CHANGES
=======

4.03  20131126  changed default value $wgOpenIDLoginOnly to true
4.02  20131124  bug 18528 show error for empty username for providers
4.01  20131123  bug 45304 show correct button texts login/create account/convert
4.00  20131122  introducing OpenID::isAllowedMode()
                deprecating $wgOpenIDConsumerAndAlsoProvider

                depends on 9a362d64c86989837f9a0755abc7c5a78457ca78 MediaWiki
                core https://gerrit.wikimedia.org/r/#/c/96029/ merged 2013-11-18

                Add "provider only" mode

                introducing new rights:
                openid-create-account-with-openid
                openid-login-with-openid
                openid-login-without-openid

                bug 46617: allowing sysops to always create accounts
                In SpecialPages OpenID section, Sysops will always find a link
                to create a new user account by mail

                bug 54508: introducing $wgOpenIDMode which replaces
                $wgOpenIDConsumerAndAlsoProvider and can have values
                'consumer', 'provider', array( 'consumer', 'provider' ), false

                bug 54507: When having a forced provider, disallow adding
                (converting) further OpenIDs from non-allowed providers:
                only allow to add the forced provider

                hiding OpenID login links if these are not working
                (consumer mode, or missing or empty list of providers,
                or no forced provider)

                hiding irrelevant sections in the OpenID preferences tab
                (depending on OpenIDMode)

                adding message texts for rights and actions

                bug fix: correcting a permission check during account creation:
                the check was previously (mistakenly) done for the user-to-be-created
                instead checking the account creation right of account-creating user

                when attaching an OpenID: adding a reset password link under
                username/password in the name picker screen

3.44  20131122  bug 54511 Let OpenIDServer show a meaningful error message in
                case of untrusted trust root
3.43  20131103  bug 34844 and 34846
                add uoi_user_registration for PostgreSQL
                add uoi_user_registration field to the user_openid table
                separate schema update functions for MySQL and PostgreSQL
                bail explicitly on other databases
                database-specific timestamp
3.42  20131004  fixed a problem with label text on the preferences tab.
                inverted internal hide/show OpenID property name,
                but kept the default meaning "show OpenID on user pages"
3.41  20131003  bug 54506: $wgHideOpenIDLoginLink was not completely renamed to
                $wgOpenIDHideOpenIDLoginLink
3.40  20130821  bug 47151 Special:OpenIDConvert can be used even when forcing an
                openid provider
                bug 44819 introduction of array of $wgOpenIDProviders and
                $wgOpenIDForcedProvider
                fix of an i18n problem
3.34  20130810  bug 44821 OpenID Consumer wiki stalls with blank page for
                certain OpenID Provider verification error cases
                (consumer fails to show the provider response message)
3.33  20130703  bug 50430 fixed null array error for fullname/email in AX array
3.32  20130525  bug 44293 fix URL generation when $wgServer is protocol-relative
3.311 20130514  bug 44849 retina icons: renewed OpenID logo; rescaled the other
                large provider icons
3.31  20130508  removal of dead openid provider logos (Vox, Vidoop)
                bug 44849 retina icons
3.30  20130505  giving up backward compatibility
                removed outdated Makefile and patch for openid-php library
                renamed README.OpenID-mediawiki-extension to README
                deleted OpenID.setup.php
                sanitized sreg response
                hook message layout change: added a newline when deleting an OpenID
                (bug 47152 47153) XSS and CSRF fixes
3.122 20130418  code cosmetics
3.121 20130417  code cosmetics
3.12  20130402  breaking change renamed $wgOpenIDClientOnly
                to $wgOpenIDConsumerAndAlsoProvider and inverting
                its logic accordingly
3.11  20130401  code cosmetics
3.10  20130318  renamed $wgOpenIDOnly to $wgOpenIDLoginOnly
3.09  20130318  hotfix typo $wgOpenIDOnlyClient vs. $wgOpenIDClientOnly
3.08  20130318  SpecialOpenIDIdentifier only shows the name for visiting user
                otherwise only the User ID, or an error if invalid User ID
3.07  20130316  (bug 46052) make storage methods obeying and using $wgTmpDirectory
3.06  20130312  fix bug46006 correct use of $wgExtensionAssetsPath after setup
                changed $wgOpenIDLoginLogoUrl to $wgOpenIDSmallLogoUrl
3.05  20130311  show OpenID icons also in the table of associated OpenIDs
                in OpenID preferences
3.04  20130310  fix bug45323 add deletion of trusted sites to OpenID Preferences
3.03  20130310  fix bug45928 change deprecated wgAllowRealName
                to wgHiddenPrefs checks
3.02  20130309  when used as Provider, show the own OpenID
                in OpenID preference tab
                fix bug 45322 show own OpenID as subtitle on own userpage
                (user option)
3.01  20130309  fixed a regression which stopped optional userinfo updating
                from OpenID
3.00  20130308  delegate /User:Username to /Special:OpenIDIdentifier/<userid>
2.06  20130305  fix bug45515 OpenID server lost trust information
                when Preferences were saved
2.05  20130304  fix bug45586 preference tab got now section headers
2.03  20130227  fix bug45323 preference tab "OpenID" shows list of "trust" records
2.01  20130209  fix to allow identity selection bug44416
                fix bug40068, bug40067 $wgOpenIDForcedProvider
                changed default value $wgOpenIDShowProviderIcons = true;
1.005 20130209  $wgTrustRoot was renamed to $wgOpenIDTrustRoot
                $wgOpenID being prefix of all extension global variables
1.004           links to preferences tabs corrected
1.003           changed system text openidalreadyloggedintext
1.002           added missing system text 'right-openid-converter-access'
1.001           convenience release with download of the version for PHP 5.3.x
                from https://github.com/Wikinaut/php-openid/tree/mw-extension-openid
1.000           release version
0.947           using jQuery closure for redirect
0.946           fixed the problem of broken automatic redirect
                to OpenID provider login
                replaced hookEvent() by jQuery( document ).ready( submitOpenIDForm )
0.945           improved Makefile: added the SHA1 checksum of php-openid library.tar.gz
0.944           improved the Makefile by adding a test if "patch" (program) exists
                some users reported that this is not standard in all distrubtions
0.942           code cosmetic db schema updater
0.940           changed database schema updater; tested for MySQL
0.939           function name changes
0.938           list uoi_user_registration timestamp if present
                in openid-preference tab
0.937           added uoi_user_registration timestamp field (bug30623)
0.934 2009      bug 29543 After logging in with OpenID, user page link
                in the personal toolbar pt portlet)
                still has the User:IP link (needs refresh to link to User:Username)
                Added provider buttons to the OpenID login page
                with optional icons ($wgOpenIDShowProviderIcons)
                Post-release fix to broken icon on user's page.
0.9.1           fixes for PHP > 5.3.x; fixed bugs
                bug 27419 OpenID extension: disallow new account creation for
                those users without "createaccount" permission
                bug 27581 3 new OpenID login page parameters:
                $wgOpenIDAllowManualUsername, AllowAutomaticUsername,
                ProposeUsernameFromSREG
                bug 18635 Allow to use User pages as OpenIDs even if user is
                using OpenID already

