oauth 0.5.8 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1807df6b1dca91fa9f0847f63822d62091cf4ec58df1672717a0079ef4e8857a
-  data.tar.gz: dbd064cf033678fa81a0a14c746a2baf35ccdacdca8558704d84e00305a7f6eb
+  metadata.gz: 4bbf3f3a460e4b7cd04184248e8321897a3b6b1e7d7b46803f943fffdd512543
+  data.tar.gz: 6aec1401ce4db1d54b643a11aeab44604a46382151bcd43ba19914fbc0b7d705
 SHA512:
-  metadata.gz: 964271d5d010566584c7b398ad00d9c9ed73fa50a0b87e1a326cb30d3b31605af45eacd743599171f8e9f48dccf64ebfefad47c355291d9579dc19ae7cc88610
-  data.tar.gz: 2828e98d4b4836c8493768c7f96de0d8943c05de072aaf70c59efd25c4f17eed3bfcc9f55bc3b7589260c9be5414616c9266b104499a595e98ba9da1ace0df79
+  metadata.gz: 3df8309921280baa7577d3fcc5417c2408cd9b97c90f68ecb871a3ae3d7d42f7374417ca2a4d0002ef3a1a25325d16b7d3cdec52c771e78711e13dcfbd86309c
+  data.tar.gz: 0b36611a495fde3b0ec4116486a0d9122d2ab336681704d5baeebbb7cdd68710b420c98196c84d6ab43940beec662ec6d563dd799bea6117b4c3e58a854d16b3

data/CHANGELOG.md

@@ -7,28 +7,57 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
 ### Added
 
-
 ### Changed
 
-
 ### Fixed
 
+### Removed
+
+## [0.6.0] 2022-08-23
+### Added
+* New option `body_hash_enabled` which defaults to true to maintain backward compatibility with prior releases. Setting to `false` disables generation of a `oauth_body_hash` component as part of the signature computation.
+* Improved documentation of support policy via Tidelift
+* Stop testing against active_support v2
+
+### Changed
+* Utilize version_gem extracted from oauth2 gem for VERSION
+  * Added new `OAuth::Version` namespace
+  * VERSION constant now at `OAuth::Version::VERSION`
 
 ### Removed
+* Ruby 2.0, 2.1, 2.2, and 2.3 are no longer valid install targets
 
+## [0.5.10] 2022-05-04
+The "Can it be the end of the line for 0.5.x?" Release
 
-## [0.5.8] 2021-11-10
 ### Added
+* Major updates to Documentation
+* More CI Hardening
+* Align CI builds with official Ruby Compatibility Matrix
+* Project tooling in preparation for final release of 0.5.x series
+  - diffend
+
+## [0.5.9] 2022-05-03
+### Added
+* Documentation related to Ruby compatibility
+* Updated CHANGELOG.md formatting
+* Corrected CHANGELOG.md typos
+* Hardened the CI build for the next few years(?!)
+* Require MFA to push new version to Rubygems
+* Replace Hash Rocket syntax with JSON-style symbols where possible
+* Project tooling in preparation for final release of 0.5.x series
+  - rubocop-ruby2_0
+  - overcommit
 
+## [0.5.8] 2021-11-10
+### Added
 * Added more documentation files to packaged gem, e.g. SECURITY.md, CODE_OF_CONDUCT.md
 
 ### Fixed
-
 * Removed reference to RUBY_VERSION from gemspec, as it depends on rake release, which is problematic on some ruby engines. (by @pboling)
 
 ## [0.5.7] 2021-11-02
 ### Added
-
 * Setup Rubocop (#205, #208 by @pboling)
 * Added CODE_OF_CONDUCT.md (#217, #218 by @pboling)
 * Added FUNDING.yml (#217, #218 by @pboling)
@@ -36,7 +65,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Handle a nested array of hashes in OAuth::Helper.normalize (#80, #221 by @pboling)
 
 ### Changed
-
 * Switch from TravisCI to Github Actions (#202, #207, #176 by @pboling)
 * Upgrade webmock to v3.14.0 (#196 by @pboling)
 * Upgrade em-http-request to v1.1.7 (#173 by @pboling)
@@ -47,7 +75,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Require plaintext signature method by default (#135 by @confiks & @pboling)
 
 ### Fixed
-
 * Fixed Infinite Redirect in v0.5.5, v0.5.6 (#186, #210 by @pboling)
 * Fixed NoMethodError on missing leading slash in path (#194, #211 by @pboling)
 * Fixed NoMethodError on nil request object (#165, #212 by @pboling)
@@ -57,61 +84,49 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Fixed request proxy Class constant reference scopes - was missing `::` in many places (#225, #226 by @pboling)
 
