Contents

## 0.0.2 (29/5/2020)

### Features

* Implementation of PKCE by OAuth Public Clients (https://tools.ietf.org/html/rfc7636);
* Implementation of grants using "access_type" and "approval_prompt" ([similar to what Google OAuth 2.0 API does](https://wiki.scn.sap.com/wiki/display/Security/Access+Google+APIs+using+the+OAuth+2.0+Client+API));

### Improvements

* Store token/refresh token hashes in the database, instead of the "plain" tokens;
* Client secret hashed by default, and provided by the application owner;

### Fix

* usage of client secret for authorizing the generation of tokens, as the spec mandates (and refraining from them when doing PKCE).

Version data entries

23 entries across 23 versions & 1 rubygems

Version	Path
rodauth-oauth-1.6.3	doc/release_notes/0_0_2.md
rodauth-oauth-1.6.2	doc/release_notes/0_0_2.md
rodauth-oauth-1.6.0	doc/release_notes/0_0_2.md
rodauth-oauth-1.5.0	doc/release_notes/0_0_2.md
rodauth-oauth-1.4.0	doc/release_notes/0_0_2.md
rodauth-oauth-1.3.2	doc/release_notes/0_0_2.md
rodauth-oauth-1.3.1	doc/release_notes/0_0_2.md
rodauth-oauth-1.3.0	doc/release_notes/0_0_2.md
rodauth-oauth-1.2.0	doc/release_notes/0_0_2.md
rodauth-oauth-1.1.0	doc/release_notes/0_0_2.md
rodauth-oauth-1.0.0	doc/release_notes/0_0_2.md
rodauth-oauth-1.0.0.pre.beta2	doc/release_notes/0_0_2.md
rodauth-oauth-1.0.0.pre.beta1	doc/release_notes/0_0_2.md
rodauth-oauth-0.10.4	doc/release_notes/0_0_2.md
rodauth-oauth-0.10.3	doc/release_notes/0_0_2.md
rodauth-oauth-0.10.2	doc/release_notes/0_0_2.md
rodauth-oauth-0.10.1	doc/release_notes/0_0_2.md
rodauth-oauth-0.10.0	doc/release_notes/0_0_2.md
rodauth-oauth-0.9.3	doc/release_notes/0_0_2.md
rodauth-oauth-0.9.2	doc/release_notes/0_0_2.md