ChangeLog

3.0-M2	- 2015-01-26
		- Pull request #480: Missing type parameter for RuntimeEnvironment (thanks @jaceklaskowski)
		- Pull request #472: Soundcloud provider (thanks @amertum)
		- Pull request #438: Concur provier (thanks @anfuerer)
		- Pull request #506: fix case of absoluteTimeoutInMinutes in samples (thanks @chris-cooper)
		- Pull request #503: request fixing hardcoded HTTP header name in fromRequest (thanks @jglodek)
		- Fixed signup and password change errors in the Scala sample app
		- Added CSRF support 
		- Fixed #435: i18n does not work
		- Fixed #471: Continue with authentication if AvatarService is None (thanks @cemcatik)
		- Fixed #484: missing public folder
		- Fixed #501: Requests get redirected to wrong routes (Java) 
		- Pull request #441: Update user-service.md (thanks @salaj1986)
		- Pull request #495: disable generateRefReverseRouter (thanks @amertum)
		- Pull request #461: Use large version of Facebook profile picture (thanks @nguyentruongtho)
		- Fixed #468: Redirect loop when canceling Facebook Login Dialog
		- Added crossbuild and upgraded to Play 2.3.7
		- Fixed #494: source and target versions are 1.6 now
		- Fixed #493: BoxedUnit cannot be cast to Authenticator (thanks @amertum)
		- Upgraded to Play 2.3.5 and fixed most compiler warnings
		- Fixed: CacheService.Default was ignoring ttl
		- Switched back to Play 2.3.2 (problems publishing signed artifacts see https://github.com/sbt/sbt-pgp/issues/59)
		- Added scalariform
		- Separate creation and storage of mail tokens (thanks @normenmueller)
		- Upgrade to Play 2.3.3 (thanks @benmccann)
3.0-M1	- 2014-08-13
		- Updated GoogleProvider to use the new Google endpoints (see https://developers.google.com/+/api/auth-migration#timetable)
		- Code is now compatible with Play 2.3
		- Added SecureSocial.currentUser to support Websockets
		- Fixed #429: null pointer exception in UserAware Java API (thanks @mangecoeur)
		- Pull request #159: Weibo support (thanks @qiuzhanghua and @wuhaixing)
		- Pull request #398: Dropbox support (thanks @deterdw)
		- Pull request #426: Extract oauth clients (thanks @jeantil)
		- Pull request #422: Use named loggers for all providers logging (thanks @jeantil)
		- Fixed #420: Xing provider references VkProviderSettings
		- Fixed #419: bad sequence of a and p tags (thanks @jglodek)
		- Updated XingProvider to work with their latest APIs (thanks @muhlig)
		- Fixed serialization problems with Authenticators (#417 and #416)
		- Fix logged messages in ProviderController (thanks @AlekseiS)
		- Add a string so SaveMode compares will work (thanks @ddispaltro)
		- Propagate implicit lang parameter from mailer to mail templates (thanks @jeantil)
		- Changed to managed controllers
		- Removed RoutesHelper
		- Added a module default routes file
		- Refactored things not to use Play plugins anymore
		- Created services out of helper classes
		- Added RuntimeEnvironment
		- Identity trait replaced by BasicProfile
		- Improved Authenticator framework: AuthenticatorService + AuthenticatorBuilders
		- Added support for X-Auth-Token header
		- Changes to SecuredAction to use content negotiation for error responses
		- Added async support
		- Removed ajaxCall
		- Added API to login to better support SPA and mobile apps
		- removed unnecessary fix for http context in SecuredAction (Java): Play sets the http context properly now.
		- Fixed handling of IDs greater than 32bits for TwitterProvider
		- Prevent errors caused by missing email in FacebookProvider (thanks @chrisbeach)
		- Handle onSignUpGoTo configuration when signupSkipLogin is enabled (thanks @paiou)
		- LinkedInOAuth2Provider: retrieve email address and add sample configuration (thanks @paiou)
		- Improve logging behaviour (thanks @jeantil)
		- Add test helpers for unit and integration testing of securesocial controllers (thanks @jeantil)
		- Added Finnish translation (thanks @hannikkala)
		- Fixed error in Hebrew message file: was utf-8, now utf-8 without bom (thanks @katrinsharp)
		- Added Swedish translation (thanks @ricn)
		- Added Japanese translation (thanks @orih)
		- /authenticate/:provider routes can now receive a 'redirectTo' parameter. This is where the user is redirected
                  after succesful authentication (if used overrides the url set in OriginalUrl by SecuredAction)
		- ProviderController.authenticate signature changed. Breaks compatibility: routes file needs to be adjusted (see sample apps)
		- Added support for linking accounts. New 'link' method in UserService needs to be implemented.