 ### Removed
-
 * Remove direct development dependency on nokogiri (#299 by @pboling)
 
 ## [0.5.6] 2021-04-02
 ### Added
-
 * Add metadata to Gemspec file
 * Add support for PUT requests with Action Controller (#181)
 
 ### Changed
-
 * Change default timeout to be the same as Net::HTTP default, 60 seconds instead of 30 seconds.
 
 ## [0.5.5] 2020-01-19
 ### Added
-
 * Add :allow_empty_params option (#155)
 
 ### Changed
-
 * Allow redirect to different host but same path
 * Various cleanups
 
 ### Fixed
-
 * Fixes ssl-noverify
 * Fixed README example (#158, #159, by @pboling)
 
 ## [0.5.4] 2017-12-08
 ### Changed
-
 * Various cleanups (charliesome)
 
 ### Fixed
-
 * Fixes UnknownRequestType on Rails 5.1 for ActionDispatch::Request (xprazak2)
 
 ## [0.5.3] 2017-05-24
 ### Fixed
-
 * Fix #145 - broken CLI required loading active_support (James Pinto)
 
 ### Changed
-
 * Removing legacy scripts (James Pinto)
 
 ## [0.5.2] 2017-05-17
 ### Added
-
 * Adding a development dependency that had not been mentioned (James Pinto)
 * Adding CodeClimate (James Pinto)
 * Adding support to Ruby 2.4 and head (James Pinto)
 
 ### Changed
-
 * Use assert_nil so as to silence a Minitest 6 deprecation warning (James Pinto)
 * Stop bundling tests files in the gem (Michal Papis)
 * Minor cleanup on tests (James Pinto)
@@ -129,7 +144,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Reimplementing #82 - Debug Output Option (James Pinto)
 
 ### Fixed
-
 * Fix #113 adding paths when a full URL has been specified   (James Pinto)
 * Bug Fix, webmock 2.0 has introduced a new bug (James Pinto)
 * Making a test/support dir (James Pinto)
@@ -137,28 +151,23 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [0.5.1] 2016-02-29
 ### Added
-
 * Add license info to the gemspec (Robert Reiz)
 
 ### Fixed
-
 * Proper handling for empty query string in RequestToken#build_authorize_url (midchildan,
   Harald Sitter)
 * Replace calls to String#blank? with its implementation (Sergio Gil Pérez de la Manga)
 
 ### Changed
-
 * Loosen some development dependencies. Add libcurl-dev to travis
 * Fixes to travis config. Switch to rubygems for installation and loading
 
 ### Removed
-
 * Remove obsolete comment (Arthur Nogueira Neves)
 * Remove jeweler from gemspec
 
 ## [0.5.0] 2016-02-20
 ### Added
-
 * Add support for HTTP PATCH method (Richard Huang)
 * Allow reading private key from a string (Khaja Minhajuddin)
 * Add rest-client proxy (Khem Veasna)
@@ -166,14 +175,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Allow reading certificate file path from environment variable. Add CentOS cert file path (Danil Vlasov)
 
 ### Changed
-
 * Replace jeweler with real spec and bundler tasks
 * Extract version to separate file
 * Use OpenSSL for all digest and hashing. Remove signature methods not defined by OAuth spec. (Kevin Hughes)
 * Change token requests to exclude `oauth_body_hash`. Update doc links in comments. (John Remmen)
 
 ### Fixed
-
 * Fix ability to pass in an authorize url with a query string (Roger Smith)
 * Fix bug in signature verification (r-stu31)
 * Use standard key name (`oauth_token_secret`) in Token#to_query (Craig Walker)
@@ -189,28 +196,23 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [0.4.7] 2012-09-03
 ### Added
-
 * Set a configurable timeout for all requests (Rick Olson)
 
 ### Fixed
-
 * Fix merging paths if the path is not empty
 * Fix nested hash params in Consumer#request (Ernie Miller)
 
 ## [0.4.6] 2012-04-21
 ### Changed
-
 * Make use the path component of the :site parameter (Jonathon M. Abbott)
 
 ### Fixed
-
 * Fixed nested attributes in #normalize (Shaliko Usubov)
 * Fixed post body's being dropped in 1.9 (Steven Hammond)
 * Fixed PUT request handling (Anton Panasenko)
 
 ## [0.4.5] 2011-06-25
 ### Added
-
 * Add explicit require for rsa/sha1 (Juris Galang)
 * Add gemtest support (Adrian Feldman)
 
@@ -220,17 +222,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Use Net::HTTPGenericRequest (Jakub Kuźma)
 
