knock

Fixed

• Allow use of any or no prefix in authorization header. This fixes an unwanted breaking change introduced in 1.4.0 forcing the use of the Bearer prefix.

Fixed

• Use lambda for audience verification

Changed

• Allow use of rails versions above 4.2

Added

• Travis integration
• Contribution guidelines
• URL authentication
• Allow use of different encoding algorithm
• Expose current_user in the controllers without authenticating

Fixed

• Audience verification in token
• Use lambda syntax compatible with older ruby versions
• A few typos

Added

• Configuration option for how the current_user is retrieved when signing in.
• Configuration option for the handle attribute (email by default).

Added

• Configuration option for how the current_user is retrieved when validating a token. (#1)

Changed

• Use "sub" claim to store the user id by default instead of "user_id". (#1)

Fixed

• Decode auth0_client_secret in default configuration for Auth0