oauth2 1.4.9 → 2.0.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +73 -23
- data/CONTRIBUTING.md +18 -0
- data/README.md +140 -69
- data/SECURITY.md +14 -0
- data/lib/oauth2/access_token.rb +28 -19
- data/lib/oauth2/authenticator.rb +9 -4
- data/lib/oauth2/client.rb +74 -60
- data/lib/oauth2/error.rb +27 -18
- data/lib/oauth2/response.rb +61 -19
- data/lib/oauth2/snaky_hash.rb +8 -0
- data/lib/oauth2/strategy/assertion.rb +63 -38
- data/lib/oauth2/strategy/auth_code.rb +12 -1
- data/lib/oauth2/strategy/implicit.rb +7 -0
- data/lib/oauth2/version.rb +17 -19
- data/lib/oauth2.rb +14 -1
- metadata +82 -77
- data/lib/oauth2/mac_token.rb +0 -130
- data/spec/fixtures/README.md +0 -11
- data/spec/fixtures/RS256/jwtRS256.key +0 -51
- data/spec/fixtures/RS256/jwtRS256.key.pub +0 -14
- data/spec/helper.rb +0 -33
- data/spec/oauth2/access_token_spec.rb +0 -218
- data/spec/oauth2/authenticator_spec.rb +0 -86
- data/spec/oauth2/client_spec.rb +0 -556
- data/spec/oauth2/mac_token_spec.rb +0 -122
- data/spec/oauth2/response_spec.rb +0 -96
- data/spec/oauth2/strategy/assertion_spec.rb +0 -113
- data/spec/oauth2/strategy/auth_code_spec.rb +0 -108
- data/spec/oauth2/strategy/base_spec.rb +0 -7
- data/spec/oauth2/strategy/client_credentials_spec.rb +0 -71
- data/spec/oauth2/strategy/implicit_spec.rb +0 -28
- data/spec/oauth2/strategy/password_spec.rb +0 -58
- data/spec/oauth2/version_spec.rb +0 -23
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4f893ee5488c3e0e61af487f370c4551217ec539c4f5d5acc503911a5b2c8f99
|
4
|
+
data.tar.gz: a241433f0dbd5cb551bbd381841d2c1e25e4ef39335a2210f25b938b20fc6f29
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8c2677bd855e0935c95af8709ef5a04dcbea75e0143a05bc93eec89e3b9e29c643371afade072400aeffced32bc26999b8138277fecca5ddf916363486efad0a
|
7
|
+
data.tar.gz: c226b23b31be3ab8c27ce8d7eec08675fe74a49c76299083e1aabe135bd836a5fbc2163bdb49d264e677d1e48b1452ab8ebec3db45bccdf0b3dab958aff0bf94
|
data/CHANGELOG.md
CHANGED
@@ -1,10 +1,74 @@
|
|
1
|
-
#
|
1
|
+
# Changelog
|
2
2
|
All notable changes to this project will be documented in this file.
|
3
3
|
|
4
|
-
|
4
|
+
The format (since v2.0.0) is based on [Keep a Changelog v1](https://keepachangelog.com/en/1.0.0/),
|
5
|
+
and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.0.0.html).
|
5
6
|
|
6
|
-
## [
|
7
|
+
## [Unreleased]
|
8
|
+
### Added
|
9
|
+
- [#158](https://github.com/oauth-xx/oauth2/pull/158), [#344](https://github.com/oauth-xx/oauth2/pull/344) - Optionally pass raw response to parsers (@niels)
|
10
|
+
- [#190](https://github.com/oauth-xx/oauth2/pull/190), [#332](https://github.com/oauth-xx/oauth2/pull/332), [#334](https://github.com/oauth-xx/oauth2/pull/334), [#335](https://github.com/oauth-xx/oauth2/pull/335), [#360](https://github.com/oauth-xx/oauth2/pull/360), [#426](https://github.com/oauth-xx/oauth2/pull/426), [#427](https://github.com/oauth-xx/oauth2/pull/427), [#461](https://github.com/oauth-xx/oauth2/pull/461) - Documentation (@josephpage, @pboling, @meganemura, @joshRpowell, @elliotcm)
|
11
|
+
- [#220](https://github.com/oauth-xx/oauth2/pull/220) - Support IETF rfc7523 JWT Bearer Tokens Draft 04+ (@jhmoore)
|
12
|
+
- [#298](https://github.com/oauth-xx/oauth2/pull/298) - Set the response object on the access token on Client#get_token for debugging (@cpetschnig)
|
13
|
+
- [#305](https://github.com/oauth-xx/oauth2/pull/305) - Option: `OAuth2::Client#get_token` - `:access_token_class` (`AccessToken`); user specified class to use for all calls to `get_token` (@styd)
|
14
|
+
- [#346](https://github.com/oauth-xx/oauth2/pull/571) - Modern gem structure (@pboling)
|
15
|
+
- [#351](https://github.com/oauth-xx/oauth2/pull/351) - Support Jruby 9k (@pboling)
|
16
|
+
- [#362](https://github.com/oauth-xx/oauth2/pull/362) - Support SemVer release version scheme (@pboling)
|
17
|
+
- [#363](https://github.com/oauth-xx/oauth2/pull/363) - New method `OAuth2::AccessToken#refresh!` same as old `refresh`, with backwards compatibility alias (@pboling)
|
18
|
+
- [#364](https://github.com/oauth-xx/oauth2/pull/364) - Support `application/hal+json` format (@pboling)
|
19
|
+
- [#365](https://github.com/oauth-xx/oauth2/pull/365) - Support `application/vnd.collection+json` format (@pboling)
|
20
|
+
- [#376](https://github.com/oauth-xx/oauth2/pull/376) - _Documentation_: Example / Test for Google 2-legged JWT (@jhmoore)
|
21
|
+
- [#381](https://github.com/oauth-xx/oauth2/pull/381) - Spec for extra header params on client credentials (@nikz)
|
22
|
+
- [#394](https://github.com/oauth-xx/oauth2/pull/394) - Option: `OAuth2::AccessToken#initialize` - `:expires_latency` (`nil`); number of seconds by which AccessToken validity will be reduced to offset latency (@klippx)
|
23
|
+
- [#412](https://github.com/oauth-xx/oauth2/pull/412) - Support `application/vdn.api+json` format (from jsonapi.org) (@david-christensen)
|
24
|
+
- [#413](https://github.com/oauth-xx/oauth2/pull/413) - _Documentation_: License scan and report (@meganemura)
|
25
|
+
- [#442](https://github.com/oauth-xx/oauth2/pull/442) - Option: `OAuth2::Client#initialize` - `:logger` (`::Logger.new($stdout)`) logger to use when OAUTH_DEBUG is enabled (for parity with `1-4-stable` branch) (@rthbound)
|
26
|
+
- [#494](https://github.com/oauth-xx/oauth2/pull/494) - Support [OIDC 1.0 Private Key JWT](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication); based on the OAuth JWT assertion specification [(RFC 7523)](https://tools.ietf.org/html/rfc7523) (@SteveyblamWork)
|
27
|
+
- [#549](https://github.com/oauth-xx/oauth2/pull/549) - Wrap `Faraday::ConnectionFailed` in `OAuth2::ConnectionFailed` (@nikkypx)
|
28
|
+
- [#550](https://github.com/oauth-xx/oauth2/pull/550) - Raise error if location header not present when redirecting (@stanhu)
|
29
|
+
- [#552](https://github.com/oauth-xx/oauth2/pull/552) - Add missing `version.rb` require (@ahorek)
