Changelog for ruby3.2-rubygem-doorkeeper-5.7.0-1.6.i586.rpm :

* Fri Jun 21 2024 Dan Čermák - 5.7.0:- [#1696] Add missing #issued_token method to OAuth::TokenResponse- [#1697] Allow a TokenResponse body to be customized (memoize response body).- [#1702] Fix bugs for error response in the form_post and error view- [#1660] Custom access token attributes are now considered when finding matching tokens (fixes #1665). Introduce revoke_previous_client_credentials_token configuration option. 5.6.9:
* [#1691] Make new Doorkeeper errors backward compatible with older extensions.
* Mon Jan 29 2024 Dan Čermák - 5.6.8:- [#1680] Fix handle_auth_errors :raise NotImplementedError
* Tue Nov 28 2023 Dan Čermák - 5.6.7:- [#1662] Specify uri_redirect validation class explicitly.- [#1652] Add custom attributes support to token generator.- [#1667] Pass `client` instead of `grant.application` to `find_or_create_access_token`.- [#1673] Honor `custom_access_token_attributes` in client credentials grant flow.- [#1676] Improve AuthorizationsController error response handling- [#1677] Fix URIHelper.valid_for_authorization? breaking for non url URIs.
* Thu Nov 02 2023 Dan Čermák - 5.6.6:- [#1644] Update HTTP headers.- [#1646] Block public clients automatic authorization skip.- [#1648] Add custom token attributes to Refresh Token Request.- [#1649] Fixed custom_access_token_attributes related errors. 5.6.5:- [#1602] Allow custom data to be stored inside access grants/tokens.- [#1634] Code refactoring for custom token attributes.- [#1639] Add grant type validation to avoid Internal Server Error for DELETE /oauth/authorize endpoint. 5.6.4:
* [#1633] Apply ORM configuration in #to_prepare block to avoid autoloading errors. 5.6.3:- [#1622] Drop support for Rubies 2.5 and 2.6- [#1605] Fix URI validation for Ruby 3.2+.- [#1625] Exclude endless access tokens from `StaleRecordsCleaner`.- [#1626] Remove deprecated `active_record_options` config option.- [#1631] Fix regression with redirect behavior after token lookup optimizations (redirect to app URI when found).- [#1630] Special case unique index creation for refresh_token on SQL Server.- [#1627] Lazy evaluate Doorkeeper config when loading files and executing initializers.
* Wed Dec 07 2022 Stephan Kulow updated to version 5.6.2 see installed CHANGELOG.md [#]# 5.6.2 - [#1604] Fix fetching of the application when custom application_class defined. [#]# 5.6.1 - [#1593] Add support for Trilogy ActiveRecord adapter. - [#1597] Add optional support to use the url path for the native authorization code flow. Ports forward [#1143] from 4.4.3 - [#1599] Remove unnecessarily re-fetch of application object when creating an access token.
* Mon Oct 10 2022 Stephan Kulow updated to version 5.6.0 see installed CHANGELOG.md [#]# 5.6.0 - [#1581] Consider `token_type_hint` when searching for access token in TokensController to avoid extra database calls. [#]# 5.6.0.rc1 - [#1558] Fixed bug: able to obtain a token with default scopes even if they are not present in the application scopes when using client credentials. - [#1567] Only filter `code` parameter if authorization_code grant flow is enabled. [#]# 5.6.0.rc1 - [#1551] Change lazy loading for ORM to be Ruby standard autoload. - [#1552] Remove duplicate IDs on Auth form to improve accessibility. - [#1542] Improve performance of `Doorkeeper::AccessToken#matching_token_for` using database specific SQL time math.
*
*[IMPORTANT]
*
*: API of the `Doorkeeper::AccessToken#matching_token_for` method has changed and now it returns only
*
*active
*
* access tokens (previously they were just not revoked). Please remember that the idea of the `reuse_access_token` option is to check for existing _active_ token (see configuration option description).
* Tue Jan 25 2022 Stephan Kulow updated to version 5.5.4 see installed CHANGELOG.md
* Thu Jun 24 2021 Stephan Kulow updated to version 5.5.2 see installed CHANGELOG.md
* Fri Sep 25 2020 Stephan Kulow updated to version 5.4.0 see installed CHANGELOG.md
* Thu May 07 2020 Stephan Kulow - updated to version 5.3.3 see installed CHANGELOG.md [#]# 5.3.3 - [#1404] Backport: Make `Doorkeeper::Application#read_attribute_for_serialization` public. [#]# 5.3.2 - [#1371] Backport: add `#as_json` method and attributes serialization restriction for Application model. Fixes information disclosure vulnerability (CVE-2020-10187).
*
*[IMPORTANT]
*
* you need to re-implement `#as_json` method for Doorkeeper Application model if you previously used `#to_json` serialization with custom options or attributes or rely on JSON response from /oauth/applications.json or /oauth/authorized_applications.json. This change is a breaking change which restricts serialized attributes to a very small set of columns.