oauth2 2.0.1 → 2.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0b2375593530f7a565bfe90a1534e6203bb178428ca3c9670a0dcd728cfa134a
-  data.tar.gz: 04c8289d5202d2db4f12321fc7acda898a77931c1acee21cd5bdd3a7bcbec96a
+  metadata.gz: fc4158398289799f1200f2706539766ebcec6b3be4c861427d9b11fb6f6a8d8f
+  data.tar.gz: cd7bec320053ae8d114f9c3f730ce7252872b2fbf0b4c716d5447ac1642b7e7e
 SHA512:
-  metadata.gz: 78b0c341b7fa62f31227ca3217fd3db5ad9dd17c54b9a9bca492f6e4f6294f2db63d7a88a221b7d3fb671d646ee7fc85c7bd4808a82536448e7f13611a8a7598
-  data.tar.gz: 0c2374b9c939fd0c021e25bfa81c23e033af5313e294f18f802431d4c192098ade257c2aeac131a11429525450b786cf894fa7d0cf50f8171395b2ca6ccb8bd0
+  metadata.gz: 57f0ddd1d875238c5b98e358cea1114fb09847c01af8231e2d6a6e6c70e928500bd3f2b45c566302f70481d802ff7db6b649105765692f7107542e49edf06e2b
+  data.tar.gz: 13e0e6fcf0b7090bd5068c08522fc5ca52b8f719d230e7355334785e9795581c011b437b6eca4897f86d30ef7dd856f924a8a3e5b1488e7c99a7fa595973368b

data/CHANGELOG.md

@@ -4,6 +4,24 @@ All notable changes to this project will be documented in this file.
 The format (since v2) is based on [Keep a Changelog v1](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.0.0.html).
 
+## [2.0.4] - 2022-07-01
+### Fixed
+- [#618](https://github.com/oauth-xx/oauth2/pull/618) - In some scenarios the `snaky` option default value was not applied (@pboling)
+
+## [2.0.3] - 2022-06-28
+### Added
+- [#611](https://github.com/oauth-xx/oauth2/pull/611) - Proper deprecation warnings for `extract_access_token` argument (@pboling)
+- [#612](https://github.com/oauth-xx/oauth2/pull/612) - Add `snaky: false` option to skip conversion to `OAuth2::SnakyHash` (default: true) (@pboling)
+### Fixed
+- [#608](https://github.com/oauth-xx/oauth2/pull/608) - Wrap `Faraday::TimeoutError` in `OAuth2::TimeoutError` (@nbibler)
+- [#615](https://github.com/oauth-xx/oauth2/pull/615) - Fix support for requests with blocks, see `Faraday::Connection#run_request` (@pboling)
+
+## [2.0.2] - 2022-06-24
+### Fixed
+- [#604](https://github.com/oauth-xx/oauth2/pull/604) - Wrap `Faraday::TimeoutError` in `OAuth2::TimeoutError` (@stanhu)
+- [#606](https://github.com/oauth-xx/oauth2/pull/606) - Ruby 2.7 deprecation warning fix: Move `access_token_class` parameter into `Client` constructor (@stanhu)
+- [#607](https://github.com/oauth-xx/oauth2/pull/607) - CHANGELOG correction, reference to `OAuth2::ConnectionError` (@zavan)
+
 ## [2.0.1] - 2022-06-22
 ### Added
 - Documentation improvements (@pboling)
@@ -29,7 +47,7 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 - [#413](https://github.com/oauth-xx/oauth2/pull/413) - _Documentation_: License scan and report (@meganemura)
 - [#442](https://github.com/oauth-xx/oauth2/pull/442) - Option: `OAuth2::Client#initialize` - `:logger` (`::Logger.new($stdout)`) logger to use when OAUTH_DEBUG is enabled (for parity with `1-4-stable` branch) (@rthbound)
 - [#494](https://github.com/oauth-xx/oauth2/pull/494) - Support [OIDC 1.0 Private Key JWT](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication); based on the OAuth JWT assertion specification [(RFC 7523)](https://tools.ietf.org/html/rfc7523) (@SteveyblamWork)
-- [#549](https://github.com/oauth-xx/oauth2/pull/549) - Wrap `Faraday::ConnectionFailed` in `OAuth2::ConnectionFailed` (@nikkypx)
+- [#549](https://github.com/oauth-xx/oauth2/pull/549) - Wrap `Faraday::ConnectionFailed` in `OAuth2::ConnectionError` (@nikkypx)
 - [#550](https://github.com/oauth-xx/oauth2/pull/550) - Raise error if location header not present when redirecting (@stanhu)
 - [#552](https://github.com/oauth-xx/oauth2/pull/552) - Add missing `version.rb` require (@ahorek)
 - [#553](https://github.com/oauth-xx/oauth2/pull/553) - Support `application/problem+json` format (@janz93)
@@ -76,6 +94,9 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 - [#589](https://github.com/oauth-xx/oauth2/pull/589), [#593](https://github.com/oauth-xx/oauth2/pull/593) - Remove support for expired MAC token draft spec (@stanhu)
 - [#590](https://github.com/oauth-xx/oauth2/pull/590) - _Dependency_: Removed `multi_json` (@stanhu)
 