|
30
|
+
- [#553](https://github.com/oauth-xx/oauth2/pull/553) - Support `application/problem+json` format (@janz93)
|
31
|
+
- [#560](https://github.com/oauth-xx/oauth2/pull/560) - Support IETF rfc6749, section 2.3.1 - don't set auth params when `nil` (@bouk)
|
32
|
+
- [#571](https://github.com/oauth-xx/oauth2/pull/571) - Support Ruby 3.1 (@pboling)
|
33
|
+
- [#575](https://github.com/oauth-xx/oauth2/pull/575) - Support IETF rfc7231, section 7.1.2 - relative location in redirect (@pboling)
|
34
|
+
- [#581](https://github.com/oauth-xx/oauth2/pull/581) - _Documentation_: of breaking changes (@pboling)
|
35
|
+
### Changed
|
36
|
+
- [#191](https://github.com/oauth-xx/oauth2/pull/191) - **BREAKING**: Token is expired if `expired_at` time is `now` (@davestevens)
|
37
|
+
- [#312](https://github.com/oauth-xx/oauth2/pull/312) - **BREAKING**: Set `:basic_auth` as default for `:auth_scheme` instead of `:request_body`. This was default behavior before 1.3.0. (@tetsuya, @wy193777)
|
38
|
+
- [#317](https://github.com/oauth-xx/oauth2/pull/317) - _Dependency_: Upgrade `jwt` to 2.x.x (@travisofthenorth)
|
39
|
+
- [#338](https://github.com/oauth-xx/oauth2/pull/338) - _Dependency_: Switch from `Rack::Utils.escape` to `CGI.escape` (@josephpage)
|
40
|
+
- [#339](https://github.com/oauth-xx/oauth2/pull/339), [#368](https://github.com/oauth-xx/oauth2/pull/368), [#424](https://github.com/oauth-xx/oauth2/pull/424), [#479](https://github.com/oauth-xx/oauth2/pull/479), [#493](https://github.com/oauth-xx/oauth2/pull/493), [#539](https://github.com/oauth-xx/oauth2/pull/539), [#542](https://github.com/oauth-xx/oauth2/pull/542), [#553](https://github.com/oauth-xx/oauth2/pull/553) - CI Updates, code coverage, linting, spelling, type fixes, New VERSION constant (@pboling, @josephpage, @ahorek)
|
41
|
+
- [#410](https://github.com/oauth-xx/oauth2/pull/410) - **BREAKING**: Removed the ability to call .error from an OAuth2::Response object (@jhmoore)
|
42
|
+
- [#414](https://github.com/oauth-xx/oauth2/pull/414) - Use Base64.strict_encode64 instead of custom internal logic (@meganemura)
|
43
|
+
- [#489](https://github.com/oauth-xx/oauth2/pull/489) - **BREAKING**: Default value for option `OAuth2::Client` - `:authorize_url` removed leading slash to work with relative paths by default (`'oauth/authorize'`) (@ghost)
|
44
|
+
- [#489](https://github.com/oauth-xx/oauth2/pull/489) - **BREAKING**: Default value for option `OAuth2::Client` - `:token_url` removed leading slash to work with relative paths by default (`'oauth/token'`) (@ghost)
|
45
|
+
- [#576](https://github.com/oauth-xx/oauth2/pull/576) - **BREAKING**: Stop rescuing parsing errors (@pboling)
|
46
|
+
- [#591](https://github.com/oauth-xx/oauth2/pull/576) - _DEPRECATION_: `OAuth2::Client` - `:extract_access_token` option is deprecated
|
47
|
+
### Fixed
|
48
|
+
- [#158](https://github.com/oauth-xx/oauth2/pull/158), [#344](https://github.com/oauth-xx/oauth2/pull/344) - Handling of errors when using `omniauth-facebook` (@niels)
|
49
|
+
- [#294](https://github.com/oauth-xx/oauth2/pull/294) - Fix: "Unexpected middleware set" issue with Faraday when `OAUTH_DEBUG=true` (@spectator, @gafrom)
|
50
|
+
- [#300](https://github.com/oauth-xx/oauth2/pull/300) - _Documentation_: `Oauth2::Error` - Error codes are strings, not symbols (@NobodysNightmare)
|
51
|
+
- [#318](https://github.com/oauth-xx/oauth2/pull/318), [#326](https://github.com/oauth-xx/oauth2/pull/326), [#343](https://github.com/oauth-xx/oauth2/pull/343), [#347](https://github.com/oauth-xx/oauth2/pull/347), [#397](https://github.com/oauth-xx/oauth2/pull/397), [#464](https://github.com/oauth-xx/oauth2/pull/464), [#561](https://github.com/oauth-xx/oauth2/pull/561), [#565](https://github.com/oauth-xx/oauth2/pull/565) - _Dependency_: Support all versions of `faraday` (see [gemfiles/README.md][gemfiles/readme] for compatibility matrix with Ruby engines & versions) (@pboling, @raimondasv, @zacharywelch, @Fudoshiki, @ryogift, @sj26, @jdelStrother)
|
52
|
+
- [#322](https://github.com/oauth-xx/oauth2/pull/322), [#331](https://github.com/oauth-xx/oauth2/pull/331), [#337](https://github.com/oauth-xx/oauth2/pull/337), [#361](https://github.com/oauth-xx/oauth2/pull/361), [#371](https://github.com/oauth-xx/oauth2/pull/371), [#377](https://github.com/oauth-xx/oauth2/pull/377), [#383](https://github.com/oauth-xx/oauth2/pull/383), [#392](https://github.com/oauth-xx/oauth2/pull/392), [#395](https://github.com/oauth-xx/oauth2/pull/395), [#400](https://github.com/oauth-xx/oauth2/pull/400), [#401](https://github.com/oauth-xx/oauth2/pull/401), [#403](https://github.com/oauth-xx/oauth2/pull/403), [#415](https://github.com/oauth-xx/oauth2/pull/415), [#567](https://github.com/oauth-xx/oauth2/pull/567) - Updated Rubocop, Rubocop plugins and improved code style (@pboling, @bquorning, @lautis, @spectator)
|
53
|
+
- [#328](https://github.com/oauth-xx/oauth2/pull/328) - _Documentation_: Homepage URL is SSL (@amatsuda)
|
54
|
+
- [#339](https://github.com/oauth-xx/oauth2/pull/339), [#479](https://github.com/oauth-xx/oauth2/pull/479) - Update testing infrastructure for all supported Rubies (@pboling and @josephpage)
|
55
|
+
- [#366](https://github.com/oauth-xx/oauth2/pull/366) - **Security**: Fix logging to `$stdout` of request and response bodies via Faraday's logger and `ENV["OAUTH_DEBUG"] == 'true'` (@pboling)
|
56
|
+
- [#380](https://github.com/oauth-xx/oauth2/pull/380) - Fix: Stop attempting to encode non-encodable objects in `Oauth2::Error` (@jhmoore)
|
57
|
+
- [#399](https://github.com/oauth-xx/oauth2/pull/399) - Fix: Stop duplicating `redirect_uri` in `get_token` (@markus)
|
58
|
+
- [#410](https://github.com/oauth-xx/oauth2/pull/410) - Fix: `SystemStackError` caused by circular reference between Error and Response classes (@jhmoore)
|
59
|
+