		- Update messages.fr for single quotes (thanks @fmasion)
		- Small fixes for NL messages (thanks @francisdb)
		- Added German translation (thanks @l0rdn1kk0n)
		- Added Arabic translation (thanks @Ahimta)
		- Added Brazilian Portuguese translation (thanks @jeohalves)
		- Added Polish translation (thanks Dominik Sienkiewicz)
		- Added Spanish translation (thanks @jorgeolmos)
		- Added Hungarian translation (thanks @bubbanat)
		- Added French translation (thanks @afigoureux)
		- Added Serbian translation (thanks @vitalije)
		- Added Hebrew translation (thanks @katrinsharp)
		- Added Persian translation (thanks @AmirKarimi)
		- Fixed i18n issues: API breaking changes in TemplatesPlugin, PasswordValidator and templates (they need an implicit Lang as parameter now). Part of the i18n fixes are based on the pull request by @fernandoacorreia, thanks!
		- Removed duplicate entry in Russian locale
		- Added Russian locale (thanks @siman)
		- Add ability to set extra params to oauth2 url endpoints (thanks @chazmcgarvey and @nascosto)
		- Updated docs for maven and fixed a rendering problem in the password change page.
		- Starting 2.1.3 the module is published to Maven Central
2.1.3	- 2014-01-23
		- Change registrationDisabled to registrationEnabled (thanks @hugogoncalves)
		- Hide sign up link when Registration provider is disabled (thanks @hugogoncalves)
		- Fixed: ProviderController.toUrl was not using the session returned by the event handler
		- Added onPasswordChangeGoTo option (thanks @fernandoacorreia)
		- Disabled Registration feature (thanks @c-schmitt)
		- Fixed: PasswordResetEvent does not have updated password
		- Fixed typos in readme and docs (thanks @fayimora, @fernandoacorreia, @nelsonblaha)
		- Minor doc updates (thanks @dnephin)
		- Added traditional Chinese message file (thanks @yuchuan1)
		- Fixed password change with multiple hashers (thanks @FabienPennequin)
		- Fixed compiler warnings
		- Improved SecureSocial.currentUser to avoid the UserService.find call if the request has the user already
		- Added expiration to Cache.set calls
2.1.2	- 2013-11-01
		- Fixed example for view customization docs (thanks @yankov)
		- Enable retrieving email address from LinkedIn (thanks @targeter)
		- Added strings to securesocial.conf in demos (thanks @alanrodas)
		- Added idLengthInBytes property to customize the length of session ids (based on changes by @mkubala)
		- Improved RoutesHelper to handle multiple assets properly (based on changes by @danielkza)
		- Fixed typo in example config (thanks @dhruvbhatia)
		- Translation for Dutch (thanks @gerbrand)
		- Add indication to register event listeners in play.plugins (thanks @OlivierBlanvillain)
		- Added OAuth2 provider for LinkedIn (thanks @gmethvin)
		- Upgraded to Play 2.2
		- Updated docs to reflect API changes done for 2.1.1
2.1.1	- 2013-08-08
		- Renamed class name UserId to IdentityId (breaks backwards compatibility)
		- Renamed id field in UserId to userId (breaks backwards compatibility)
		- Renamed id field in Identity to identityId (breaks backwards compatibility)
2.1.0   - 2013-08-08
		- Upgraded to Play 2.1.3
		- Added a enableRefererAsOriginalUrl property to enable/disable the use of the referer as the originalUrl
                  since this was causing issues for some people (defaults to false).  This is a temporary until a final 
                  solution is developed.
		- Use referer if originalUrl is not available when the login/signup page is hit (thanks @magro)
		- Fixed: Facebook login error when using the publish_stream scope (thanks @fedefrappi)
		- Fixed: make minimum default password length to 8 (thanks @wsargent)
		- Fixed: ClassCastException on application reload (dev mode) when using Events (thanks @magro)
		- Added: Serve the login page using SSL (thanks @magro)
		- Fixed: Do not prevent login on missing google profile info (thanks @chazmcgarvey)
		- Fixed: NoSuchElementException in FoursquareProvider (thanks @thesmith)
		- Moved RequestWithUser outside the SecureSocial controller
		- Allow overriding Registration step redirect targets. (thanks @magro)
		- Added the email to the flash messages in Registration.handleStartSignUp (thanks @magro)
		- Added support for plain text, html and multipart emails in TemplatesPlugin (thanks @magro)
		- Made SecureSocial compatible with Play 2.1 [master branch, 2.0.x branch is for Play 2.0 versions now].
2.0.12  - 2013-02-25
		- clean securesocial values after login from the session
                - renamed keys used in session
		- Added a makeTransient property for the authenticator cookie.
		- Fixed: absolute timeout was not being picked up from the conf file
		- Fixed wrong logout implementation
2.0.11  - 2013-02-21
                - Chanded Build.scala files to use the Typesafe community repository.
		- Renamed ResetPasswordEvent to PasswordResetEvent.
		- Made vals in RoutesHelper lazy
		- Added password change, password reset and sign up events
		- Added IdGenerator and AuthenticatorStore plugins with their default implementations for the new authenticator cookie.
		- Introduced an authenticator cookie to track users. The Play session is not used anymore.
		- Fixed issue #144: Successful change password logs user out.
