v2.0.0

Added

• Ability to specify a Defuse key as the encryption key (d83fefe)
• Ability to use different PSR-7/17 HTTP transport implementations (4973e1c)
• Allow configuration of the private key passphrase (f16ec67)
• Checks if dependent bundles are enabled in the application kernel (38f6641)
• Console command for clearing expired access and refresh tokens (de3e338)
• Console commands for client management (2425b3d, 56aafba)
• Server grant types can now be enabled/disabled through bundle configuration (baffa92)
• Support for the "authorization_code" server grant type (a61114a)
• Support for the "implicit" server grant type (91b3d75)
• Support for Symfony 4.3 (e4cf668)
• The bundle is now additionally tested against PHP 7.3 (9f5937b)

Changed

• Authentication exceptions are now thrown instead of setting the response object (8a505f6)
• Modernize bundle service definitions (fc1f855, ef2f557)
• Previously documented client scope inheriting and restricting is now the new default behavior (af9bffc)
• Relaxed the league/oauth2-server package version constraint to allow non-braking changes (26d9c0b)
• Use DateTimeInterface instead of DateTime whenever possible (4549252)

Fixed

• DoctrineBundle related deprecation notices (fbde15b)
• Not being able to override the "persistence" config tree from other configuration files (b62b331)
• Symfony related deprecation notices (601d482)

Removed

• Redundant configuration node options (5fa60ef)
• Support for Symfony 4.1 (4973e1c)
• Unsupported HTTP verbs on the /authorize and /token endpoints (51ef5ae)

---

Huge thank you to the following contributors for making this release possible:

• @ajgarlag
• @alexsegura
• @Allypost
• @carlos-ea
• @cGuille
• @gschafra
• @HypeMC
• @Nyholm
• @rjwebdev
• @spideyfusion
• @X-Coder264