- [#460](https://github.com/oauth-xx/oauth2/pull/460) - Fix: Stop throwing errors when `raise_errors` is set to `false`; analog of [#524](https://github.com/oauth-xx/oauth2/pull/524) for `1-4-stable` branch (@joaolrpaulo)
|
60
|
+
- [#472](https://github.com/oauth-xx/oauth2/pull/472) - **Security**: Add checks to enforce `client_secret` is *never* passed in authorize_url query params for `implicit` and `auth_code` grant types (@dfockler)
|
61
|
+
- [#482](https://github.com/oauth-xx/oauth2/pull/482) - _Documentation_: Update last of `intridea` links to `oauth-xx` (@pboling)
|
62
|
+
- [#536](https://github.com/oauth-xx/oauth2/pull/536) - **Security**: Compatibility with more (and recent) Ruby OpenSSL versions, Github Actions, Rubocop updated, analogous to [#535](https://github.com/oauth-xx/oauth2/pull/535) on `1-4-stable` branch (@pboling)
|
63
|
+
### Removed
|
64
|
+
- [#341](https://github.com/oauth-xx/oauth2/pull/341) - Remove Rdoc & Jeweler related files (@josephpage)
|
65
|
+
- [#342](https://github.com/oauth-xx/oauth2/pull/342) - **BREAKING**: Dropped support for Ruby 1.8 (@josephpage)
|
66
|
+
- [#539](https://github.com/oauth-xx/oauth2/pull/539) - Remove reliance on globally included OAuth2 in tests, analog of [#538](https://github.com/oauth-xx/oauth2/pull/538) for 1-4-stable (@anderscarling)
|
67
|
+
- [#566](https://github.com/oauth-xx/oauth2/pull/566) - _Dependency_: Removed `wwtd` (@bquorning)
|
68
|
+
- [#589](https://github.com/oauth-xx/oauth2/pull/589), [#593](https://github.com/oauth-xx/oauth2/pull/593) - Remove support for expired MAC token draft spec (@stanhu)
|
69
|
+
- [#590](https://github.com/oauth-xx/oauth2/pull/590) - _Dependency_: Removed `multi_json` (@stanhu)
|
7
70
|
|
71
|
+
## [1.4.9] - 2022-02-20
|
8
72
|
- Fixes compatibility with Faraday v2 [572](https://github.com/oauth-xx/oauth2/issues/572)
|
9
73
|
- Includes supported versions of Faraday in test matrix:
|
10
74
|
- Faraday ~> 2.2.0 with Ruby >= 2.6
|
@@ -13,7 +77,6 @@ All notable changes to this project will be documented in this file.
|
|
13
77
|
- Add Windows and MacOS to test matrix
|
14
78
|
|
15
79
|
## [1.4.8] - 2022-02-18
|
16
|
-
|
17
80
|
- MFA is now required to push new gem versions (@pboling)
|
18
81
|
- README overhaul w/ new Ruby Verion and Engine compatibility policies (@pboling)
|
19
82
|
- [#569](https://github.com/oauth-xx/oauth2/pull/569) Backport fixes ([#561](https://github.com/oauth-xx/oauth2/pull/561) by @ryogift), and add more fixes, to allow faraday 1.x and 2.x (@jrochkind)
|
@@ -23,40 +86,33 @@ All notable changes to this project will be documented in this file.
|
|
23
86
|
- [#543](https://github.com/oauth-xx/oauth2/pull/543) - Support for more modern Open SSL libraries (@pboling)
|
24
87
|
|
25
88
|
## [1.4.7] - 2021-03-19
|
26
|
-
|
27
89
|
- [#541](https://github.com/oauth-xx/oauth2/pull/541) - Backport fix to expires_at handling [#533](https://github.com/oauth-xx/oauth2/pull/533) to 1-4-stable branch. (@dobon)
|
28
90
|
|
29
91
|
## [1.4.6] - 2021-03-19
|
30
|
-
|
31
92
|
- [#540](https://github.com/oauth-xx/oauth2/pull/540) - Add VERSION constant (@pboling)
|
32
93
|
- [#537](https://github.com/oauth-xx/oauth2/pull/537) - Fix crash in OAuth2::Client#get_token (@anderscarling)
|
33
|
-
- [#538](https://github.com/oauth-xx/oauth2/pull/538) - Remove reliance on globally included OAuth2 in tests
|
94
|
+
- [#538](https://github.com/oauth-xx/oauth2/pull/538) - Remove reliance on globally included OAuth2 in tests, analogous to [#539](https://github.com/oauth-xx/oauth2/pull/539) on master branch (@anderscarling)
|
34
95
|
|
35
96
|
## [1.4.5] - 2021-03-18
|
36
|
-
|
37
|
-
- [#535](https://github.com/oauth-xx/oauth2/pull/535) - Compatibility with range of supported Ruby OpenSSL versions, Rubocop updates, Github Actions (@pboling)
|
97
|
+
- [#535](https://github.com/oauth-xx/oauth2/pull/535) - Compatibility with range of supported Ruby OpenSSL versions, Rubocop updates, Github Actions, analogous to [#536](https://github.com/oauth-xx/oauth2/pull/536) on master branch (@pboling)
|
38
98
|
- [#518](https://github.com/oauth-xx/oauth2/pull/518) - Add extract_access_token option to OAuth2::Client (@jonspalmer)
|
39
99
|
- [#507](https://github.com/oauth-xx/oauth2/pull/507) - Fix camel case content type, response keys (@anvox)
|
40
100
|
- [#500](https://github.com/oauth-xx/oauth2/pull/500) - Fix YARD documentation formatting (@olleolleolle)
|
41
101
|
|
42
102
|
## [1.4.4] - 2020-02-12
|
43
|
-
|
44
103
|
- [#408](https://github.com/oauth-xx/oauth2/pull/408) - Fixed expires_at for formatted time (@Lomey)
|
45
104
|
|
46
105
|
## [1.4.3] - 2020-01-29
|
47
|
-
|
48
106
|
- [#483](https://github.com/oauth-xx/oauth2/pull/483) - add project metadata to gemspec (@orien)
|
49
107
|
- [#495](https://github.com/oauth-xx/oauth2/pull/495) - support additional types of access token requests (@SteveyblamFreeagent, @thomcorley, @dgholz)
|
50
108
|
- Adds support for private_key_jwt and tls_client_auth
|
51
109
|
- [#433](https://github.com/oauth-xx/oauth2/pull/433) - allow field names with square brackets and numbers in params (@asm256)
|
52
110
|
|
53
111
|
## [1.4.2] - 2019-10-01
|
54
|
-
|
55
112
|
- [#478](https://github.com/oauth-xx/oauth2/pull/478) - support latest version of faraday & fix build (@pboling)
|
56
|
-
-
|
113
|
+
- Officially support Ruby 2.6 and truffleruby
|
57
114
|
|
58
115
|
## [1.4.1] - 2018-10-13
|
59
|
-
|
60
116
|
- [#417](https://github.com/oauth-xx/oauth2/pull/417) - update jwt dependency (@thewoolleyman)
|
61
117
|
- [#419](https://github.com/oauth-xx/oauth2/pull/419) - remove rubocop dependency (temporary, added back in [#423](https://github.com/oauth-xx/oauth2/pull/423)) (@pboling)
|
62
118
|
- [#418](https://github.com/oauth-xx/oauth2/pull/418) - update faraday dependency (@pboling)
|
@@ -83,19 +139,16 @@ All notable changes to this project will be documented in this file.
|
|
83
139
|
[jruby-9.2]: https://www.jruby.org/2018/05/24/jruby-9-2-0-0.html
|
84
140
|
|
85
141
|
## [1.4.0] - 2017-06-09
|
86
|
-
|
87
142
|
- Drop Ruby 1.8.7 support (@sferik)
|
88
143
|
- Fix some RuboCop offenses (@sferik)
|
89
144
|
- _Dependency_: Remove Yardstick (@sferik)
|
90
145
|
- _Dependency_: Upgrade Faraday to 0.12 (@sferik)
|
91
146
|
|
92
147
|
## [1.3.1] - 2017-03-03
|
93
|
-
|
94
148
|
- Add support for Ruby 2.4.0 (@pschambacher)
|
95
149
|
- _Dependency_: Upgrade Faraday to Faraday 0.11 (@mcfiredrill, @rhymes, @pschambacher)
|
96
150
|
|
97
151
|
## [1.3.0] - 2016-12-28
|
98
|
-
|
99
152
|
- Add support for header-based authentication to the `Client` so it can be used across the library (@bjeanes)
|
100
153
|
- Default to header-based authentication when getting a token from an authorisation code (@maletor)
|
101
154
|
- **Breaking**: Allow an `auth_scheme` (`:basic_auth` or `:request_body`) to be set on the client, defaulting to `:request_body` to maintain backwards compatibility (@maletor, @bjeanes)
|
@@ -105,24 +158,20 @@ All notable changes to this project will be documented in this file.
|
|
105
158
|
- Add support for Faraday 0.10 (@rhymes)
|
106
159
|
|
107
160
|
## [1.2.0] - 2016-07-01
|
108
|
-
|
109
161
|
- Properly handle encoding of error responses (so we don't blow up, for example, when Google's response includes a ∞) (@Motoshi-Nishihira)
|
110
162
|
- Make a copy of the options hash in `AccessToken#from_hash` to avoid accidental mutations (@Linuus)
|
111
163
|
- Use `raise` rather than `fail` to throw exceptions (@sferik)
|
112
164
|
|
113
165
|
## [1.1.0] - 2016-01-30
|
114
|
-
|
115
166
|
- Various refactors (eliminating `Hash#merge!` usage in `AccessToken#refresh!`, use `yield` instead of `#call`, freezing mutable objects in constants, replacing constants with class variables) (@sferik)
|
116
167
|
- Add support for Rack 2, and bump various other dependencies (@sferik)
|
117
168
|
|
118
169
|
## [1.0.0] - 2014-07-09
|
119
|
-
|
120
170
|
### Added
|
121
171
|
- Add an implementation of the MAC token spec.
|
122
172
|
|
123
173
|
### Fixed
|
124
174
|
- Fix Base64.strict_encode64 incompatibility with Ruby 1.8.7.
|
125
|
-
|
126
175
|
## [0.5.0] - 2011-07-29
|
127
176
|
|
128
177
|
### Changed
|
@@ -158,7 +207,7 @@ All notable changes to this project will be documented in this file.
|
|
158
207
|
|
159
208
|
## [0.0.4] + [0.0.3] + [0.0.2] + [0.0.1] - 2010-04-22
|
160
209
|
|
161
|
-
|
210
|
+
[Unreleased]: https://github.com/oauth-xx/oauth2/compare/v1.4.9...HEAD
|
162
211
|
[0.0.1]: https://github.com/oauth-xx/oauth2/compare/311d9f4...v0.0.1
|
163
212
|
[0.0.2]: https://github.com/oauth-xx/oauth2/compare/v0.0.1...v0.0.2
|
164
213
|
[0.0.3]: https://github.com/oauth-xx/oauth2/compare/v0.0.2...v0.0.3
|
@@ -193,4 +242,5 @@ All notable changes to this project will be documented in this file.
|
|
193
242
|
[1.4.6]: https://github.com/oauth-xx/oauth2/compare/v1.4.5...v1.4.6
|
194
243
|
[1.4.7]: https://github.com/oauth-xx/oauth2/compare/v1.4.6...v1.4.7
|
195
244
|
[1.4.8]: https://github.com/oauth-xx/oauth2/compare/v1.4.7...v1.4.8
|
196
|
-
[
|
245
|
+
[1.4.9]: https://github.com/oauth-xx/oauth2/compare/v1.4.8...v1.4.9
|
246
|
+
[gemfiles/readme]: gemfiles/README.md
|
data/CONTRIBUTING.md
ADDED
@@ -0,0 +1,18 @@
|
|
1
|
+
## Submitting a Pull Request
|
2
|
+
1. [Fork the repository.][fork]
|
3
|
+
2. [Create a topic branch.][branch]
|
4
|
+
3. Add specs for your unimplemented feature or bug fix.
|
5
|
+
4. Run `bundle exec rake spec`. If your specs pass, return to step 3.
|
6
|
+
5. Implement your feature or bug fix.
|
7
|
+
6. Run `bundle exec rake`. If your specs fail, return to step 5.
|
8
|
+
7. Run `open coverage/index.html`. If your changes are not completely covered
|
9
|
+
by your tests, return to step 3.
|
10
|
+
8. Add documentation for your feature or bug fix.
|
11
|
+
9. Run `bundle exec rake verify_measurements`. If your changes are not 100%
|
12
|
+
documented, go back to step 8.
|
13
|
+
10. Commit and push your changes.
|
14
|
+
11. [Submit a pull request.][pr]
|
15
|
+
|
16
|
+
[fork]: http://help.github.com/fork-a-repo/
|
17
|
+
[branch]: http://learn.github.com/p/branching.html
|
18
|
+
[pr]: http://help.github.com/send-pull-requests/
|
data/README.md
CHANGED
@@ -1,8 +1,8 @@
|
|
1
1
|
<p align="center">
|
2
|
-
<a href="http://oauth.net/2/" target="_blank" rel="noopener
|
2
|
+
<a href="http://oauth.net/2/" target="_blank" rel="noopener">
|
3
3
|
<img src="https://github.com/oauth-xx/oauth2/raw/master/docs/images/logo/oauth2-logo-124px.png?raw=true" alt="OAuth 2.0 Logo by Chris Messina, CC BY-SA 3.0">
|
4
4
|
</a>
|
5
|
-
<a href="https://www.ruby-lang.org/" target="_blank" rel="noopener
|
5
|
+
<a href="https://www.ruby-lang.org/" target="_blank" rel="noopener">
|
6
6
|
<img width="124px" src="https://github.com/oauth-xx/oauth2/raw/master/docs/images/logo/ruby-logo-198px.svg?raw=true" alt="Yukihiro Matsumoto, Ruby Visual Identity Team, CC BY-SA 2.5">
|
7
7
|
</a>
|
8
8
|
</p>
|
@@ -15,29 +15,36 @@ OAuth 2.0 focuses on client developer simplicity while providing specific author
|
|
15
15
|
This is a RubyGem for implementing OAuth 2.0 clients and servers in Ruby applications.
|
16
16
|
See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby.
|
17
17
|
|
18
|
-
⚠️ **_WARNING_**: You are viewing the `README` of the soon-to-be-deprecated `1-4-stable`
|
19
|
-
branch which for version 1.4.x releases. Version 2.0 is coming! ⚠️
|
20
|
-
|
21
18
|
---
|
22
19
|
|
23
20
|
* [OAuth 2.0 Spec][oauth2-spec]
|
24
|
-
* [
|
25
|
-
* Help us finish release [![2.0.0 release milestone][next-milestone-pct-img]][next-milestone-pct] by submitting or reviewing PRs and issues.
|
26
|
-
* Oauth2 gem is _always_ looking for additional maintainers. See [#307][maintainers-discussion].
|
21
|
+
* [oauth sibling gem][sibling-gem] for OAuth 1.0 implementations in Ruby.
|
27
22
|
|
28
23
|
[oauth2-spec]: https://oauth.net/2/
|
29
24
|
[sibling-gem]: https://github.com/oauth-xx/oauth-ruby
|
30
25
|
[next-milestone-pct]: https://github.com/oauth-xx/oauth2/milestone/1
|
31
26
|
[next-milestone-pct-img]: https://img.shields.io/github/milestones/progress-percent/oauth-xx/oauth2/1
|
32
|
-
[maintainers-discussion]: https://github.com/oauth-xx/oauth2/issues/307
|
33
27
|
|
34
28
|
## Release Documentation
|
35
29
|
|
30
|
+
### Version 2.0.x
|
31
|
+
|
32
|
+
<details>
|
33
|
+
<summary>2.0.x Readmes</summary>
|
34
|
+
|
35
|
+
| Version | Release Date | Readme |
|
36
|
+
|---------|--------------|----------------------------------------------------------|
|
37
|
+
| 2.0.0 | Soon | https://github.com/oauth-xx/oauth2/blob/master/README.md |
|
38
|
+
</details>
|
39
|
+
|
40
|
+
### Older Releases
|
41
|
+
|
36
42
|
<details>
|
37
43
|
<summary>1.4.x Readmes</summary>
|
38
44
|
|
39
45
|
| Version | Release Date | Readme |
|
40
46
|
|---------|--------------|----------------------------------------------------------|
|
47
|
+
| 1.4.9 | Feb 20, 2022 | https://github.com/oauth-xx/oauth2/blob/v1.4.9/README.md |
|
41
48
|
| 1.4.8 | Feb 18, 2022 | https://github.com/oauth-xx/oauth2/blob/v1.4.8/README.md |
|
42
49
|
| 1.4.7 | Mar 19, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.7/README.md |
|
43
50
|
| 1.4.6 | Mar 19, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.6/README.md |
|
@@ -69,6 +76,8 @@ branch which for version 1.4.x releases. Version 2.0 is coming! ⚠️
|
|
69
76
|
| < 1.0.0 | Find here | https://github.com/oauth-xx/oauth2/tags |
|
70
77
|
</details>
|
71
78
|
|
79
|
+
## Status
|
80
|
+
|
72
81
|
<!--
|
73
82
|
Numbering rows and badges in each row as a visual "database" lookup,
|
74
83
|
as the table is extremely dense, and it can be very difficult to find anything
|
@@ -91,17 +100,20 @@ badge #s:
|
|
91
100
|
🖐
|
92
101
|
🧮
|
93
102
|
📗
|
103
|
+
|
104
|
+
appended indicators:
|
105
|
+
♻️ - URL needs to be updated from SASS integration. Find / Replace is insufficient.
|
94
106
|
-->
|
95
107
|
|
96
|
-
| | Project | oauth2
|
97
|
-
|
98
|
-
| 1️⃣ | name, license, docs | [![RubyGems.org][⛳️name-img]][⛳️gem] [![License: MIT][🖇src-license-img]][🖇src-license] [![FOSSA][🏘fossa-img]][🏘fossa] [![RubyDoc.info][🚎yard-img]][🚎yard] [![InchCI][🖐inch-ci-img]][🚎yard]
|
99
|
-
| 2️⃣ | version & activity | [![Gem Version][⛳️version-img]][⛳️gem] [![Total Downloads][🖇DL-total-img]][⛳️gem] [![Download Rank][🏘DL-rank-img]][⛳️gem] [![Source Code][🚎src-home-img]][🚎src-home] [![Open PRs][🖐prs-
|
100
|
-
| 3️⃣ | maintanence & linting | [![Maintainability][⛳cclim-maint-img]][⛳cclim-maint] [![Helpers][🖇triage-help-img]][🖇triage-help] [![Depfu][🏘depfu-img]][🏘depfu] [![Contributors][🚎contributors-img]][🚎contributors] [![Style][🖐style-wf-img]][🖐style-wf] [![Kloc Roll][🧮kloc-img]][🧮kloc]
|
101
|
-
| 4️⃣ | testing | [![
|
102
|
-
| 5️⃣ | coverage & security | [![CodeClimate][⛳cclim-cov-img]][⛳cclim-cov] [![CodeCov][🖇codecov-img]][🖇codecov] [![Coveralls][🏘coveralls-img]][🏘coveralls] [![Security Policy][🚎sec-pol-img]][🚎sec-pol] [![CodeQL][🖐codeQL-img]][🖐codeQL]
|
103
|
-
| 6️⃣ | resources | [![Discussion][⛳gh-discussions-img]][⛳gh-discussions] [![Get help on Codementor][🖇codementor-img]][🖇codementor] [![Chat][🏘chat-img]][🏘chat] [![Blog][🚎blog-img]][🚎blog] [![Blog][🖐wiki-img]][🖐wiki]
|
104
|
-
| 7️⃣ | spread 💖 | [![Liberapay Patrons][⛳liberapay-img]][⛳liberapay] [![Sponsor Me][🖇sponsor-img]][🖇sponsor] [![Tweet @ Peter][🏘tweet-img]][🏘tweet] [🌏][aboutme] [👼][angelme] [💻][coderme] [🌹][politicme]
|
108
|
+
| | Project | bundle add oauth2 |
|
109
|
+
|:----|-----------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
110
|
+
| 1️⃣ | name, license, docs | [![RubyGems.org][⛳️name-img]][⛳️gem] [![License: MIT][🖇src-license-img]][🖇src-license] [![FOSSA][🏘fossa-img]][🏘fossa] [![RubyDoc.info][🚎yard-img]][🚎yard] [![InchCI][🖐inch-ci-img]][🚎yard] |
|
111
|
+
| 2️⃣ | version & activity | [![Gem Version][⛳️version-img]][⛳️gem] [![Total Downloads][🖇DL-total-img]][⛳️gem] [![Download Rank][🏘DL-rank-img]][⛳️gem] [![Source Code][🚎src-home-img]][🚎src-home] [![Open PRs][🖐prs-o-img]][🖐prs-o] [![Closed PRs][🧮prs-c-img]][🧮prs-c] [![Next Version][📗next-img]][📗next] |
|
112
|
+
| 3️⃣ | maintanence & linting | [![Maintainability][⛳cclim-maint-img♻️]][⛳cclim-maint] [![Helpers][🖇triage-help-img]][🖇triage-help] [![Depfu][🏘depfu-img♻️]][🏘depfu♻️] [![Contributors][🚎contributors-img]][🚎contributors] [![Style][🖐style-wf-img]][🖐style-wf] [![Kloc Roll][🧮kloc-img]][🧮kloc] |
|
113
|
+
| 4️⃣ | testing | [![Open Issues][⛳iss-o-img]][⛳iss-o] [![Closed Issues][🖇iss-c-img]][🖇iss-c] [![Supported][🏘sup-wf-img]][🏘sup-wf] [![Heads][🚎heads-wf-img]][🚎heads-wf] [![Unofficial Support][🖐uns-wf-img]][🖐uns-wf] [![MacOS][🧮mac-wf-img]][🧮mac-wf] [![Windows][📗win-wf-img]][📗win-wf] |
|
114
|
+
| 5️⃣ | coverage & security | [![CodeClimate][⛳cclim-cov-img♻️]][⛳cclim-cov] [![CodeCov][🖇codecov-img♻️]][🖇codecov] [![Coveralls][🏘coveralls-img]][🏘coveralls] [![Security Policy][🚎sec-pol-img]][🚎sec-pol] [![CodeQL][🖐codeQL-img]][🖐codeQL] [![Code Coverage][🧮cov-wf-img]][🧮cov-wf] |
|
115
|
+
| 6️⃣ | resources | [![Discussion][⛳gh-discussions-img]][⛳gh-discussions] [![Get help on Codementor][🖇codementor-img]][🖇codementor] [![Chat][🏘chat-img]][🏘chat] [![Blog][🚎blog-img]][🚎blog] [![Blog][🖐wiki-img]][🖐wiki] |
|
116
|
+
| 7️⃣ | spread 💖 | [![Liberapay Patrons][⛳liberapay-img]][⛳liberapay] [![Sponsor Me][🖇sponsor-img]][🖇sponsor] [![Tweet @ Peter][🏘tweet-img]][🏘tweet] [🌏][aboutme] [👼][angelme] [💻][coderme] [🌹][politicme] |
|
105
117
|
|
106
118
|
<!--
|
107
119
|
The link tokens in the following sections should be kept ordered by the row and badge numbering scheme
|
@@ -124,18 +136,20 @@ The link tokens in the following sections should be kept ordered by the row and
|
|
124
136
|
[🏘DL-rank-img]: https://img.shields.io/gem/rt/oauth2.svg
|
125
137
|
[🚎src-home]: https://github.com/oauth-xx/oauth2
|
126
138
|
[🚎src-home-img]: https://img.shields.io/badge/source-github-brightgreen.svg?style=flat
|
127
|
-
[🖐prs-
|
128
|
-
[🖐prs-
|
129
|
-
[🧮prs-
|
130
|
-
[🧮prs-
|
139
|
+
[🖐prs-o]: https://github.com/oauth-xx/oauth2/pulls
|
140
|
+
[🖐prs-o-img]: https://img.shields.io/github/issues-pr/oauth-xx/oauth2
|
141
|
+
[🧮prs-c]: https://github.com/oauth-xx/oauth2/pulls?q=is%3Apr+is%3Aclosed
|
142
|
+
[🧮prs-c-img]: https://img.shields.io/github/issues-pr-closed/oauth-xx/oauth2
|
143
|
+
[📗next]: https://github.com/oauth-xx/oauth2/milestone/1
|
144
|
+
[📗next-img]: https://img.shields.io/github/milestones/progress/oauth-xx/oauth2/1?label=Next%20Version
|
131
145
|
|
132
146
|
<!-- 3️⃣ maintanence & linting -->
|
133
147
|
[⛳cclim-maint]: https://codeclimate.com/github/oauth-xx/oauth2/maintainability
|
134
|
-
[⛳cclim-maint-img]: https://api.codeclimate.com/v1/badges/688c612528ff90a46955/maintainability
|
148
|
+
[⛳cclim-maint-img♻️]: https://api.codeclimate.com/v1/badges/688c612528ff90a46955/maintainability
|
135
149
|
[🖇triage-help]: https://www.codetriage.com/oauth-xx/oauth2
|
136
150
|
[🖇triage-help-img]: https://www.codetriage.com/oauth-xx/oauth2/badges/users.svg
|
137
|
-
[🏘depfu]: https://depfu.com/github/oauth-xx/oauth2?project_id=4445
|
138
|
-
[🏘depfu-img]: https://badges.depfu.com/badges/6d34dc1ba682bbdf9ae2a97848241743/count.svg
|
151
|
+
[🏘depfu♻️]: https://depfu.com/github/oauth-xx/oauth2?project_id=4445
|
152
|
+
[🏘depfu-img♻️]: https://badges.depfu.com/badges/6d34dc1ba682bbdf9ae2a97848241743/count.svg
|
139
153
|
[🚎contributors]: https://github.com/oauth-xx/oauth2/graphs/contributors
|
140
154
|
[🚎contributors-img]: https://img.shields.io/github/contributors-anon/oauth-xx/oauth2
|
141
155
|
[🖐style-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/style.yml
|
@@ -144,28 +158,34 @@ The link tokens in the following sections should be kept ordered by the row and
|
|
144
158
|
[🧮kloc-img]: https://img.shields.io/tokei/lines/github.com/oauth-xx/oauth2
|
145
159
|
|
146
160
|
<!-- 4️⃣ testing -->
|
147
|
-
[
|
148
|
-
[
|
149
|
-
[🖇
|
150
|
-
[🖇
|
151
|
-
[🏘
|
152
|
-
[🏘
|
153
|
-
[🚎
|
154
|
-
[🚎
|
155
|
-
[🖐
|
156
|
-
[🖐
|
161
|
+
[⛳iss-o]: https://github.com/oauth-xx/oauth2/issues
|
162
|
+
[⛳iss-o-img]: https://img.shields.io/github/issues-raw/oauth-xx/oauth2
|
163
|
+
[🖇iss-c]: https://github.com/oauth-xx/oauth2/issues?q=is%3Aissue+is%3Aclosed
|
164
|
+
[🖇iss-c-img]: https://img.shields.io/github/issues-closed-raw/oauth-xx/oauth2
|
165
|
+
[🏘sup-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/supported.yml
|
166
|
+
[🏘sup-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/supported.yml/badge.svg
|
167
|
+
[🚎heads-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/heads.yml
|
168
|
+
[🚎heads-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/heads.yml/badge.svg
|
169
|
+
[🖐uns-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/unsupported.yml
|
170
|
+
[🖐uns-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/unsupported.yml/badge.svg
|
171
|
+
[🧮mac-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/macos.yml
|
172
|
+
[🧮mac-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/macos.yml/badge.svg
|
173
|
+
[📗win-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/windows.yml
|
174
|
+
[📗win-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/windows.yml/badge.svg
|
157
175
|
|
158
176
|
<!-- 5️⃣ coverage & security -->
|
159
177
|
[⛳cclim-cov]: https://codeclimate.com/github/oauth-xx/oauth2/test_coverage
|
160
|
-
[⛳cclim-cov-img]: https://api.codeclimate.com/v1/badges/688c612528ff90a46955/test_coverage
|
161
|
-
[🖇codecov-img]: https://codecov.io/gh/oauth-xx/oauth2/branch/
|
178
|
+
[⛳cclim-cov-img♻️]: https://api.codeclimate.com/v1/badges/688c612528ff90a46955/test_coverage
|
179
|
+
[🖇codecov-img♻️]: https://codecov.io/gh/oauth-xx/oauth2/branch/master/graph/badge.svg?token=bNqSzNiuo2
|
162
180
|
[🖇codecov]: https://codecov.io/gh/oauth-xx/oauth2
|
163
|
-
[🏘coveralls]: https://coveralls.io/github/oauth-xx/oauth2?branch=
|
164
|
-
[🏘coveralls-img]: https://coveralls.io/repos/github/oauth-xx/oauth2/badge.svg?branch=
|
181
|
+
[🏘coveralls]: https://coveralls.io/github/oauth-xx/oauth2?branch=master
|
182
|
+
[🏘coveralls-img]: https://coveralls.io/repos/github/oauth-xx/oauth2/badge.svg?branch=master
|
165
183
|
[🚎sec-pol]: https://github.com/oauth-xx/oauth2/blob/master/SECURITY.md
|
166
184
|
[🚎sec-pol-img]: https://img.shields.io/badge/security-policy-brightgreen.svg?style=flat
|
167
185
|
[🖐codeQL]: https://github.com/oauth-xx/oauth2/security/code-scanning
|
168
186
|
[🖐codeQL-img]: https://github.com/oauth-xx/oauth2/actions/workflows/codeql-analysis.yml/badge.svg
|
187
|
+
[🧮cov-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/coverage.yml
|
188
|
+
[🧮cov-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/coverage.yml/badge.svg
|
169
189
|
|
170
190
|
<!-- 6️⃣ resources -->
|
171
191
|
[⛳gh-discussions]: https://github.com/oauth-xx/oauth2/discussions
|
@@ -195,29 +215,51 @@ The link tokens in the following sections should be kept ordered by the row and
|
|
195
215
|
[coderme]:http://coderwall.com/pboling
|
196
216
|
[politicme]: https://nationalprogressiveparty.org
|
197
217
|
|
198
|
-
|
199
218
|
## Installation
|
200
219
|
|
201
|
-
|
202
|
-
gem install oauth2
|
203
|
-
```
|
220
|
+
Install the gem and add to the application's Gemfile by executing:
|
204
221
|
|
205
|
-
|
222
|
+
$ bundle add oauth2
|
206
223
|
|
207
|
-
|
208
|
-
|
209
|
-
|
210
|
-
|
211
|
-
|
212
|
-
bundle
|
213
|
-
```
|
224
|
+
If bundler is not being used to manage dependencies, install the gem by executing:
|
225
|
+
|
226
|
+
$ gem install oauth2
|
227
|
+
|
228
|
+
## OAuth2 for Enterprise
|
214
229
|
|
230
|
+
Available as part of the Tidelift Subscription.
|
231
|
+
|
232
|
+
The maintainers of OAuth2 and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. [Learn more.](https://tidelift.com/subscription/pkg/rubygems-oauth2?utm_source=rubygems-oauth2&utm_medium=referral&utm_campaign=enterprise)
|
233
|
+
|
234
|
+
## Security contact information
|
235
|
+
|
236
|
+
To report a security vulnerability, please use the [Tidelift security contact](https://tidelift.com/security).
|
237
|
+
Tidelift will coordinate the fix and disclosure.
|
238
|
+
|
239
|
+
For more see [SECURITY.md][🚎sec-pol].
|
240
|
+
|
241
|
+
## What is new for v2.0 (unreleased, `master` branch)?
|
242
|
+
|
243
|
+
- Officially support Ruby versions >= 2.7
|
244
|
+
- Unofficially support Ruby versions >= 2.5
|
245
|
+
- Incidentally support Ruby versions >= 2.2
|
246
|
+
- Drop support for the expired MAC Draft (all versions)
|
247
|
+
- Support IETF rfc7523 JWT Bearer Tokens
|
248
|
+
- Support IETF rfc7231 Relative Location in Redirect
|
249
|
+
- Support IETF rfc6749 Don't set oauth params when nil
|
250
|
+
- Support [OIDC 1.0 Private Key JWT](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication); based on the OAuth JWT assertion specification [(RFC 7523)](https://tools.ietf.org/html/rfc7523)
|
251
|
+
- Support new formats, including from [jsonapi.org](http://jsonapi.org/format/): `application/vdn.api+json`, `application/vnd.collection+json`, `application/hal+json`, `application/problem+json`
|
252
|
+
- Adds new option to `OAuth2::Client#get_token`:
|
253
|
+
- `:access_token_class` (`AccessToken`); user specified class to use for all calls to `get_token`
|
254
|
+
- Adds new option to `OAuth2::AccessToken#initialize`:
|
255
|
+
- `:expires_latency` (`nil`); number of seconds by which AccessToken validity will be reduced to offset latency
|
256
|
+
- [... A lot more](https://github.com/oauth-xx/oauth2/blob/master/CHANGELOG.md#unreleased)
|
215
257
|
|
216
258
|
## Compatibility
|
217
259
|
|
218
260
|
Targeted ruby compatibility is non-EOL versions of Ruby, currently 2.7, 3.0 and
|
219
261
|
3.1. Compatibility is further distinguished by supported and unsupported versions of Ruby.
|
220
|
-
Ruby is limited to
|
262
|
+
Ruby is limited to 2.2+ for 2.x releases. See `1-4-stable` branch for older rubies.
|
221
263
|
|
222
264
|
<details>
|
223
265
|
<summary>Ruby Engine Compatibility Policy</summary>
|
@@ -249,28 +291,57 @@ of a major release, support for that Ruby version may be dropped.
|
|
249
291
|
|
250
292
|
| | Ruby OAuth 2 Version | Maintenance Branch | Supported Officially | Supported Unofficially | Supported Incidentally |
|
251
293
|
|:----|----------------------|--------------------|-------------------------|------------------------|------------------------|
|
252
|
-
| 1️⃣ | 2.0.x (unreleased) | `master` | 2.7, 3.0, 3.1 | 2.
|
253
|
-
| 2️⃣ | 1.4.x | `1-4-stable` | 2.5, 2.6, 2.7, 3.0, 3.1 | 2.1, 2.2, 2.3, 2.4 |
|
294
|
+
| 1️⃣ | 2.0.x (unreleased) | `master` | 2.7, 3.0, 3.1 | 2.5, 2.6 | 2.2, 2.3, 2.4 |
|
295
|
+
| 2️⃣ | 1.4.x | `1-4-stable` | 2.5, 2.6, 2.7, 3.0, 3.1 | 2.1, 2.2, 2.3, 2.4 | 1.9, 2.0 |
|
254
296
|
| 3️⃣ | older | N/A | Best of luck to you! | Please upgrade! | |
|
255
297
|
|
256
|
-
NOTE:
|
298
|
+
NOTE: The 1.4 series will only receive critical bug and security updates.
|
257
299
|
See [SECURITY.md][🚎sec-pol]
|
258
300
|
|
259
301
|
## Usage Examples
|
260
302
|
|
303
|
+
### `authorize_url` and `token_url` are on site root (Just Works!)
|
304
|
+
|
261
305
|
```ruby
|
262
306
|
require 'oauth2'
|
263
|
-
client = OAuth2::Client.new('client_id', 'client_secret', :
|
307
|
+
client = OAuth2::Client.new('client_id', 'client_secret', site: 'https://example.org')
|
308
|
+
# => #<OAuth2::Client:0x00000001204c8288 @id="client_id", @secret="client_sec...
|
309
|
+
client.auth_code.authorize_url(redirect_uri: 'http://localhost:8080/oauth2/callback')
|
310
|
+
# => "https://example.org/oauth/authorize?client_id=client_id&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Foauth2%2Fcallback&response_type=code"
|
264
311
|
|
265
|
-
client.auth_code.
|
266
|
-
|
267
|
-
|
268
|
-
token = client.auth_code.get_token('authorization_code_value', :redirect_uri => 'http://localhost:8080/oauth2/callback', :headers => {'Authorization' => 'Basic some_password'})
|
269
|
-
response = token.get('/api/resource', :params => {'query_foo' => 'bar'})
|
312
|
+
token = client.auth_code.get_token('authorization_code_value', redirect_uri: 'http://localhost:8080/oauth2/callback', headers: {'Authorization' => 'Basic some_password'})
|
313
|
+
response = token.get('/api/resource', params: {'query_foo' => 'bar'})
|
270
314
|
response.class.name
|
271
315
|
# => OAuth2::Response
|
272
316
|
```
|
273
317
|
|
318
|
+
### Relative `authorize_url` and `token_url` (Not on site root, Just Works!)
|
319
|
+
|
320
|
+
In above example, the default Authorization URL is `oauth/authorize` and default Access Token URL is `oauth/token`, and, as they are missing a leading `/`, both are relative.
|
321
|
+
|
322
|
+
```ruby
|
323
|
+
client = OAuth2::Client.new('client_id', 'client_secret', site: 'https://example.org/nested/directory/on/your/server')
|
324
|
+
# => #<OAuth2::Client:0x00000001204c8288 @id="client_id", @secret="client_sec...
|
325
|
+
client.auth_code.authorize_url(redirect_uri: 'http://localhost:8080/oauth2/callback')
|
326
|
+
# => "https://example.org/nested/directory/on/your/server/oauth/authorize?client_id=client_id&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Foauth2%2Fcallback&response_type=code"
|
327
|
+
```
|
328
|
+
|
329
|
+
### Customize `authorize_url` and `token_url`
|
330
|
+
|
331
|
+
You can specify custom URLs for authorization and access token, and when using a leading `/` they will _not be relative_, as shown below:
|
332
|
+
|
333
|
+
```ruby
|
334
|
+
client = OAuth2::Client.new('client_id', 'client_secret',
|
335
|
+
site: 'https://example.org/nested/directory/on/your/server',
|
336
|
+
authorize_url: '/jaunty/authorize/',
|
337
|
+
token_url: '/stirrups/access_token')
|
338
|
+
# => #<OAuth2::Client:0x00000001204c8288 @id="client_id", @secret="client_sec...
|
339
|
+
client.auth_code.authorize_url(redirect_uri: 'http://localhost:8080/oauth2/callback')
|
340
|
+
# => "https://example.org/jaunty/authorize/?client_id=client_id&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Foauth2%2Fcallback&response_type=code"
|
341
|
+
client.class.name
|
342
|
+
# => OAuth2::Client
|
343
|
+
```
|
344
|
+
|
274
345
|
<details>
|
275
346
|
<summary>Debugging</summary>
|
276
347
|
|
@@ -289,8 +360,8 @@ require 'oauth2'
|
|
289
360
|
client = OAuth2::Client.new(
|
290
361
|
'client_id',
|
291
362
|
'client_secret',
|
292
|
-
:
|
293
|
-
:
|
363
|
+
site: 'https://example.org',
|
364
|
+
logger: Logger.new('example.log', 'weekly')
|
294
365
|
)
|
295
366
|
```
|
296
367
|
</details>
|
@@ -334,10 +405,10 @@ authentication grant types have helper strategy classes that simplify client
|
|
334
405
|
use. They are available via the `#auth_code`, `#implicit`, `#password`, `#client_credentials`, and `#assertion` methods respectively.
|
335
406
|
|
336
407
|
```ruby
|
337
|
-
auth_url = client.auth_code.authorize_url(:
|
338
|
-
token = client.auth_code.get_token('code_value', :
|
408
|
+
auth_url = client.auth_code.authorize_url(redirect_uri: 'http://localhost:8080/oauth/callback')
|
409
|
+
token = client.auth_code.get_token('code_value', redirect_uri: 'http://localhost:8080/oauth/callback')
|
339
410
|
|
340
|
-
auth_url = client.implicit.authorize_url(:
|
411
|
+
auth_url = client.implicit.authorize_url(redirect_uri: 'http://localhost:8080/oauth/callback')
|
341
412
|
# get the token params in the callback and
|
342
413
|
token = OAuth2::AccessToken.from_kvform(client, query_string)
|
343
414
|
|
@@ -352,7 +423,7 @@ If you want to specify additional headers to be sent out with the
|
|
352
423
|
request, add a 'headers' hash under 'params':
|
353
424
|
|
354
425
|
```ruby
|
355
|
-
token = client.auth_code.get_token('code_value', :
|
426
|
+
token = client.auth_code.get_token('code_value', redirect_uri: 'http://localhost:8080/oauth/callback', headers: {'Some' => 'Header'})
|
356
427
|
```
|
357
428
|
|
358
429
|
You can always use the `#request` method on the `OAuth2::Client` instance to make
|
@@ -373,7 +444,7 @@ dependency on this gem using the [Pessimistic Version Constraint][pvc] with two
|
|
373
444
|
For example:
|
374
445
|
|
375
446
|
```ruby
|
376
|
-
spec.add_dependency 'oauth2', '~>
|
447
|
+
spec.add_dependency 'oauth2', '~> 2.0'
|
377
448
|
```
|
378
449
|
|
379
450
|
[semver]: http://semver.org/
|
@@ -395,7 +466,7 @@ spec.add_dependency 'oauth2', '~> 1.4'
|
|
395
466
|
|
396
467
|
## Development
|
397
468
|
|
398
|
-
After checking out the repo, run `
|
469
|
+
After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
|
399
470
|
|
400
471
|
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
401
472
|
|
data/SECURITY.md
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
# Security Policy
|
2
|
+
|
3
|
+
## Supported Versions
|
4
|
+
|
5
|
+
| Version | Supported |
|
6
|
+
|--------------|-----------|
|
7
|
+
| 2.0.<latest> | ✅ |
|
8
|
+
| 1.4.<latest> | ✅ |
|
9
|
+
| older | ⛔️ |
|
10
|
+
|
11
|
+
## Reporting a Vulnerability
|
12
|
+
|
13
|
+
To report a security vulnerability, please use the [Tidelift security contact](https://tidelift.com/security).
|
14
|
+
Tidelift will coordinate the fix and disclosure.
|