 ### Fixed
-
 * Fix POST Requests with Typhoeus proxy (niedhui)
 * Fix incorrect hardcoded port (Ian Taylor)
 
 ## [0.4.4] 2010-10-31
 ### Added
-
 * Added support for Rails 3 in client/action_controller_request (Pelle)
 
 ### Fixed
-
 * Fix LoadError rescue in tests: return can't be used in this context (Hans de Graaff)
 * HTTP headers should be strings. (seancribbs)
 * ensure consumer uri gets set back to original config even if an error occurs (Brian Finney)
@@ -238,33 +237,27 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [0.4.3] 2010-09-01
 ### Fixed
-
 * Fix for em-http proxy (ichverstehe)
 
 ## [0.4.2] 2010-08-13
 ### Added
-
 * Added Bundler (rc) Gemfile for easier dev/testing
 
 ### Fixed
-
 * Fixed compatibility with Ruby 1.9.2 (ecavazos)
 * Fixed the em-http request proxy (Joshua Hull)
 * Fix for oauth proxy string manipulation (Jakub Suder)
 
 ## [0.4.1] 2010-06-16
 ### Added
-
 * Added support for using OAuth with proxies (Marsh Gardiner)
 
 ### Fixed
-
 * Rails 3 Compatibility fixes (Pelle Braendgaard)
 * Fixed load errors on tests for missing (non-required) libraries
 
 ## [0.4.0] 2010-04-22
 ### Added
-
 * Added computation of oauth_body_hash as per OAuth Request Body Hash 1.0 Draft 4 (Michael Reinsch)
 * Added the optional `oauth_session_handle` parameter for the Yahoo implementation (Will Bailey)
 * Added optional block to OAuth::Consumer.get_*_token (Neill Pearman)
@@ -276,12 +269,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * New website (Aaron Quint)
 
 ### Changed
-
 * Better marshalling implementation (Yoan Blanc)
 * Replaced hoe with Jeweler (Aaron Quint)
 
 ### Fixed
-
 * Strip extraneous spaces and line breaks from access_token responses (observed in the wild with Yahoo!'s OAuth+OpenID hybrid) (Eric Hartmann)
 * Stop double-escaping PLAINTEXT signatures (Jimmy Zimmerman)
 * OAuth::Client::Helper won't override the specified `oauth_version` (Philip Kromer)
@@ -289,22 +280,18 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [0.3.6] 2009-09-14
 ### Added
-
 * Added -B CLI option to use the :body authentication scheme (Seth)
 * Support POST and PUT with raw bodies (Yu-Shan Fung et al)
 * Added :ca_file consumer option to allow consumer specific certificate override. (Pelle)
 
 ### Changed
-
 * Test clean-up (Xavier Shay, Hannes Tydén)
 
 ### Fixed
-
 * Respect `--method` in `authorize` CLI command (Seth)
 
 ## [0.3.5] 2009-06-03
 ### Added
-
 * `query` CLI command to access protected resources (Seth)
 * Added -H, -Q CLI options for specifying the authentication scheme (Seth)
 * Added -O CLI option for specifying a file containing options (Seth)
@@ -315,33 +302,27 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [0.3.4] 2009-05-06
 ### Changed
-
-* OAuth::Client::Helper uses OAuth::VERSION (chadisfaction)
+* OAuth::Client::Helper uses OAuth::Version::VERSION (chadisfaction)
 
 ### Fixed
-
 * Fix OAuth::RequestProxy::ActionControllerRequest's handling of params (Tristan Groléat)
 
 ## [0.3.3] 2009-05-04
 ### Added
-
 * Support for arguments in OAuth::Consumer#get_access_token (Matt Sanford)
 * Add gem version to user-agent header (Matt Sanford)
 
 ### Changed
-
 * Improved error handling for invalid Authorization headers (Matt Sanford)
 * Handle input from aggressive form encoding libraries (Matt Wood)
 
 ### Fixed
-
 * Corrected OAuth XMPP namespace (Seth)
 * Fixed signatures for non-ASCII under $KCODE other than 'u' (Matt Sanford)
 * Fixed edge cases in ActionControllerRequestProxy where params were being incorrectly signed (Marcos Wright Kuhns)
 
 ## [0.3.2] 2009-03-23
 ### Added
-
 * Support applications using the MethodOverride Rack middleware (László Bácsi)
 * `authorize` command for `oauth` CLI (Seth)
 * Initial support for Problem Reporting extension (Seth)
@@ -349,7 +330,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 * Added help to the 'oauth' CLI (Seth)
 
