Releases: auth0/auth0-PHP
8.5.0
This release improves the SDK's automatic discovery process of compatible HTTP clients, factories and messages (PSR-18, 17 and 7, respectively). If you encounter issues with your implementation not being discovered, please open an issue.
This release also introduces support for a number of additional Management API endpoints.
Added
-
State Management
- Added
Auth0\SDK\Auth0::refreshState()
to force a refresh of the SDK's internal state. This is useful when you have updated the SDK's configuration and want to ensure the SDK is using the latest values.
- Added
-
Management API
Auth0\APIs\Management\Users
DELETE /users/:id/authenticators
→deleteAllAuthenticators()
(#702) (Documentation)
- Support for Authentication Method endpoints: (#707):
GET /api/v2/users/:user/authentication-methods
→getAuthenticationMethods()
(Documentation)PUT /api/v2/users/:user/authentication-methods
→replaceAuthenticationMethods()
(Documentation)DELETE /api/v2/users/:user/authentication-methods
→deleteAuthenticationMethods(string user)
(Documentation)POST /api/v2/users/:user/authentication-methods
→createAuthenticationMethod()
(Documentation)GET /api/v2/users/:user/authentication-methods/:method
→getAuthenticationMethod()
(Documentation)PATCH /api/v2/users/:user/authentication-methods/:method
→updateAuthenticationMethod()
(Documentation)DELETE /api/v2/users/:user/authentication-methods/:method
→deleteAuthenticationMethod()
(Documentation)
Fixed
- Transient storage would sometimes not be fully cleared after a successful code exchange under certain conditions.
- Calls to certain methods under
Auth0\SDK\API\Authentication
with manually assignedclient_id
orclient_secret
parameters could have those values overwritten by the SDK's assigned configuration. #705
Changed
- Upgraded test suite to PEST 2.0 framework.
- Updated code styling rules, along with some light refactoring.
- Updated production dependencies:
- Replaced
php-http/discovery
dependency withpsr-discovery/all
. - Replaced
php-http/httplug
dependency withpsr-discovery/all
.
- Replaced
- Updated development dependencies:
- Removed
ergebnis/composer-normalize
as it now runs in CI. - Removed
firebase/php-jwt
as it was replaced by an in-library generator. - Replaced
hyperf/event
withsymfony/event-dispatcher
. - Replaced
laravel/pint
withfriendsofphp/php-cs-fixer
. - Replaced
nyholm/psr7
withpsr-mock/http-factory-implementation
. - Replaced
php-http/mock-client
withpsr-mock/http-client-implementation
. - Updated
vimeo/psalm
to 5.8. - Updated
phpstan/phpstan
to 1.10. - Updated
rector/rector
to 0.15.
- Removed
Thanks to our contributors for this release: knash94
8.4.0
8.3.8
8.3.7
Fixed
- fix: emailPasswordlessStart() incorrectly passes
params
asarray
under some conditions #670 (evansims) - fix: Remove redundant Cache
getItem()
call inAuth0\SDK\Token\Verifier::getKeySet()
#669 (pkivits-litebit)
8.3.6
8.3.5
8.3.4
8.3.3
8.3.2
8.3.1
Changed
Fixed
Note: Previously in some circumstances, cookie secrets were not always being required in strategies where they should have been required. This has been resolved as part of the fixes in this release. If you are suddenly prompted to configure a cookie secret in an app that doesn't use sessions/cookies, please ensure you are using the correct strategy: https://github.com/auth0/auth0-PHP/tree/8.3.1#configuration-strategies