tao-test/app/vendor/oat-sa/lib-lti1p3-core/CHANGELOG.md

CHANGELOG
=========

6.7.1
-----

* `LtiMessage` auto submit script wrapped by `window.onload` callback

6.7.0
-----

* Add LtiSystemRole supporting [TestUser role](https://www.imsglobal.org/spec/lti/v1p3/#lti-vocabulary-for-system-roles)

6.6.0
-----

* Added MessagePayloadClaimsExtractor to ease message claims extraction
* Updated documentation

6.5.0
-----

* Extended psr/log dependency versions

6.4.0
-----

* Extended psr/cache dependency versions

6.3.1
-----

* Fixed [CVE-2021-41106](https://github.com/advisories/GHSA-7322-jrq4-x5hf) issue

6.3.0
-----

* Added [submission review service](https://www.imsglobal.org/spec/lti-sr/v1p0) support (validator and claims)

6.2.0
-----

* Added [proctoring end assessment message](https://www.imsglobal.org/spec/proctoring/v1p0#h.ooq616k28cwm) tool launch validator support
* Fixed issue [#128](https://github.com/oat-sa/lib-lti1p3-core/issues/128)

6.1.0
-----

* Added claim support for [proctoring end assessment message](https://www.imsglobal.org/spec/proctoring/v1p0#h.ooq616k28cwm)

6.0.1
-----

* Fixed issue [#119](https://github.com/oat-sa/lib-lti1p3-core/issues/119)

6.0.0
-----

* Added [migration guide](https://github.com/oat-sa/lib-lti1p3-core/wiki/Migration-from-5.x-to-6.x) to document breaking changes and migration steps
* Added LaunchValidatorInterface, PlatformLaunchValidatorInterface and ToolLaunchValidatorInterface
* Added AccessTokenResponseGeneratorInterface
* Added RequestAccessTokenValidatorInterface and RequestAccessTokenValidationResultInterface
* Moved PlatformLaunchValidator in Platform sub namespace  
* Moved ToolLaunchValidator in Tool sub namespace
* Fixed LtiServiceServer media type handling
* Fixed LtiServiceClient grant assertion aud claim  
* Fixed AgsClaim with not mandatory line item container url 
* Fixed OAuth2 token validation to support multiple audiences 
* Fixed proctoring start assessment message validator with resource link check 
* Updated LtiServiceServerRequestHandlerInterface signature
* Updated Guzzle dependency to ^6.5 || ^7.0 
* Updated documentation

5.0.1
-----

* Fixed [CVE-2021-30130 issue](https://github.com/advisories/GHSA-vf4w-fg7r-5v94)

5.0.0
-----

* Added [migration guide](https://github.com/oat-sa/lib-lti1p3-core/wiki/Migration-from-4.x-to-5.x) to document breaking changes and migration steps
* Added psalm support
* Added support of nullable error for Result based classes
* Added LtiServiceServer component to ease providing LTI services
* Moved Service\Server namespace into Security\OAuth2
* Moved UserAuthenticationResultInterface in Result sub namespace
* Moved UserAuthenticationResult in Result sub namespace
* Renamed JwksServer into JwksRequestHandler
* Renamed OidcInitiationServer into OidcInitiationRequestHandler
* Renamed OidcAuthenticationServer into OidcAuthenticationRequestHandler
* Renamed AccessTokenRequestValidator into RequestAccessTokenValidator
* Renamed AccessTokenRequestValidatorResult into RequestAccessTokenValidatorResult
* Renamed ServiceClientInterface into LtiServiceClientInterface
* Renamed ServiceClient into LtiServiceClient
* Fixed globally nullable parameters for classes constructors  
* Fixed deprecated legacy user identifier claim
* Updated UserAuthenticatorInterface signature  
* Updated documentation

4.2.0
-----

* Added enhanced role management: type (system, institution, context), core / non core, long / short names & automatic validation
* Updated LtiMessagePayloadInterface with getValidatedRoleCollection() method (allows easy access to validated roles from launches)
* Updated documentation

4.1.0
-----

* Added invalid access token cache busting on 401 LTI service response (with auto retry)

