v0.3.1 - 2024-09-07

This patch releases fixes a bug where descriptions were not being displayed for FormTokenField types in the settings screen. Additionally, we've updated our dependencies to the latest (SemVer-compatibile) versions.

What's Changed

• fix: Display missing help text to FormTokenField types in the settings screen. H/t @alexookah
• dev: Add react-jsx-runtime polyfill for WordPress backwards-compatibility.
• chore: Update Strauss to v0.19.1.
• chore: Update Composer dependencies.
• chore: Update NPM dependencies.
• tests: Fix test helper PSR-4 namespaces.
• ci: Replace docker-compose commands with docker compose.
• ci: Test compatibility with WordPress 6.6.1.

Full Changelog: 0.3.0...0.3.1

v0.3.0 - 2024-04-06

This major release refactors the root files to use the WPGraphQL\Login namespace. It also exposes the authTokenExpiration field in the refreshToken mutation response, improves code quality, adds explicit support for WordPress 6.5.0, and more.

Note

Although this release technically contains breaking changes, these changes are limited to developers directly extending the wp-graphql-headless-login.php, wp-graphql-activation.php, wp-graphql-deactivation.php files, and the WPGraphQL\Login\Main class.
If you are using the plugin as intended, you should not experience any issues when upgrading.

What's Changed

• feat: Add the authTokenExpiration field to the refreshToken mutation response. H/t @richardaubin.
• chore!: Add WPGraphQL/RankMath namespace to root-level files ( activation.php, deactivation.php, wp-graphql-rank-math.php ).
• chore: Declare strict_types in all PHP files.
• chore: Update Composer dev-deps and fix newly-surfaced PHPCS smells.
• chore: Lock WPBrowser to v3.5.x to prevent conflicts with Codeception.
• chore: Implement PHPStan strict rules and fix type errors.
• chore: Update WPGraphQL Plugin Boilerplate to v0.1.0.
• ci: Update GitHub Actions to latest versions.
• ci: Test plugin compatibility with WordPress 6.5.0.
• ci: Update Strauss to v0.17.0

Full Changelog: 0.2.0...0.3.0

v0.2.0 - 2024-02-04

This major release bumps the minimum supported WordPress version to 6.0, and the minimum supported WPGraphQL version to 1.14.0. It also fixes a bug when extending the OAuth2Config class.

Note

This release is technically a breaking change, as the Psr dependencies are now prefixed with \WPGraphQL\Login\Vendor.
This class should only be used internally, but if for some reason you're relying on the plugin's bundled Psr classes in your own code, you'll need to update your references.

What's Changed

• fix: Avoid strict-typing League\OAuth2\Client\Provider\AbstractProvider to the \WPGraphQL\Login\Vendor namespace. H/t @pat-flew .
• chore!: Use Strauss to prefix Psr dependencies. This is a breaking change, as the Psr dependencies are now prefixed with \WPGraphQL\Login\Vendor.
• chore!: Bump minimum supported WordPress version to 6.0.
• chore!: Bump minimum supported WPGraphQL version to 1.14.0.
• chore: Refactor Autoloader class for DRYness.
• chore: Update axepress/wp-graphql-cs to latest version and lint.
• chore: Update Composer dependencies to latest.
• chore: Update NPM dependencies for WordPress 6.0+.
• chore: Cleanup CI configuration files.
• ci: Test plugin against WordPress 6.4.3.

New Contributors

• @imjlk made their first contribution in #105

Full Changelog: 0.1.4...0.2.0

v0.1.4 - 2023-10-15

This minor release fixes a bug where the determine_current_user filter was being applied too late in the lifecycle for some plugins. It also better integrates with WPGraphQL for WooCommerce's upcoming release which adds built-in support for the plugin.

We've also upgraded our coding standards and fixed all the resulting issues.

What's Changed

• fix: Apply the determine_current_user filter before the plugin is initialized. H/t @kidunot89 for reporting.
• dev: Refactor autoload handling to WPGraphQL\Login\Autoloader class. Note: this does not remove the vendor/ or vendor-prefixed/ directories from the repository.
• dev: Remove local registration of LoginPayload.customer for WooGraphQL 0.18.2+. Props @kidunot89.
• dev: Deprecate LoginPayload.wooSessionToken in favor of loginPayload.sessionToken (added in WooGraphQL 0.18.2+).
• chore: Update Composer dependencies.
• chore: Update WPGraphQL Coding Standards to v2.0.0-beta and lint.

New Contributors

• @kidunot89 made their first contribution in #91

Full Changelog: 0.1.3...0.1.4

v0.1.3 - 2023-8-20

This release includes a refactored Admin JS package for backwards-compatibility and stability, new features and developer hooks to extend and customize the authentication lifecycle, and a handful of bug fixes.

