[Summary view] [Print] [Text view]

   1  * API Changes
   2    * AX::FetchResponse::fromSuccessResponse - return null when AX
   3      response arguments are absent
   4    * Alter AX fromOpenIDRequest() to take Auth_OpenID_AuthRequest
   5      object instead of Auth_OpenID_Message object so that it matches
   6      its counterpart methods in SREG and PAPE extensions.
   7    * PAPE (Provider Authentication Policy Extension) module
   8        * Updated extension for specification draft 2
   9        * Auth_OpenID_PAPE_Request::fromSuccessResponse returns None if
  10          PAPE response arguments were not signed
  11    * Added functions to generate request/response HTML forms with
  12      auto-submission javascript
  13        * Consumer (relying party) API:
  14          Auth_OpenID_AuthRequest::htmlMarkup
  15        * Server API: Auth_OpenID_OpenIDResponse::toHTML
  16  
  17  * New Features
  18    * Added examples/discover.php, an OpenID service discovery tool
  19    * Add optional form_tag_attrs argument to
  20      Auth_OpenID_ServerResponse::toFormMarkup for setting arbitrary
  21      FORM element attributes
  22    * Fetchers now only read/request first megabyte of response
  23  
  24  * Bug Fixes
  25    * NOT NULL constraints were added to SQLStore tables where
  26      appropriate
  27    * Yadis discovery now properly falls back to HTML-based discovery if
  28      it fails to get an XRDS document
  29    * Auth_OpenID_Decoder now behaves correctly when given a protocol
  30      message with an invalid OpenID namespace or a missing OpenID mode
  31    * Auth_OpenID_OpenIDResponse::toFormMarkup: Use return_to from the
  32      request, not the response fields (Not all responses (i.e. cancel,
  33      setup_needed) include a return_to field.)
  34    * normalize return_to URL before performing return_to verification
  35    * Auth_OpenID_Consumer::_verifyDiscoveryResults: fall back to OpenID
  36      1.0 type if 1.1 endpoint cannot be found
  37    * Auth_Yadis_ParanoidHTTPFetcher now works correctly with both array
  38      and non-array CURL versions
  39    * Clarified licensing language in all source files
  40    * OpenID 1 association requests no longer explicitly set
  41      no-encryption session type
  42    * Auth_OpenID_ServiceEndpoint::getDisplayIdentifier no longer
  43      includes a fragment, if present, in display identifiers
  44    * check_authentication requests: copy entire response, not just
  45      signed fields.  Fixes missing namespace in check_authentication
  46      requests
  47    * Yadis discovery now includes application/xhtml+xml and qualities
  48      in the Accept header
  49    * Normalize URLs correctly with URINorm.php
  50    * Auth_OpenID_MySQLStore: Use ENGINE instead of TYPE when creating
  51      tables