4.0.0
-----

* Added [migration guide](https://github.com/oat-sa/lib-lti1p3-core/wiki/Migration-from-3.x-to-4.x) to document breaking changes and migration steps
* Added PHP 8 support (and kept >=7.2)
* Added algorithms support for RS384/512, HS256/384/512, ES256/384/512 (on top of RS256)
* Added wrapper interfaces for JWT handling (builder, parser, validator), with default implementation based on [lcobucci/jwt](https://github.com/lcobucci/jwt)
* Added multiple audiences support in JWT handling
* Added collection, result and ids generator utils
* Added more security testing tools 
* Fixed issue [#74](https://github.com/oat-sa/lib-lti1p3-core/issues/74)
* Fixed ServiceClient to work with 201 access token endpoint response  
* Updated documentation

3.3.1
-----

* Updated the version of ramsey/uuid dependency to allow the use of version 4 

3.3.0
-----

* Added OidcTestingTrait to ease OIDC based testing flows 

3.2.2
-----

* Fixed lcobucci/jwt dependency to version 3.3.3

3.2.1
-----

* Added fallback to JWKS lookup to check URL if key is not found in cache

3.2.0
-----

* Added possibility to specify allowed scopes for service calls validation
* Fixed service client repository audience check
* Updated documentation

3.1.1
-----

* Fixed DeepLinkingSettingsClaim boolean properties handling (select multiple, auto create)

3.1.0
-----

* Added PSR15 support for OIDC (init and auth) server components
* Added possibility to reset the MessagePayloadBuilder to allow multiple generation
* Added possibility to add several claims at once on the MessagePayloadBuilder
* Added tool originating DeepLinking response messages stronger validation (on settings data claim)
* Updated documentation

3.0.0
-----

* Added Travis integration
* Added claims handling for DeepLinking, ACS, and Proctoring
* Added PSR7 aware components to automate JWKS and OIDC (init and auth) exposition
* Added content item resources for DeepLinking (form DeepLinking specifications)
* Added new core message layer foundations (new interfaces and abstractions)
* Added core tool originating message layer (builder, validator, result) based on new foundations
* Reworked (breaking changes) core platform originating message layer (builder, validator, result) based on new foundations
* Fixed issue [#46](https://github.com/oat-sa/lib-lti1p3-core/issues/46)
* Updated php dependency to >= 7.2.0
* Updated phpunit dependency to 8.5.8
* Updated documentation

2.4.0
-----

* Added Basic Outcome claim handling

2.3.0
-----

* Added UserIdentityFactoryInterface
* Added NRPS claim getter on LtiMessageInterface

2.2.0
-----

* Added UserIdentityFactory

2.1.0
-----

* Added additional properties handling to the UserIdentity
* Added NRPS claim handling
* Adapted JWT validations to test expiry first, to spare useless checks
* Adapted tool message validator to match IMS certification requirements

2.0.4
-----

* Fixed ServiceClient access tokens caching scoping

2.0.3
-----

* Fixed JwksExporter output structure

2.0.2
-----

* Fixed OidcAuthenticationRequest parameters exposition

2.0.1
-----

* Fixed ServiceClient header


2.0.0
-----

* Updated AccessTokenResponseGenerator to generate for a key chain instead of a registration

1.2.0
-----

* Added getOidcState() method to LtiLaunchRequestValidationResult

1.1.0
-----

* Added findAll() method to RegistrationRepositoryInterface

1.0.0
-----

* Provided core messages implementation and documentation
* Provided core services implementation and documentation
Code, before instalation. 2022-08-29 20:14:13 +02:00			`CHANGELOG`
			`=========`

			`6.7.1`
			`-----`

			* `LtiMessage` auto submit script wrapped by `window.onload` callback

			`6.7.0`
			`-----`

			`* Add LtiSystemRole supporting [TestUser role](https://www.imsglobal.org/spec/lti/v1p3/#lti-vocabulary-for-system-roles)`

			`6.6.0`
			`-----`

			`* Added MessagePayloadClaimsExtractor to ease message claims extraction`
			`* Updated documentation`

