3.2.2

• Merged #186: Send HTTP 401 status is for invalid_token, not insufficient_scope

3.2.1

• Merged #178: General improvements to Resource server errors

2.1.3

Added normalize headers because it's required by lucadegasperi/oauth2-server-laravel.

Fixes #170

2.1.2

Seeing as 2.1.1 is the version required by lucadegasperi/oauth2-server-laravel for Laravel 4 users, it seemed important to get this bug-fix into the 2.x branch as well as 3.x.

• Fix checking for access token in $_SERVER['HTTP_AUTHORIZATION'], which effects the PHP development server, FortRabbit and probably plenty of other environments.

3.1.2

• Support Authorization being an environment variable. See more

3.1.1

• Normalize headers when getallheaders() is available (Issues #108 and #114)

3.1.0

• No longer necessary to inject the authorisation server into a grant, the server will inject itself
• Added test for 1419ba8

3.0.1

• Forgot to tell TravisCI from testing PHP 5.3

3.0.0

• Fixed spelling of Implicit grant class (Issue #84)
• Travis CI now tests for PHP 5.5
• Fixes for checking headers for resource server (Issues #79 and #)
• The word "bearer" now has a capital "B" in JSON output to match OAuth 2.0 spec
• All grants no longer remove old sessions by default
• All grants now support custom access token TTL (Issue #92)
• All methods which didn't before return a value now return $this to support method chaining
• Removed the build in DB providers - these will be put in their own repos to remove baggage in the main repository
• Removed support for PHP 5.3 because this library now uses traits and will use other modern PHP features going forward
• Moved some grant related functions into a trait to reduce duplicate code

2.1.1

• Added conditional isValid() flag to check for Authorization header only (thanks @alexmcroberts)
• Fixed semantic meaning of requireScopeParam() and requireStateParam() by changing their default value to true
• Updated some duff docblocks
• Corrected array key call in Resource.php (Issue #63)