- Refresh token now issued when requesting new access token via Refresh Token Grant.
- Client is now validated against the existing refresh token when using the Refresh Token Grant.
- Changing test bootstrapping.
- Fixed bug where refresh token entity JSON was inserted into
oauth_token_scopestable instead of the actual token. - Clients can be marked as trusted for automatic authorization.
- Throw more meaningful exception by including a generic error type.
- Can now create and delete clients and scopes.
- User defined authorized callback is now fired once an access token has been issued.
- A "redirect_uri" parameter is now optional as per the spec when using the Authorization Code and Implicit grant types.
- Switch to PSR-4 autoloading.
- Fixed bug where resources could not be protected by a scope.
- Implemented default scopes for every resource.
- Allow tables to be set on storage adapters during runtime.
- Initial development release.