			`6.5.0`
			`-----`

			`* Extended psr/log dependency versions`

			`6.4.0`
			`-----`

			`* Extended psr/cache dependency versions`

			`6.3.1`
			`-----`

			`* Fixed [CVE-2021-41106](https://github.com/advisories/GHSA-7322-jrq4-x5hf) issue`

			`6.3.0`
			`-----`

			`* Added [submission review service](https://www.imsglobal.org/spec/lti-sr/v1p0) support (validator and claims)`

			`6.2.0`
			`-----`

			`* Added [proctoring end assessment message](https://www.imsglobal.org/spec/proctoring/v1p0#h.ooq616k28cwm) tool launch validator support`
			`* Fixed issue [#128](https://github.com/oat-sa/lib-lti1p3-core/issues/128)`

			`6.1.0`
			`-----`

			`* Added claim support for [proctoring end assessment message](https://www.imsglobal.org/spec/proctoring/v1p0#h.ooq616k28cwm)`

			`6.0.1`
			`-----`

			`* Fixed issue [#119](https://github.com/oat-sa/lib-lti1p3-core/issues/119)`

			`6.0.0`
			`-----`

			`* Added [migration guide](https://github.com/oat-sa/lib-lti1p3-core/wiki/Migration-from-5.x-to-6.x) to document breaking changes and migration steps`
			`* Added LaunchValidatorInterface, PlatformLaunchValidatorInterface and ToolLaunchValidatorInterface`
			`* Added AccessTokenResponseGeneratorInterface`
			`* Added RequestAccessTokenValidatorInterface and RequestAccessTokenValidationResultInterface`
			`* Moved PlatformLaunchValidator in Platform sub namespace`
			`* Moved ToolLaunchValidator in Tool sub namespace`
			`* Fixed LtiServiceServer media type handling`
			`* Fixed LtiServiceClient grant assertion aud claim`
			`* Fixed AgsClaim with not mandatory line item container url`
			`* Fixed OAuth2 token validation to support multiple audiences`
			`* Fixed proctoring start assessment message validator with resource link check`
			`* Updated LtiServiceServerRequestHandlerInterface signature`
			`* Updated Guzzle dependency to ^6.5 \|\| ^7.0`
			`* Updated documentation`

			`5.0.1`
			`-----`

			`* Fixed [CVE-2021-30130 issue](https://github.com/advisories/GHSA-vf4w-fg7r-5v94)`

			`5.0.0`
			`-----`

			`* Added [migration guide](https://github.com/oat-sa/lib-lti1p3-core/wiki/Migration-from-4.x-to-5.x) to document breaking changes and migration steps`
			`* Added psalm support`
			`* Added support of nullable error for Result based classes`
			`* Added LtiServiceServer component to ease providing LTI services`
			`* Moved Service\Server namespace into Security\OAuth2`
			`* Moved UserAuthenticationResultInterface in Result sub namespace`
			`* Moved UserAuthenticationResult in Result sub namespace`
			`* Renamed JwksServer into JwksRequestHandler`
			`* Renamed OidcInitiationServer into OidcInitiationRequestHandler`
			`* Renamed OidcAuthenticationServer into OidcAuthenticationRequestHandler`
			`* Renamed AccessTokenRequestValidator into RequestAccessTokenValidator`
			`* Renamed AccessTokenRequestValidatorResult into RequestAccessTokenValidatorResult`
			`* Renamed ServiceClientInterface into LtiServiceClientInterface`
			`* Renamed ServiceClient into LtiServiceClient`
			`* Fixed globally nullable parameters for classes constructors`
			`* Fixed deprecated legacy user identifier claim`
			`* Updated UserAuthenticatorInterface signature`
			`* Updated documentation`

			`4.2.0`
			`-----`

			`* Added enhanced role management: type (system, institution, context), core / non core, long / short names & automatic validation`
			`* Updated LtiMessagePayloadInterface with getValidatedRoleCollection() method (allows easy access to validated roles from launches)`
			`* Updated documentation`

			`4.1.0`
			`-----`

			`* Added invalid access token cache busting on 401 LTI service response (with auto retry)`

