0.11.2

• Removed postinstall gulp tasks from package.json. Run manually after cloning the repo. e2c4178
• No longer calls pollPopup() for mobile InAppBrowser. 1152f48
• Fixed Facebook login in Internet Explorer browsers. Thanks @hilnius. 277c8b6
• Ionic: Updated package dependencies. 8f46f3f
• Ionic: Added cordovaPlugins and cordovaPlatforms to package.json. c73db3b
• Node: Check for available providers before "unlinking" to avoid removing other DB fields like username, password, email. af12f8b

0.11.1

This patch reverts one change that was introduced in 0.11.0.

• isAuthenticated() now returns true for any token value, not just for JWT format (three encoded parts separated by a dot).

0.11.0

❗ Note 1: Base64.js polyfill is no longer bundled with Satellizer. All major browsers except IE9 support window.btoa and window.atob functions which are used for encoding/decoding a JWT string. If you still have to support IE9 then add the following before any other scripts in HTML:

<!--[if lte IE 9]>
    <script src="//cdnjs.cloudflare.com/ajax/libs/Base64/0.3.0/base64.min.js"></script>
<![endif]-->

---

❗ Note 2: The vendor/satellizer.js and a second copy of client folder in the PHP example is no longer kept in Git repository to avoid unnecessary file duplication. As a side effect, to run server-side examples you will now have to run npm install when you download/clone this repository, which will in turn run gulp copy and gulp php tasks after all dev dependencies are installed. These two gulp tasks will copy satellizer.js from root directory to examples/client/vendor, examples/ionic/www/lib and copy the entire client directory to examples/server/php/public/. This was necessary so that when I make a change to satellizer.js I don't have to commit 3 other (duplicate) files along with it.

---

• ⚠️ : Twitter authentication (and OAuth 1.0 in general) refactoring. 50a3110 #329 (comment)
• Added an ability to toggle storage type (localStorage vs sessionStorage). 28ab484
• unlinkUrl is now correctly concatenated with `baseUrl string. f440efb
• Fixed an issue with joinUrlabsolute url concatenation. bb9573e
• Added Windows Live link/unlink account functionality. #424
• Check if isAuthenticated() is true before sending the Authorization header. bb8518b
• ⚠️ isAuthenticated() now returns false if token does not match a valid JWT structure. c875f6d
• Fixed encoding of non-english characters. #405
• Fixed documentOrigin and popupWindowOrigin host/port issue. c3655d2
• Fixed an issue with popup query params in IE11. 0112985 4b630fb
• Ionic: The satellizer.js is now copied directly to lib directory insead of lib/satellizer. 93b8e6e
• Go: Added go-lang server example. Currently only supports Facebook, Google and Twitter authentication.
• Node: Added an error message if unable to connect to MongoDB during server.js startup. 901c13c
• Node: Handle JWT decode errors via try/catch. 30799e5
• PHP: Updated Twitter example to use the new POST method for OAuth 1.0 authentication to be a little more consistent with OAuth 2.0 implementations. eb38652
• Ruby: Fixed Ruby on Rails example. Some files were not committed during the initial pull request due to being ignore by the .gitignore file.

0.10.1

• Fixed a baseUrl bug where it could result in something like the following URL: http://localhost:3000/http://myapi.com/auth/login. Furthermore, if you set baseUrl to null, it will turn off baseUrl concatenation all together. adbc9f9
• Removed unused lodash dependency from package.json. 92a7955

0.10.0

• You can now customize "Bearer" token type by overriding $authProvider.tokenType = 'Bearer'; 04f6154
• Changed all Facebook API calls to Graph API v2. c68c7ed
• Added optional redirect parameter to logout method. 4d3e0de
• $http interceptor is no longer "pushed" into config directly, but instead it is in its own factory. 8c71e36
• state parameter is now URI encoded. e5c9ebc
• Refactored localStorage methods with a storage factory which now supports both HTML5 localStorage and sessionStorage. 9e9cf7f 440130b
• Refactored domain verification. #350 418a7c6
• Fixed a bug where baseUrl could not be changed. f307555
• Ruby: Added basic Rails example. #340
• PHP: Updated Laravel version to 5.0 + complete code refactoring.
• Java: Updated Dropwizard version.
• Node.js: Removed unnecessary qs.parse() from Facebook auth example. 96d68eb

0.9.4

• Removed Node.js example "dependencies": {} from the main package.json. b254b6f
• You can now dynamically update loginRedirect outside of the config block. #319 4f5d88f

0.9.3

• fixed setToken method. 122bc2b
• fixed a problem where if popup was blocked it would throw a bunch of errors. 09cc33c
• added ionic framework example. 5973145
• added profile picture to the Profile page for github, facebook, google, foursquare and linkedin.
• clean url params and hash after logout. 7d118ab
• removed wl.basic scope from windows live provider. 9d03c3d
  node: comments and code cleanup. 710879a
  php: updated .htaccess to include Authorization header. 4f9fe3b
  php: updated secrets.php file. d1d45b5

0.9.2

• You can now configure the HTTP method (GET or POST) for $auth.unlink(). 8b6e8b4
• Fixed a bug where state was not being sent with LinkedIn authentication. ce497e9

0.9.1

• The withCredentials parameter inside the exchangeForToken http request is now optional and can be disabled. 620d58d
• JWT can now be sent inside a nested object. c06c33d

0.9.0

• Added support for OAuth 2.0 state. aad667c 925c3e7 b0aee23 2cdb967
• New optional responseParams for OAuth 2.0 for getting custom data other than code, redirect_uri and client_id. See Issue #237 for more information. 03fd4c5
• $auth.setToken's second parameter has been renamed to redirect rather than isLinking to clarify the confusion expressed in #242. 314e323
• GitHub provider now requests email scope by default. 1c7370c
• Windows Live provider now requests email scope by default. 1c7370c
• Fixed http interceptor bug where it could not be set to false. 69e9ec2
• exp JWT claims is now optional in $auth.isAuthenticated, i.e. return true if exp was never sent by server to check for token expiration date on the client, just as long as a token itself exists. 6bef39a
• Satellizer code refactoring. ec88591 07abd40 6fe6e38 1a9ed59
• Demo: Login controller .error handler can now take an error message as a string, not just as response.data.message object. 36a53cb
• Demo: Removed console.log statement from passwordMatch directive. 1329299
• Node.js: Print error to console if MongoDB is not running. 7ceda4a
• Node.js: Updated dependencies. 389e468
• Java: JSON Web Token verification. 0a2363c
• Python: Fixed Google authentication example. 2c483cd
• Python: Fixed a "typo" in GitHub authentication function when looking up a user from database. 21867c9
• PHP: Updated signup controller to handle object response from PHP back-end example. eee1a54
• PHP: Fixed unlink function. 33f7174
• PHP: Updated user signup validation. fd01f64
• README: Added responseParams to OAuth 2.0 configuration list. d275120