		- Fixed wrong package names for the XING, Foursquare and Instagram providers.
		- Fixed the error message for invalid token (thanks @playtypii).
		- Added Instagram Providers (thanks @poornerd).
		- Added Foursquare (tm) and XING Providers (thanks @poornerd).
		- Added VK provider (thanks @KonstantinGrigoriev).
		- Static files injection to SecureSocial (thanks @pvillega).
		- Option to auto-login after completing signup (thanks @platypii).
2.0.10  - 2013-02-06
		- Changed the save() method in UserService to return an Identity so that event callback implementations can receive Identity instances from custom classes.
		- Added an event API that can be used to track events(only login/logout yet). Scala only for now.
2.0.9	- 2013-01-25
		- The login action redirects the user to the app if he is already authenticated now.

2.0.8   - 2013-01-01
		- PasswordHasher and Password validator are abstract classes instead of traits now (simplifies Java integration).
		- Fixed: wrong LinkedIn key for getting fullName (thanks @chazmcgarvey).
		- Removed servceInfo from OAuth1Info. That object can be retrieved from SecureSocial.serviceInfoFor method now.
		- Backward incompatible changes to the Java API: deleted AuthenticationMethod, OAuth1Info, OAuth2Info, PasswordInfo, SocialUser and UserId. This was required because after introducing the Identity trait I need to make sure the user gets its own object in the actions instead of a SocialUser instance.  Even though there's not a Java equivalent, the Scala classes can be called from Java easily.
		- Added new message to messages file: securesocial.login.errorLoggingIn
		- Improved ProviderController.handleAuth to show an error if an error occurrs while logging the user in (eg: if the UserService.save implemewntation throws an exception)
		- Fixed: Identity providers were filling wrong provider id values
		- Added: UsernamePasswordProvider updates the user avatar if gravatar support is enabled now.
		- Added timeout for sessions (30 mins by default, use sessionTimeOut property to change). 
		- Fixed: PasswordValidator was not being used in password reset
		- Fixed: When a token is expired the user is properly redirected to the sign up or reset pages now
		- Added enableTokenJob property to enable/disable the background job
		- Fixed method typo AuthenticationMethod: toScala.
		- Right http codes are returned for ajax calls now 
		- New assetsController property to override the assets class in RoutesHelper. Needed when a custom Asset controller is used by the app.  
		- Added hasher id to PasswordInfo
		- Added support for registering multiple PasswordHashers to allow upgrading the hashing algorithm.
		- Introduced Identity trait. SocialUser now implements it (this will allow developers to return their own user class from UserService.find methods)
2.0.7	- 2012-11-25		
		- Added password change functionality
		- Changed SecureSocial.currentUser/userFromSession methods to support websockets (thanks @KimStevel for catching this)
		- Use HTTPS for avatar URL in the Facebook provider (thanks @chazmcgarvey)
		- Added documentation for password plugins
		- Added base class for Java based password hashers: BasePasswordHasher
		- Added PasswordValidator to allow customization of password rules/strength
		- Added DefaultPasswordValidator that enforces the length of passwords
		- Fixed a RuntimeException in the github provider (thanks @chazmcgarvey)
		- Changes to TwitterProvider: use of API 1.1 and https for the image avatar (thanks @chazmcgarvey)
2.0.6	- 2012-11-16		
		- Fixed a problem where plugins were not being registered when Play recompiled the app
		- Added a scheduled task to delete expired signup/password reset tokens
		- Added tokenDuration and tokenDeleteInterval properties for userpass
		- Changed findByEmail to findByEmailAndProvider in UserService to make it clearer that both fields must match
		- Fixed bug: OAuth1Provider was clearing the session at login time (thanks @chazmcgarvey)
2.0.5   - 2012-11-14
		- Simplified installation by providing an ivy style repository
		- Updated installation steps in the user guide
		- Added a change log page to the docs
		- Changed the assets directory for SecureSocial to avoid conflicts with apps using it
		- Added Bootstrap to demo apps
2.0.4   - 2012-11-11
		- Improved signup flow (validates email before allowing registration)
		- Added reset password functionality
		- Added email notifications 
		- Added a way to customise views  & mails (TemplatesPlugin)
		- Added a setting to enable HTTPS in the URLSs for OAUTH callbacks and routes 
		- Replaced displayName in SocialUser for firstName, lastName and fullName fields
		- Added RoutesHelper to build urls using the routes file of the app using the module
		- Added a user guide
2.0.3	- 2012-11-02
		- Fix to prevent not serializable exception in OAuth1Provider (thanks to @chazmcgarvey)
2.0.2	- 2012-09-24
		- Added GitHub provider
		- Changed FacebookProvider to use the new Facebook API (user picture)
		- Moved to Play 2.0.3
		- Fixed #71: Context not available in UserAwareAction 
2.0.1	- 2012-06-22
		- Added LinkedIn provider
2.0.0	- 2012-06-05
		- Initial release of SecureSocial for Play 2 published
		- Facebook, Google and Twitter providers