The below guide will assist in upgrading from the 1.x versions to 2.0.
- Symfony 6.4, or 7.2+
- PHP 8.2 or later
- The
refresh_token_classconfig node is now required and validates that the class implementsGesdinet\JWTRefreshTokenBundle\Model\RefreshTokenInterface - The
Gesdinet\JWTRefreshTokenBundle\Security\Http\Authenticator\RefreshTokenAuthenticator::supports()method now only checks if the request path matches thecheck_pathconfiguration for the authenticator - Standardized all container IDs to use the
gesdinet_jwt_refresh_tokenprefix - Made several classes final
- Added parameter and return typehints
- Added the
Gesdinet\JWTRefreshTokenBundle\Doctrine\RefreshTokenRepositoryInterface::findInvalidBatch()andGesdinet\JWTRefreshTokenBundle\Model\RefreshTokenManagerInterface::revokeAllInvalidBatch()interface methods to support batch operations, custom implementations will require these new methods
- Removed classes supporting authentication for Symfony 5.3 and earlier
- Removed the
AbstractRefreshTokenclasses from theGesdinet\JWTRefreshTokenBundle\DocumentandGesdinet\JWTRefreshTokenBundle\Entitynamespaces, use theRefreshTokenclass from the same namespace instead - Removed
Gesdinet\JWTRefreshTokenBundle\Model\RefreshTokenManagerInterface::create()and its implementations, aGesdinet\JWTRefreshTokenBundle\Generator\RefreshTokenGeneratorInterfaceimplementation should be used instead - Removed
Gesdinet\JWTRefreshTokenBundle\Model\RefreshTokenManager, implementGesdinet\JWTRefreshTokenBundle\Model\RefreshTokenManagerInterfacedirectly instead - Removed automatic token generation from
Gesdinet\JWTRefreshTokenBundle\Model\AbstractRefreshToken::setRefreshToken(), a token is now required - Removed
Gesdinet\JWTRefreshTokenBundle\DependencyInjection\Compiler\ObjectManagerCompilerPassand inlined its logic to the container extension - Removed the
gesdinet.jwtrefreshtoken.object_manager.idcontainer parameter - Removed deprecated configuration nodes:
firewall- No replacementuser_provider- No direct replacement, the user provider should be set on the security firewall configuration insteaduser_identity_field- No replacementuser_checker- No direct replacement, the user checker should be set on the security firewall configuration insteadrefresh_token_entity- Use therefresh_token_classnode insteadentity_manager- Use theobject_managernode insteaddoctrine_mappings- No replacementmanager_type- Set theobject_managerwhen neededlogout_firewall- Set theinvalidate_token_on_logoutconfig on therefresh_jwtauthenticator instead