You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CHANGELOG.md
+45Lines changed: 45 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -79,3 +79,48 @@ Fix the `OpenIdClaims` class key parsing issue:
79
79
80
80
Previous key mapping values are always empty as they are not available in the IdToken claims.
81
81
This fix update the key mapping to the correct values.
82
+
83
+
## 2.1.0
84
+
85
+
### New Features
86
+
87
+
Add extra parameters to the signIn method for better sign-in experience customization.
88
+
89
+
See the [Authentication parameters](https://docs.logto.io/docs/references/openid-connect/authentication-parameters) for more details.
90
+
91
+
1.`directSignIn`: This parameter allows you to skip the first screen of the sign-in page and directly go to the social or enterprise sso connectors's sign-in page.
92
+
93
+
-`social:<idp-name>`: Use the specified social connector, e.g. `social:google`
94
+
-`sso:<connector-id>`: Use the specified enterprise sso connector, e.g. `sso:123456`
95
+
96
+
2.`firstScreen`: This parameter allows you to customize the first screen that users see when they start the authentication process. The value for this parameter can be:
97
+
98
+
-`sign_in`: Allow users to directly access the sign-in page.
99
+
-`register`: Allow users to directly access the registration page.
100
+
-`single_sign_on`: Allow users to directly access the single sign-on (SSO) page.
101
+
-`identifier:sign_in`: Allow users to direct access a page that only display specific identifier-based sign-in methods to users.
102
+
-`identifier:register`: Allow users to direct access a page that only display specific identifier-based registration methods to users.
103
+
-`reset_password`: Allow users to directly access the password reset page.
104
+
105
+
3.`identifiers`: Additional parameter to specify the identifier type for the first screen. This parameter is only used when the `firstScreen` parameter is set to `identifier:sign_in`, `identifier:register` or `reset_password`. The value can be a list of the following supported identifier types:
106
+
107
+
-`email`
108
+
-`phone`
109
+
-`username`
110
+
111
+
4.`extraParams`: This parameter allow you to pass additional custom parameters to the Logto sign-in page. The value for this parameter should be a Map<String, String> object.
112
+
113
+
### Bug Fixes
114
+
115
+
Fix the `logtoClient.getAccessToken` method always fetching new access token bug.
116
+
117
+
Background:
118
+
On each token exchange request, Logto dart SDK will cache the token response in the local storage. To reduce the number of token exchange requests, the SDK should always return the cached access token if it's not expired. Only when the access token is expired, the SDK should fetch a new access token using the refresh token.
119
+
However, the current implementation always fetches a new access token even if the cached access token is not expired.
120
+
121
+
Root cause:
122
+
Previously, all the access token storage keys are generated using the combination of the token's `resource`, `organization` and `scopes` values. This is to ensure that multiple access tokens can be stored in the storage without conflict.
123
+
Logto does not support narrowing down the scopes during a token exchange request, so the scopes value is always the same as the initial token request, therefore `scopes` is not necessary to be included in the `logtoClient.getAccessToken` method. Without the `scopes` value specified, the SDK can not locate the correct access token in the storage, which leads to always fetching a new access token.
124
+
125
+
Fix:
126
+
Remove the `scope` parameter from the `_tokenStorage.buildAccessTokenKey` and `_tokenStorage.getAccessToken` methods. Always get and set the access token using the `resource` and `organization` values as the key.
0 commit comments