Releases: auth0/auth0-PHP
8.5.0
This release improves the SDK's automatic discovery process of compatible HTTP clients, factories and messages (PSR-18, 17 and 7, respectively). If you encounter issues with your implementation not being discovered, please open an issue.
This release also introduces support for a number of additional Management API endpoints.
Added
-
State Management
- Added
Auth0\SDK\Auth0::refreshState()to force a refresh of the SDK's internal state. This is useful when you have updated the SDK's configuration and want to ensure the SDK is using the latest values.
- Added
-
Management API
Auth0\APIs\Management\UsersDELETE /users/:id/authenticators→deleteAllAuthenticators()(#702) (Documentation)
- Support for Authentication Method endpoints: (#707):
GET /api/v2/users/:user/authentication-methods→getAuthenticationMethods()(Documentation)PUT /api/v2/users/:user/authentication-methods→replaceAuthenticationMethods()(Documentation)DELETE /api/v2/users/:user/authentication-methods→deleteAuthenticationMethods(string user)(Documentation)POST /api/v2/users/:user/authentication-methods→createAuthenticationMethod()(Documentation)GET /api/v2/users/:user/authentication-methods/:method→getAuthenticationMethod()(Documentation)PATCH /api/v2/users/:user/authentication-methods/:method→updateAuthenticationMethod()(Documentation)DELETE /api/v2/users/:user/authentication-methods/:method→deleteAuthenticationMethod()(Documentation)
Fixed
- Transient storage would sometimes not be fully cleared after a successful code exchange under certain conditions.
- Calls to certain methods under
Auth0\SDK\API\Authenticationwith manually assignedclient_idorclient_secretparameters could have those values overwritten by the SDK's assigned configuration. #705
Changed
- Upgraded test suite to PEST 2.0 framework.
- Updated code styling rules, along with some light refactoring.
- Updated production dependencies:
- Replaced
php-http/discoverydependency withpsr-discovery/all. - Replaced
php-http/httplugdependency withpsr-discovery/all.
- Replaced
- Updated development dependencies:
- Removed
ergebnis/composer-normalizeas it now runs in CI. - Removed
firebase/php-jwtas it was replaced by an in-library generator. - Replaced
hyperf/eventwithsymfony/event-dispatcher. - Replaced
laravel/pintwithfriendsofphp/php-cs-fixer. - Replaced
nyholm/psr7withpsr-mock/http-factory-implementation. - Replaced
php-http/mock-clientwithpsr-mock/http-client-implementation. - Updated
vimeo/psalmto 5.8. - Updated
phpstan/phpstanto 1.10. - Updated
rector/rectorto 0.15.
- Removed
Thanks to our contributors for this release: knash94
8.4.0
8.3.8
8.3.7
Fixed
- fix: emailPasswordlessStart() incorrectly passes
paramsasarrayunder some conditions #670 (evansims) - fix: Remove redundant Cache
getItem()call inAuth0\SDK\Token\Verifier::getKeySet()#669 (pkivits-litebit)
8.3.6
8.3.5
8.3.4
8.3.3
8.3.2
8.3.1
Changed
Fixed
Note: Previously in some circumstances, cookie secrets were not always being required in strategies where they should have been required. This has been resolved as part of the fixes in this release. If you are suddenly prompted to configure a cookie secret in an app that doesn't use sessions/cookies, please ensure you are using the correct strategy: https://github.com/auth0/auth0-PHP/tree/8.3.1#configuration-strategies