These are meanwhile implemented items moved from the TODO file

+ change $wgTrustRoot variable name
+ fix bug 44416
  OpenID: when logging in as "Name" with wiki/Special:OpenIDServer/id ,
  the OpenID should be restamped to wiki/User:Name
+ be aware of user deletions done by extension UserMerge and Delete (and others)
  https://bugzilla.wikimedia.org/show_bug.cgi?id=28993
+ allow user to set or reset a password in case of
  !$wgOpenIDClientOnly && $wgOpenIDLoginOnly
  (https://bugzilla.wikimedia.org/show_bug.cgi?id=29027)
  = case Server/OpenID-Only
+ Execute MediaWiki hook 'AddNewAccount' when new account is added
  https://bugzilla.wikimedia.org/show_bug.cgi?id=21711
+ Add a Storage class for $wgMemc
+ Prevent running OpenIDLogin when you're already logged in
+ Add a server mode
+ Prevent serving OpenID accounts
+ Prevent trusting the same server
+ Limit domains whose OpenIDs you trust
+ For domains, Order Allow,Deny or Deny,Allow
+ Function to let skins tell if user is OpenID user
+ Function to let skins know user's OpenID URL
+ Interwiki login
+ drop-down for username prefixes (Yahoo, etc.)
+ server mode login
+ server mode trust form
+ server mode share fields form
+ change a "regular" account to an OpenID account
+ split big file into 2-3 smaller modules
+ add openid.server to user pages
+ hide openid.server for non-user pages
+ change trust data separators from , and | to FS and RS
+ User preferences tab for OpenID
+ Have some $trust_root values that we _always_ allow to trust
+ form to choose user ID if not sreg.nickname or sreg.fullname
+ try to guess user name from URL with /
  like http://getopenid.com/evanprodromou or
  http://profile.typekey.com/EvanProdromou/
+ Allow specifying a FileStore
+ Allow specifying a MySQLStore
+ Allow specifying a memcached store
+ Fall back to FileStore if Memc is bogus
+ Unit test for MemcStore
+ for just-a-hostname OpenIDs, if the first element is not
  www, use the first element as a proposed ID
+ Make the OpenID login page more prominent. A personal toolbox link
  for each page?
+ Update Sreg support for new API in version 2.0 libraries
+ fix problem with getting $request->identity after login on server
+ fix problem with return_to parsing on login
+ fix problem with return_to parsing on convert
+ optionally allow user to specify an existing username/password after
  logging in with OpenID the first time (like ma.gnolia.com)
+ add more explanatory text to the default login instructions
  (copy Wikitravel text)
+ add more than one OpenID to a user account
+ link to Special:OpenIDConvert if user is already logged in
  (fixed in 0.924-beta)
+ link to OpenID login on Special:Userlogin (fixed in 0.924-beta)