+## [1.4.10] - 2022-07-01
+- FIPS Compatibility [#587](https://github.com/oauth-xx/oauth2/pull/587) (@akostadinov)
+
 ## [1.4.9] - 2022-02-20
 - Fixes compatibility with Faraday v2 [572](https://github.com/oauth-xx/oauth2/issues/572)
 - Includes supported versions of Faraday in test matrix:
@@ -86,7 +107,7 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 
 ## [1.4.8] - 2022-02-18
 - MFA is now required to push new gem versions (@pboling)
-- README overhaul w/ new Ruby Verion and Engine compatibility policies (@pboling)
+- README overhaul w/ new Ruby Version and Engine compatibility policies (@pboling)
 - [#569](https://github.com/oauth-xx/oauth2/pull/569) Backport fixes ([#561](https://github.com/oauth-xx/oauth2/pull/561) by @ryogift), and add more fixes, to allow faraday 1.x and 2.x (@jrochkind)
 - Improve Code Coverage tracking (Coveralls, CodeCov, CodeClimate), and enable branch coverage (@pboling)
 - Add CodeQL, Security Policy, Funding info (@pboling)
@@ -215,7 +236,6 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 
 ## [0.0.4] + [0.0.3] + [0.0.2] + [0.0.1] - 2010-04-22
 
-[Unreleased]: https://github.com/oauth-xx/oauth2/compare/v2.0.0...HEAD
 [0.0.1]: https://github.com/oauth-xx/oauth2/compare/311d9f4...v0.0.1
 [0.0.2]: https://github.com/oauth-xx/oauth2/compare/v0.0.1...v0.0.2
 [0.0.3]: https://github.com/oauth-xx/oauth2/compare/v0.0.2...v0.0.3
@@ -251,6 +271,11 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 [1.4.7]: https://github.com/oauth-xx/oauth2/compare/v1.4.6...v1.4.7
 [1.4.8]: https://github.com/oauth-xx/oauth2/compare/v1.4.7...v1.4.8
 [1.4.9]: https://github.com/oauth-xx/oauth2/compare/v1.4.8...v1.4.9
-[2.0.0]: https://github.com/oauth-xx/oauth2/compare/v1.4.9...v2.0.0
+[1.4.10]: https://github.com/oauth-xx/oauth2/compare/v1.4.9...v1.4.10
+[2.0.0]: https://github.com/oauth-xx/oauth2/compare/v1.4.10...v2.0.0
 [2.0.1]: https://github.com/oauth-xx/oauth2/compare/v2.0.0...v2.0.1
+[2.0.2]: https://github.com/oauth-xx/oauth2/compare/v2.0.1...v2.0.2
+[2.0.3]: https://github.com/oauth-xx/oauth2/compare/v2.0.2...v2.0.3
+[2.0.4]: https://github.com/oauth-xx/oauth2/compare/v2.0.3...v2.0.4
+[Unreleased]: https://github.com/oauth-xx/oauth2/compare/v2.0.4...HEAD
 [gemfiles/readme]: gemfiles/README.md

data/CONTRIBUTING.md

@@ -1,4 +1,12 @@
-## Submitting a Pull Request
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at [https://github.com/oauth-xx/oauth2][source]
+. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to
+the [code of conduct][conduct].
+
+To submit a patch, please fork the project and create a patch with tests. Once you're happy with it send a pull request!
+
+## Detailed instructions on Submitting a Pull Request
 1. [Fork the repository.][fork]
 2. [Create a topic branch.][branch]
 3. Add specs for your unimplemented feature or bug fix.
@@ -16,3 +24,21 @@
 [fork]: http://help.github.com/fork-a-repo/
 [branch]: http://learn.github.com/p/branching.html
 [pr]: http://help.github.com/send-pull-requests/
+
+## Contributors
+
+[![Contributors](https://contrib.rocks/image?repo=oauth-xx/oauth2)][contributors]
+
+Made with [contributors-img][contrib-rocks].
+
+[comment]: <> (Following links are used by README, CONTRIBUTING)
+
+[conduct]: https://github.com/oauth-xx/oauth2/blob/master/CODE_OF_CONDUCT.md
+
+[contrib-rocks]: https://contrib.rocks
+
+[contributors]: https://github.com/oauth-xx/oauth2/graphs/contributors
+
+[comment]: <> (Following links are used by README, CONTRIBUTING, Homepage)
+
+[source]: https://github.com/oauth-xx/oauth2/

data/README.md

@@ -22,8 +22,6 @@ See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby.
 