 ### Fixed
-
 * 2xx statuses should be treated as success (Anders Conbere)
 * Fixed ActionController parameter escaping behavior (Thiago Arrais, László Bácsi, Brett Gibson, et al)
 * Fixed signature calculation when both options and a block were provided to OAuth::Signature::Base#initialize (Seth)
@@ -357,24 +337,19 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [0.3.1] 2009-01-26
 ### Fixed
-
-* Fixed a problem with relative and absolute token request paths. (Michael
-  Wood)
+* Fixed a problem with relative and absolute token request paths. (Michael Wood)
 
 ## [0.3.0] 2009-01-25
 ### Added
-
 * Support ActionController::Request from Edge Rails (László Bácsi)
 * Added #normalized_parameters to OAuth::RequestProxy::Base (Pelle)
 * Command-line app for generating signatures. (Seth)
 
 ### Changed
-
 * OAuth::Signature.sign and friends now yield the RequestProxy instead of the token when the passed block's arity is 1. (Seth)
 * Improved test-cases and compatibility for encoding issues. (Pelle)
 
 ### Fixed
-
 * Correctly handle multi-valued parameters (Seth)
 * Token requests are made to the configured URL rather than generating a potentially incorrect one.  (Kellan Elliott-McCrea)
 
@@ -382,7 +357,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 The lets fix the last release release
 
 ### Fixed
-
 * Fixed plain text signatures (Andrew Arrow)
 * Fixed RSA requests using OAuthTokens. (Philip Lipu Tsai)
 
@@ -390,17 +364,14 @@ The lets fix the last release release
 The lets RSA release
 
 ### Added
-
 * Improved support for Ruby 1.8.7 (Bill Kocik)
 * Added support for 'private_key_file' option for RSA signatures (Chris Mear)
 
 ### Changed
-
 * Improved RSA testing
 * Omit token when signing with RSA
 
 ### Fixed
-
 * Fixed RSA verification to support RSA providers now using Ruby and RSA
 * Fixed several edge cases where params were being incorrectly signed (Scott Hill)
 * Fixed RSA signing (choonkeat)
@@ -409,7 +380,6 @@ The lets RSA release
 Lets actually support SSL release
 
 ### Fixed
-
 * Use HTTPS when required.
 
 ## 0.2 2008-1-19
@@ -421,63 +391,40 @@ but please have a look at the unit tests.
 
 ## 0.1.2 2007-12-1
 ### Fixed
-
 * Fixed checks for missing OAuth params to improve performance
 * Includes Pat's fix for getting the realm out.
 
 ## 0.1.1 2007-11-26
 ### Added
-
 * First release as a GEM
 * Moved all non-Rails functionality from the Rails plugin:
   http://code.google.com/p/oauth-plugin/
 
-[Unreleased]: https://github.com/oauth-xx/oauth-ruby/compare/v0.5.6...HEAD
-
-[0.3.0]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.3.0
-
-[0.3.1]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.3.1
-
-[0.3.2]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.3.2
-
-[0.3.3]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.3.3
-
-[0.3.4]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.3.4
-
-[0.3.5]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.3.5
-
-[0.3.6]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.3.6
-
-[0.4.0]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.4.0
-
-[0.4.1]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.4.1
-
-[0.4.2]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.4.2
-
-[0.4.3]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.4.3
-
-[0.4.4]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.4.4
-
-[0.4.5]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.4.5
-
-[0.4.6]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.4.6
-
-[0.4.7]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.4.7
-
-[0.5.0]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.0
-
-[0.5.1]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.1
-
-[0.5.2]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.2
-
-[0.5.3]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.3
-
-[0.5.4]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.4
-
-[0.5.5]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.5
-
-[0.5.6]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.6
-
-[0.5.7]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.7
-
+[Unreleased]: https://github.com/oauth-xx/oauth-ruby/compare/v0.6.0...v0.6-maintenance
+[0.6.0]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.6.0
+[0.5.10]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.10
+[0.5.9]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.9
 [0.5.8]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.8
+[0.5.7]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.7
+[0.5.6]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.6
+[0.5.5]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.5
+[0.5.4]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.4
+[0.5.3]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.3
+[0.5.2]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.2
+[0.5.1]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.1
+[0.5.0]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.5.0
+[0.4.7]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.4.7
+[0.4.6]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.4.6
+[0.4.5]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.4.5
+[0.4.4]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.4.4
+[0.4.3]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.4.3
+[0.4.2]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.4.2
+[0.4.1]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.4.1
+[0.4.0]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.4.0
+[0.3.6]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.3.6
+[0.3.5]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.3.5
+[0.3.4]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.3.4
+[0.3.3]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.3.3
+[0.3.2]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.3.2
+[0.3.1]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.3.1
+[0.3.0]: https://github.com/oauth-xx/oauth-ruby/releases/tag/v0.3.0