			`4.0.0`
			`-----`

			`* Added [migration guide](https://github.com/oat-sa/lib-lti1p3-core/wiki/Migration-from-3.x-to-4.x) to document breaking changes and migration steps`
			`* Added PHP 8 support (and kept >=7.2)`
			`* Added algorithms support for RS384/512, HS256/384/512, ES256/384/512 (on top of RS256)`
			`* Added wrapper interfaces for JWT handling (builder, parser, validator), with default implementation based on [lcobucci/jwt](https://github.com/lcobucci/jwt)`
			`* Added multiple audiences support in JWT handling`
			`* Added collection, result and ids generator utils`
			`* Added more security testing tools`
			`* Fixed issue [#74](https://github.com/oat-sa/lib-lti1p3-core/issues/74)`
			`* Fixed ServiceClient to work with 201 access token endpoint response`
			`* Updated documentation`

			`3.3.1`
			`-----`

			`* Updated the version of ramsey/uuid dependency to allow the use of version 4`

			`3.3.0`
			`-----`

			`* Added OidcTestingTrait to ease OIDC based testing flows`

			`3.2.2`
			`-----`

			`* Fixed lcobucci/jwt dependency to version 3.3.3`

			`3.2.1`
			`-----`

			`* Added fallback to JWKS lookup to check URL if key is not found in cache`

			`3.2.0`
			`-----`

			`* Added possibility to specify allowed scopes for service calls validation`
			`* Fixed service client repository audience check`
			`* Updated documentation`

			`3.1.1`
			`-----`

			`* Fixed DeepLinkingSettingsClaim boolean properties handling (select multiple, auto create)`

			`3.1.0`
			`-----`

			`* Added PSR15 support for OIDC (init and auth) server components`
			`* Added possibility to reset the MessagePayloadBuilder to allow multiple generation`
			`* Added possibility to add several claims at once on the MessagePayloadBuilder`
			`* Added tool originating DeepLinking response messages stronger validation (on settings data claim)`
			`* Updated documentation`

			`3.0.0`
			`-----`

			`* Added Travis integration`
			`* Added claims handling for DeepLinking, ACS, and Proctoring`
			`* Added PSR7 aware components to automate JWKS and OIDC (init and auth) exposition`
			`* Added content item resources for DeepLinking (form DeepLinking specifications)`
			`* Added new core message layer foundations (new interfaces and abstractions)`
			`* Added core tool originating message layer (builder, validator, result) based on new foundations`
			`* Reworked (breaking changes) core platform originating message layer (builder, validator, result) based on new foundations`
			`* Fixed issue [#46](https://github.com/oat-sa/lib-lti1p3-core/issues/46)`
			`* Updated php dependency to >= 7.2.0`
			`* Updated phpunit dependency to 8.5.8`
			`* Updated documentation`

			`2.4.0`
			`-----`

			`* Added Basic Outcome claim handling`

			`2.3.0`
			`-----`

			`* Added UserIdentityFactoryInterface`
			`* Added NRPS claim getter on LtiMessageInterface`

			`2.2.0`
			`-----`

			`* Added UserIdentityFactory`

			`2.1.0`
			`-----`

			`* Added additional properties handling to the UserIdentity`
			`* Added NRPS claim handling`
			`* Adapted JWT validations to test expiry first, to spare useless checks`
			`* Adapted tool message validator to match IMS certification requirements`

			`2.0.4`
			`-----`

			`* Fixed ServiceClient access tokens caching scoping`

			`2.0.3`
			`-----`

			`* Fixed JwksExporter output structure`

			`2.0.2`
			`-----`

			`* Fixed OidcAuthenticationRequest parameters exposition`

			`2.0.1`
			`-----`

			`* Fixed ServiceClient header`


			`2.0.0`
			`-----`

			`* Updated AccessTokenResponseGenerator to generate for a key chain instead of a registration`

			`1.2.0`
			`-----`

			`* Added getOidcState() method to LtiLaunchRequestValidationResult`

			`1.1.0`
			`-----`

			`* Added findAll() method to RegistrationRepositoryInterface`

			`1.0.0`
			`-----`

			`* Provided core messages implementation and documentation`
			`* Provided core services implementation and documentation`