Skip to content

Latest commit

 

History

History
77 lines (53 loc) · 2.79 KB

CHANGELOG.rdoc

File metadata and controls

77 lines (53 loc) · 2.79 KB
Raw

1.3.0

  • Code cleanups and additional debug logging (thanks Erik Ecoologic!)

  • Support Rails 5 and Devise 3.4, 3.5 and 4.x (thanks again Erik Ecoologic!)

  • Drop support for Ruby 1.9; Ruby 2.0 or greater is now required

1.2.1

  • Avoid an unnecessary method call (thanks Sander Nieuwenhuizen!)

1.2.0

  • Allow configuring a static identity_url for all users (thanks Sander Nieuwenhuizen!)

1.1.6

  • The last fix didn’t load correctly; trying a new one that patches the verify_authenticity_token callback instead.

1.1.5

  • More CSRF authenticity token fixes: for Rails 4, we need to just stop checking authenticity if we’re returning from rack-openid. Thanks to pierre-pretorius for the fix.

1.1.4

  • Remove authenticity token from return parameters, and instead stop requiring it for successful authentication. This is required to be compatible with Devise’s recent security fixes.

  • Test suite is now fully passing on Devise 1.4 through 3.0

1.1.3

  • Add authenticity token to return parameters (thanks Alexander Greim!)

1.1.2

  • Remove the requirement to manually modify the Rack middleware stack on Rails 3 (thanks Anton Orel!)

1.1.1

  • Add support for Devise >= 2.1.0

1.1.0

  • Drop support for Rails 2

  • Fix routing issues on Devise > 1.3.5 (fixes #11)

  • Convert to Bundler-style gem

  • Test using Travis

1.0.0

  • No changes

1.0.0.beta2

  • Fix a typo that was breaking all apps using create_from_identity_url.

1.0.0.beta1

  • Implement support for build_from_identity_url. create_from_identity_url is now deprecated.

    • build_from_identity_url should return a new, unsaved model instance rather than a persisted one.

    • This has multiple benefits: validation should become easier, and we can avoid doing multiple modification queries during the initial registration.

    • Switching over should be straightforward but is not a simple matter of changing the method’s name. Its behavior needs to be altered to return an unsaved instance.

    • This affects all users of devise_openid_authenticatable.

  • Attempt to pass a more correct trust_root to the OpenID provider.

  • Fill out Dimitrij’s test suite a bit more.

1.0.0.alpha7

  • GH-3: Add support for rememberable.

    • This requires an upgrade to rack-openid 1.2.0 or higher.

1.0.0.alpha5

  • GH-5: Don’t try to convert returned values to strings from AX providers

    • This requires application developers to check whether the value is an array in openid_fields= method; see updated README for details.

1.0.0.alpha4

  • GH-4: Support for SReg and AX extensions

1.0.0.alpha3

  • Compatibility with Devise 1.1 and 1.1.1

1.0.0.alpha2

  • Compatibility with pre-release versions of Devise 1.1

  • Design fix: find_by_identity_url needs to be a class method

1.0.0.alpha1

  • Initial version, basically just a packaged-up version of my OpenID strategy for Devise