 [oauth2-spec]: https://oauth.net/2/
 [sibling-gem]: https://github.com/oauth-xx/oauth-ruby
-[next-milestone-pct]: https://github.com/oauth-xx/oauth2/milestone/1
-[next-milestone-pct-img]: https://img.shields.io/github/milestones/progress-percent/oauth-xx/oauth2/1
 
 ## Release Documentation
 
@@ -34,7 +32,10 @@ See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby.
 
 | Version | Release Date | Readme                                                   |
 |---------|--------------|----------------------------------------------------------|
-| 2.0.1   | 2022-06-22   | https://github.com/oauth-xx/oauth2/blob/master/README.md |
+| 2.0.4   | 2022-07-01   | https://github.com/oauth-xx/oauth2/blob/v2.0.4/README.md |
+| 2.0.3   | 2022-06-28   | https://github.com/oauth-xx/oauth2/blob/v2.0.3/README.md |
+| 2.0.2   | 2022-06-24   | https://github.com/oauth-xx/oauth2/blob/v2.0.2/README.md |
+| 2.0.1   | 2022-06-22   | https://github.com/oauth-xx/oauth2/blob/v2.0.1/README.md |
 | 2.0.0   | 2022-06-21   | https://github.com/oauth-xx/oauth2/blob/v2.0.0/README.md |
 </details>
 
@@ -43,18 +44,19 @@ See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby.
 <details>
   <summary>1.4.x Readmes</summary>
 
-| Version | Release Date | Readme                                                   |
-|---------|--------------|----------------------------------------------------------|
-| 1.4.9   | Feb 20, 2022 | https://github.com/oauth-xx/oauth2/blob/v1.4.9/README.md |
-| 1.4.8   | Feb 18, 2022 | https://github.com/oauth-xx/oauth2/blob/v1.4.8/README.md |
-| 1.4.7   | Mar 19, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.7/README.md |
-| 1.4.6   | Mar 19, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.6/README.md |
-| 1.4.5   | Mar 18, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.5/README.md |
-| 1.4.4   | Feb 12, 2020 | https://github.com/oauth-xx/oauth2/blob/v1.4.4/README.md |
-| 1.4.3   | Jan 29, 2020 | https://github.com/oauth-xx/oauth2/blob/v1.4.3/README.md |
-| 1.4.2   | Oct 1, 2019  | https://github.com/oauth-xx/oauth2/blob/v1.4.2/README.md |
-| 1.4.1   | Oct 13, 2018 | https://github.com/oauth-xx/oauth2/blob/v1.4.1/README.md |
-| 1.4.0   | Jun 9, 2017  | https://github.com/oauth-xx/oauth2/blob/v1.4.0/README.md |
+| Version | Release Date | Readme                                                    |
+|---------|--------------|-----------------------------------------------------------|
+| 1.4.10  | Jul 1, 2022  | https://github.com/oauth-xx/oauth2/blob/v1.4.10/README.md |
+| 1.4.9   | Feb 20, 2022 | https://github.com/oauth-xx/oauth2/blob/v1.4.9/README.md  |
+| 1.4.8   | Feb 18, 2022 | https://github.com/oauth-xx/oauth2/blob/v1.4.8/README.md  |
+| 1.4.7   | Mar 19, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.7/README.md  |
+| 1.4.6   | Mar 19, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.6/README.md  |
+| 1.4.5   | Mar 18, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.5/README.md  |
+| 1.4.4   | Feb 12, 2020 | https://github.com/oauth-xx/oauth2/blob/v1.4.4/README.md  |
+| 1.4.3   | Jan 29, 2020 | https://github.com/oauth-xx/oauth2/blob/v1.4.3/README.md  |
+| 1.4.2   | Oct 1, 2019  | https://github.com/oauth-xx/oauth2/blob/v1.4.2/README.md  |
+| 1.4.1   | Oct 13, 2018 | https://github.com/oauth-xx/oauth2/blob/v1.4.1/README.md  |
+| 1.4.0   | Jun 9, 2017  | https://github.com/oauth-xx/oauth2/blob/v1.4.0/README.md  |
 </details>
 
 <details>
@@ -106,15 +108,15 @@ appended indicators:
 ♻️ - URL needs to be updated from SASS integration. Find / Replace is insufficient.
 -->
 
