All notable changes to this project will be documented in this file.
- Nothing.
- Nothing.
- Nothing.
- Fixed JWT iat leeway by requiring ruby-jwt 1.5.2
- Addedd ability to specify multiple hosted domains.
- Added a default leeway of 1 minute to JWT token validation.
- Now requires ruby-jwt 1.5.x.
- Nothing.
- Removed support for ruby 1.9.3 as ruby-jwt 1.5.x does not support it.
- Nothing.
- Verify Hosted Domain if hd is set in options.
- Nothing.
- Dependency on addressable.
- Nothing.
- Updated verify_token to use the v3 tokeninfo endpoint.
- Nothing.
- Nothing.
- Compatibility with omniauth-oauth2 1.4.0
- Nothing.
- Nothing.
- Removed some checks on the id_token. Now only parses the id_token in the JWT processing.
- Nothing.
- Nothing.
- Nothing.
- Nothing.
- Issue with omniauth-oauth2 where redirect_uri was handled improperly. We now lock the dependency to ~> 1.3.1
- Added skip_jwt option to bypass JWT decoding in case you get decoding errors.
- Nothing.
- Nothing.
- Resolved JWT::InvalidIatError. zquestz#195
- Now strips out the 'sz' parameter from profile image urls.
- Now uses 'addressable' gem for URI actions.
- Added image data to extras hash.
- Override validation on JWT token for open_id token.
- Handle authorization codes coming from an installed applications.
- Nothing.
- Nothing.
- Fixes double slashes in google image urls.
- Nothing.
- Nothing.
- Nothing.
- Hybrid authorization issues due to bad method alias.
- Support for versions of omniauth past 1.0.x.
- Nothing.
- Nothing.
- Nothing.
- Now requiring the "Contacts API" and "Google+ API" to be enabled in your Google API console.
- The old Google OAuth API support was removed without deprecation.
- Support for the old Google OAuth API.
OAuth2::Errorwill be thrown and state that access is not configured when you attempt to authenticate using the old API. See Added section for this release.
- Nothing.