v0.17.2

• Fix broken Rubocop auto-corrected code.

v0.17.1

Do not use, please go straight to v0.17.2

• Retry SSO-flow if code is not given
• Set allow_other_host: true when redirecting to Hub (required for Rails 7 strict redirect policy). This property is backwards-compatible with older Rails versions, it's only used in Rails 7+ when ActionController::Base.raise_on_open_redirects = true is set.

v0.17.0

• Retry SSO-flow if code is not valid (anymore)

v0.16.0

• Support prompt_email_confirmation option for SSO

v0.15.1

• Consider valid_for when fetching AccessTokens from the database, and only return tokens which meet the expected validity period. This reduces the likelihood of needing to refresh the token before you can use it.

v0.15.0

• Don't return access tokens which are due to expire in <30 seconds from now, and allow configuring this property with the valid_for keyword argument.

v0.14.0

• Support prompt option for SSO
• Remove redirect_with_error=1 since it is now the default and deprecated.

v0.13.0

• Allow passing ?lang, or set the default to I18n.locale, when starting a new OAuth session

v0.12.1

• Add Zaikio::OAuthClient::SystemTestHelper for working with system tests (instructions here)

v0.12.0

• BREAKING CHANGE: Instead of working cookies.encrypted we will switch to session because the session cookie will be httponly and therefore can prevent XSS attack that set the cookie to another value. See also: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies