4.5.3

What's Changed

• Update yoast/phpunit-polyfills requirement from ^2.0 to ^3.0 by @dependabot in #277
• Add Variable Analysis and Fix Results by @dshanske in #280
• Remove Grunt as a dependency for the build by @dshanske in #281
• Add CP Unit Testing and updated plugin header and readme header by @dshanske in #282

Full Changelog: 4.5.2...4.5.3

Version 4.5.1

What's Changed

• Fix unittests by @pfefferle in #274
• Check if download is valid before trying to sideload it by @dshanske in #272
• Update class-indieauth-authorize.php by @janboddez in #273
• Bump version by @dshanske in #275

Full Changelog: 4.5.0...4.5.1

Version 4.5.0

• Add Support for Client JSON metadata discovery
• Deprecate Manifest Client discovery as experimental feature superseded by permanent one
• Fix declaration error

4.4.2

What's Changed

• Prevent returning 401 for other successful OAuth2 plugins by @akirk in #263

Full Changelog: 4.4.1...4.4.2

Version 4.4.1

What's Changed

• Refine Tickets by @dshanske in #259
• Add IndieAuth Client Discovery using MF2 and Bump Version by @dshanske in #260

Full Changelog: 4.4.0...4.4.1

4.4.0

What's Changed

• Remove remote endpoint functionality already disabled
• Rearrange so each endpoint is more independent and registers its own parameters
• Add way to register new grant types.
• Rewrite Web Signin to support latest version of flow.
• Add PKCE support to websignin flow
• Fix issue with PKCE support where it would not actually verify PKCE for token flow because PKCE is optional
• Invert PKCE message to highlight when PKCE is not being used over it being used.
• Do not do client discovery on a non-retrievable URL
• Validate identifiers to IndieAuth Spec
• Remove URL plus password login as part of effort to simplify code.
• Fix error message surfacing in websignin form
• Fix CSS on websignin and authorization forms to not misrender the language bar.
• Fix deprecation notice by @janboddez in #254
• Update Web Sign In and PKCE by @dshanske in #257
• Remove Remote Endpoint Code and Refactor Code by @dshanske in #255
• Add Validation Functions and Fix CSS by @dshanske in #258

4.3.0

What's Changed

• Resolve Issue 237 by @dshanske in #239
• Clients by @dshanske in #231
• Allow other OAuth2 providers by @akirk in #245
• fix cli calls by @pfefferle in #247
• Dev Dependencies Fixes by @dshanske in #240
• version bump by @pfefferle in #249
• Switch from using name as the slug to client ID by @dshanske in #250
• Update yoast/phpunit-polyfills requirement from ^1.0 to ^2.0 by @dependabot in #251
• Update dealerdirect/phpcodesniffer-composer-installer requirement from ^0.7 to ^1.0 by @dependabot in #241

Full Changelog: 4.2.1...4.3.0

4.2.1

Bump version to release

Version 4.2.0

What's Changed

• Add IndieAuth Metadata Endpoint by @dshanske in #226
• New Endpoints by @dshanske in #227

Full Changelog: 4.1.1...4.2.0

Version 4.1.0

• Add experimental ticket auth endpoint
• Bug fix on endpoint discovery discovered during ticket auth development
• Introduce Token Introspection Endpoint as per proposal to integrate RFC7662. For now, will exist concurrently with the older token verification response until it is deprecated.
• Ensure profile responses are returned when appropriate.
• Misc Bug Fixes discovered in unit testing
• Updating of settings configuration
• Improved default for user who gets to identify as root of site.
• Introduce Refresh Token Functionality
• Create was not pre-checked in new selections when offered as an option.