0 - 2020-12-09
- Drop the
V3suffix from handlers usinglcobucci/jwt - Limit support to PHP 8.0.*
1.13.0 - 2020-11-29
- Added support for PHP 8.0
1.12.0 - 2020-11-27
- Added Tenant Awareness
- Fixed usage of deprecated functionality from
lcobucci/jwt
1.11.0 - 2020-10-04
- Updated dev-dependency on
symfony/cacheto address CVE-2019-10912 - The default branch of the GitHub repository has been renamed from
mastertomain- if you're usingdev-masteras a version constraint in yourcomposer.json, please update it todev-main. - This library can now be used with PHP 8.
1.10.0 - 2020-01-14
- Added support for Guzzle 7
- Improved error handling and error messages
1.9.1 - 2019-08-26
- Bumped
kreait/clockto^1.0.1(1.0.0 had PHPUnit required as a non-dev dependency)
1.9.0 - 2019-08-26
- Re-implemented the functionality in the
Kreait\Firebase\JWTnamespace. - Added
Kreait\Firebase\JWT\CustomTokenGeneratoras the recommended replacement forFirebase\Auth\Token\Generator - Added
Kreait\Firebase\JWT\IdTokenVerifieras the recommended replacement forFirebase\Auth\Token\Verifier - After updating, please refer to the Migration Documentation to be ready for the 2.0 release of this library.
1.8.1 - 2019-08-20
Firebase\Auth\Token\Exception\InvalidTokencan now have anyThrowableas the$previousparameter.
1.8.0 - 2019-06-12
- The "auth_time" and "iat" claims are now verified with a 5 minute leeway, this is the same behaviour as in the Firebase Admin .NET SDK (thanks @navee85)
1.7.2 - 2018-10-27
- ID Tokens must have a valid "auth_time" claim.
- The signature of an ID Token is now verified even if a prior error occured (thanks @kanoblake for reporting the issue and providing a test case)
- Tokens with an invalid signature now throw a
Firebase\Auth\Token\Exception\InvalidSignatureexception. It extends the previously thrownFirebase\Auth\Token\Exception\InvalidToken, so existing behaviour doesn't change.
1.7.1 - 2018-01-07
- Fix bug that not more than one custom token could be created at a time.
1.7.0 - 2018-01-03
- Cache results from the HTTP Key Store in a PSR-16 cache (default: in memory)
- Deprecated
Firebase\Auth\Token\Handler.
1.6.1 - 2017-07-12
- Add missing
$expiresAtparameter when creating a custom token with the Handler.
1.6.0 - 2017-07-12
- Allow a custom expiration time for custom tokens.
1.5.0 - 2017-04-03
- Allow the usage of a custom key store when using the Handler.
1.4.0 - 2017-03-15
- Token verification now includes existence checks for claims (follow up to kreait/firebase-php#70)
1.3.0 - 2017-03-02
- Tokens that seem to be issued in the future now cause a
Firebase\Auth\Token\Exception\IssuedInTheFutureexception. It includes the hint that the system time might not be correct.
1.2.1 - 2017-03-01
- Fixed message on UnknownKey exceptions.
1.2.0 - 2017-02-28
- Expired tokens now throw a
Firebase\Auth\Token\Exception\ExpiredTokenexception. It extends the previously thrownFirebase\Auth\Token\Exception\InvalidToken, so existing behaviour doesn't change.
1.1.1 - 2017-02-19
- Fixed https://github.com/kreait/firebase-php/issues/65: invalid custom token when no claims are given.
1.1.0 - 2017-02-18
- Replaced
StaticKeyStorewithHttpKeyStore, which fetches frech Google Public Keys each time itsget()method is invoked. Caching can be implemented by injecting an HTTP client with a cache middleware, e.g. kevinrob/guzzle-cache-middleware.
1.0.1 - 2017-02-07
- Removed non-functional debug header
- Added
"php": "^7.0"requirement tocomposer.json
1.0.0 - 2017-02-05
- Initial release