-Everywhere else in the specs FactoryBot is used to create
applications....

This amends the URIChecker to allow authorization for requests that contain query params. The qu...

They expose AuthorizationController context in the :new method
Use cases: for example, when you ...

Ensure that the native redirect_uri parameter matches with redirect_uri of the client.

Even though #1045 fixes the issue with broken native redirect URLs, it bypasses
`Doorkeeper::OAu...

Don't allow developers to modify calculated Grant and Response
types in runtime (#1059).

Check Application scopes for Password Grant type if it present, but
request scopes are blank.

Adds failing test for password grant when application scopes are present and no scope is passed

Refactor `Doorkeeper::Request` from module_function to class methods.
Improve documentation.

Add #1053 to NEWS

Support redirect_uri's with registered query param(s)

Refactor enforcing of application scopes to configured on the server.
Change I18n message, impro...

Configuration to enforce application scopes

This amends the URIChecker to allow authorization for requests that contain query params. The qu...

Fix NameError with confidential apps generator

Add #1031 to news

Add rails generator that will create migration file to introduce
`confidential` column for Appli...

Allow public clients to authenticate without client_secret

Adds custom expiration time based on grant type

Add Application#confidential

Add dummy migration for Application#confidential

Because Dummy ap...

Remove deprecated methods and clean dead code

* Remove deprecated configuration methods
* Clean ScopeChecker from the dead code
* Refactor Aut...

Implement PKCE

* Add missing NEWS.md entry
* Add description for API option in initializer
* Minor code changes

- fixed issue about code_challenge in redirect_uri
- ensured, doorkeeper is still working, althou...

Validate redirect_uri as the native URI when making authorization code requests

Rails API support

Fix lookup for matching tokens when application has additional scopes

Move Orderable mixin under main models mixins.

Remove BaseRecord for AR models and move #ordered_by method to concerns
so anyone who patches de...

* Refactor #1001 into configurable lambdas

* [Lint] Lines too long

Update some sections, add more extensions, links to wiki, other
README improvements and fixes.

Make mixins & models more independent

Clear mixins from ActiveRecord DSL and save only overridable API. It
allows to use this mixins i...

Add passing specs for default scopes in password grant

Fix to invalidate the second redirect URI when the first URI is the native URI

Allow Application#redirect_uri= to handle array of URIs

Add entry to NEWS.md

Allow to forbid Application redirect URI's with specific rules
during creation. This allows to a...

* Use class method for ordering
* Make deprecation message more informative

* Remove unused ORM methods
* Improve Doorkeeper config default values
* Remove unnecessary Door...

Improve invalid_redirect_uri error description with more informative
text. Improve specs.

Add base ActiveRecord class with `#ordered_by` method for ORMs.

Add applications ordering by ...

Allow #force_ssl_in_redirect_uri to be callable

Allow Doorkeeper configuration option #force_ssl_in_redirect_uri to
be a callable object (proc, ...

* Have BaseRequest subclasses invoke super on callbacks

This makes the BaseRequest#before_suc...

* Use public_send instead of private send
* Remove dead code from Doorkeeper config
* Place same...

Performance improvement: no need to load all the Access Tokens on
revoke action for Application ...

Make it possible to have composit strategy names.

This fix is needed for https://github.com/doorkeeper-gem/doorkeeper-openid_connect since
it's po...

Fix #913: Deferred ORM (ActiveRecord) models loading

Fix Access Token value generation when certain errors occur in custom
token generator class.

Add explanation about necessity to define relations when adding foreign keys.

* Improve docum...

Implement RFC7662 - OAuth 2.0 Token Introspection

* Implement OAuth token introspection
* Refactor code

Add migration versioning for migration templates if ActiveRecord greater
than 5.0. Add specs to ...

Replace Struct subclassing with block-form initialization

Specify wiki pages from the way Client Credentials in doorkeeper initializer.

Change specs queries with #last method in order to make MongoDB ORM/ODM
extensions for Doorkeepe...

Make native redirect code a query param