2010-11-09 version 1.4.0 If authorization handle is passed as request parameter (the recommended way), then you can call oauth.grant! with a single argument and oauth.deny! with no arguments. You can now call oauth.deny! at any point during the authorization flow, e.g. automatically deny all requests based on scope and client. To deny access, return status code 403 (was, incorrectly 401). Or just use oauth.deny!. Web console gets template_url setting you can use to map access token identity into a URL in your application. The substitution variable is "{id}". Added error page when authorization attempt fails (instead of endless redirect). Fixed mounting of Web console on Rails. If it failed you before, try again. Fixed documentation for configuration under Rails, clarify that all the interesting stuff happens in after_initialize. Fixed error responses for response_type=token to use fragment identifier. 2010-11-08 version 1.3.1 Added command line tool, helps you get started and setup: $ oauth2-server setup --db my_db Added a touch of color to the UI and ability to delete a client. You can not sign out of the Web console. 2010-11-07 version 1.3.0 Added OAuth authorization console. Added param_authentication option: turn this on if you need to support oauth_token query parameter or form field. Disabled by default. Added host option: only check requests sent to that host (e.g. only check requests to api.example.com). Added path option: only check requests under this path (e.g. only check requests for /api/...). 2010-11-03 version 1.2.2 Store ObjectId references in database. 2010-11-03 version 1.2.1 Make sure order of scope no longer important for access token lookup. 2010-11-02 version 1.2.0 You can now redirect to /oauth/authorize with authorization query parameter and it will do the right thing. 2010-11-02 version 1.1.1 Fixed missing rails/init.rb. 2010-11-02 version 1.1.0 Renamed oauth.resource as oauth.identity to remove confusion, besides, it's more often identity than anything else. Added automagic loading under Rails, no need to require special path. Added Rack::OAuth2::Server::Options class, easier to user than Hash. Added indexes for speedier queries. 2010-11-02 version 1.0.0 World premiere.