Releases: mgomes/api_auth
Releases · mgomes/api_auth
v2.1.0 (2016-12-22)
v2.1.0
This tag was signed with the committer’s verified signature.
The key has expired.
kjg
Kevin Glowacz
4cff48b
This commit was signed with the committer’s verified signature.
The key has expired.
kjg
Kevin Glowacz
- Fixed a NoMethodError that might occur when using the NetHttp Driver (#130 grahamkenville)
- More securely compare signatures in a way that prevents timing attacks (#56 leishman, #133 will0)
- Remove support for MD2 and MD4 hashing algorithms since they are insecure (#134 will0)
- Disallow requests that are too far in the future to limit the time available for a brute force signature guess (#119 fwininger)
v2.0.1 (2016-07-25)
v2.0.1
This tag was signed with the committer’s verified signature.
The key has expired.
kjg
Kevin Glowacz
489f0e3
This commit was signed with the committer’s verified signature.
The key has expired.
kjg
Kevin Glowacz
- Support of
api_auth_optionsin ActiveResource integration (#102 fwininger) - Replace use of
#blank?with#nil?to not depend on ActiveSupport (#114 packrat386) - Fix Auth header matching to not match invalid SHA algorithms (#115 packrat386)
- Replace
alias_method_chainwithalias_methodin the railtie since
alias_method_chain is deprecated in Rails 5 (#118 mlarraz)
v2.0.0
v2.0.0
This tag was signed with the committer’s verified signature.
The key has expired.
kjg
Kevin Glowacz
45e5dab
This commit was signed with the committer’s verified signature.
The key has expired.
kjg
Kevin Glowacz
- IMPORTANT: 2.0.0 is backwards incompatible with the default settings of v1.x
v2.0.0 always includes the http method in the canonical string.
You can use the upgrade strategy in v1.4.x and above to migrate to v2.0.0
without any down time. Please see the 1.4.0 release nodes for more info - Added support for other digest algorithms like SHA-256 (#98 fwininger)