What's Changed

• feat: Add support for setting a custom scopeSeparator for Generic OAuth2 providers. H/t @martinowren for bringing this up!
• feat: Relocate Admin JS to packages/admin directory, and refactor for backwards-compatibility.
• fix: Correctly set the minimum supported WP version to 5.7. This should have been bumped in v0.0.7, but was missed.
• fix: Let the OAuth2 Provider library handle imploding the scope.
• fix: Use the correct label for the scope setting in the GitHub and LinkedIn provider settings.
• fix: Correctly pass the provider $user_data to the graphql_login_after_successful_login filter. Props @martinowren.
• dev: New actions: graphql_login_after_authenticate, graphql_login_get_user_from_data.
• dev: New filters: graphql_login_authenticated_user_data, graphql_login_pre_get_user_from_data,
  graphql_login_create_user_data.
• dev: Deprecated the graphql_login_mapped_user_data filter in favor of graphql_login_authenticated_user_data.
• chore: Update Composer deps.
• chore: Cleanup PHPCS and PHPStan configurations.
• ci: Set MariaDB to v10.x in GitHub Actions.
• ci: Test against PHP 8.2 and WordPress 6.3.
• docs: Cleanup Action and Filter references.

Full Changelog: 0.1.2...0.1.3

v0.1.2 - 2023-6-05

This release implements the new WPGraphQL Coding Standards ruleset for PHP_CodeSniffer. While many of the addressed sniffs are cosmetic, numerous smells regarding performance, type safety, sanitization, and 3rd-party interoperability have been fixed as well.

What's Changed

• chore: Implement axepress/wp-graphql-cs PHP_Codesniffer ruleset.
• chore: Update WPGraphQL Plugin Boilerplate to v0.0.9.
• chore: Update Composer dev-dependencies.

Full Changelog: 0.1.1...0.1.2

v0.1.1 - 2023-5-26

This release adds support for setting the Access-Control-Allow-Credentials header via the Headless Login settings panel. We also updated the Server-side Auth example based on the feedback and issues discovered during the WPE Builders session.

What's changed

• feat: Add support for setting Access-Control-Allow-Credentials header via the Headless Login settings panel. Props @ArkDouglas.
• dev: Make anonymous functions static where possible to reduce memory usage.
• chore: Update Composer and NPM dependencies.
• ci: Fix typo in GRAPHQL_LOGIN_JWT_SECRET_KEY when defining constants for test ehttps://youtu.be/RnJZ8VRjtBknvironment.
• docs: Update the Server-side Auth example, and add references to the AxePress Playground demo.

New Contributors

• @ArkDouglas made their first contribution in #74

Full Changelog: 0.1.0...0.1.1

v0.1.0 - 2023-04-27

This release bumps the version of the plugin to v0.1.0 to reflect the fact that it is now in a stable state. This means future releases will be SemVer compliant.

We also squashed a few bugs.

What's Changed

• fix: Restore missing props on the FormTokenControl component. Thanks @ArkDouglas for reporting!
• chore: Update NPM deps.
• docs: Fix WooGraphQL example in Server-Side example. Thanks @kidunot89 for the help!

Full Changelog: 0.0.9...0.1.0

v0.0.9 - 2023-04-22

What's Changed

• fix: Use TokenManager::refresh_user_secret() when revoking secrets on the backend to prevent UserErrors for invalid secrets.
• fix: Hide Password provider from the list of User Profile identities.
• fix: Only start a PHP session if one is not already started.
• fix: Use parent::register() in ClientOptions and LoginOptions interface classes.
• dev: Show conflict admin_notice if WPGraphQL CORS is enabled.
• chore: Update Composer dependencies.
• ci: Check compatibility with WordPress 6.2
• ci: Only test extensions against latest WP/PHP version.
• tests: Fix HttpClient mocks for headers and body.
• docs: Rewrite and restructure existing docs.
• docs: Update Next API Routes example.
• docs: Add example for using NextAuth.js

Full Changelog: 0.0.8...0.0.9

v0.0.8 - 2023-04-05

This release fixes a bug where OAuth2 (Generic) provider settings were not being accessed correctly (#56).

To address this, the provider slug was renamed from generic-oauth2 to oauth2-generic.

Note: As a result, the LoginProviderEnum name for this provider has changed from GENERIC_OAUTH2 to OAUTH2_GENERIC, and GenericClientOptions and GenericLoginOptions have been renamed to OAuth2ClientOptions and OAuth2LoginOptions, respectively. The OAuth2 Generic provider settings are not preserved.

What's Changed

• dev!: Rename OAuth2 (Generic) provider slug to oauth2-generic.
• fix: Use ProviderConfig::get_slug() for Provider registry keys. H/t @ryntab and @stephane-segning.

Full Changelog: 0.0.7...0.0.8