-|     | Project               | bundle add oauth2                                                                                                                                                                                                                                                                        |
-|:----|-----------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| 1️⃣ | name, license, docs   | [![RubyGems.org][⛳️name-img]][⛳️gem] [![License: MIT][🖇src-license-img]][🖇src-license] [![FOSSA][🏘fossa-img]][🏘fossa] [![RubyDoc.info][🚎yard-img]][🚎yard] [![InchCI][🖐inch-ci-img]][🚎yard]                                                                                       |
-| 2️⃣ | version & activity    | [![Gem Version][⛳️version-img]][⛳️gem] [![Total Downloads][🖇DL-total-img]][⛳️gem] [![Download Rank][🏘DL-rank-img]][⛳️gem] [![Source Code][🚎src-home-img]][🚎src-home] [![Open PRs][🖐prs-o-img]][🖐prs-o] [![Closed PRs][🧮prs-c-img]][🧮prs-c] [![Next Version][📗next-img]][📗next] |
-| 3️⃣ | maintanence & linting | [![Maintainability][⛳cclim-maint-img♻️]][⛳cclim-maint] [![Helpers][🖇triage-help-img]][🖇triage-help] [![Depfu][🏘depfu-img♻️]][🏘depfu♻️] [![Contributors][🚎contributors-img]][🚎contributors] [![Style][🖐style-wf-img]][🖐style-wf] [![Kloc Roll][🧮kloc-img]][🧮kloc]               |
-| 4️⃣ | testing               | [![Open Issues][⛳iss-o-img]][⛳iss-o] [![Closed Issues][🖇iss-c-img]][🖇iss-c] [![Supported][🏘sup-wf-img]][🏘sup-wf] [![Heads][🚎heads-wf-img]][🚎heads-wf] [![Unofficial Support][🖐uns-wf-img]][🖐uns-wf] [![MacOS][🧮mac-wf-img]][🧮mac-wf] [![Windows][📗win-wf-img]][📗win-wf]      |
-| 5️⃣ | coverage & security   | [![CodeClimate][⛳cclim-cov-img♻️]][⛳cclim-cov] [![CodeCov][🖇codecov-img♻️]][🖇codecov] [![Coveralls][🏘coveralls-img]][🏘coveralls] [![Security Policy][🚎sec-pol-img]][🚎sec-pol] [![CodeQL][🖐codeQL-img]][🖐codeQL] [![Code Coverage][🧮cov-wf-img]][🧮cov-wf]                       |
-| 6️⃣ | resources             | [![Discussion][⛳gh-discussions-img]][⛳gh-discussions] [![Get help on Codementor][🖇codementor-img]][🖇codementor] [![Chat][🏘chat-img]][🏘chat] [![Blog][🚎blog-img]][🚎blog] [![Blog][🖐wiki-img]][🖐wiki]                                                                              |
-| 7️⃣ | spread 💖             | [![Liberapay Patrons][⛳liberapay-img]][⛳liberapay] [![Sponsor Me][🖇sponsor-img]][🖇sponsor] [![Tweet @ Peter][🏘tweet-img]][🏘tweet] [🌏][aboutme] [👼][angelme] [💻][coderme] [🌹][politicme]                                                                                          |
+|     | Project               | bundle add oauth2                                                                                                                                                                                                                                                                            |
+|:----|-----------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| 1️⃣ | name, license, docs   | [![RubyGems.org][⛳️name-img]][⛳️gem] [![License: MIT][🖇src-license-img]][🖇src-license] [![FOSSA][🏘fossa-img]][🏘fossa] [![RubyDoc.info][🚎yard-img]][🚎yard] [![InchCI][🖐inch-ci-img]][🚎yard]                                                                                           |
+| 2️⃣ | version & activity    | [![Gem Version][⛳️version-img]][⛳️gem] [![Total Downloads][🖇DL-total-img]][⛳️gem] [![Download Rank][🏘DL-rank-img]][⛳️gem] [![Source Code][🚎src-home-img]][🚎src-home] [![Open PRs][🖐prs-o-img]][🖐prs-o] [![Closed PRs][🧮prs-c-img]][🧮prs-c] [![Next Version][📗next-img♻️]][📗next♻️] |
+| 3️⃣ | maintanence & linting | [![Maintainability][⛳cclim-maint-img♻️]][⛳cclim-maint] [![Helpers][🖇triage-help-img]][🖇triage-help] [![Depfu][🏘depfu-img♻️]][🏘depfu♻️] [![Contributors][🚎contributors-img]][🚎contributors] [![Style][🖐style-wf-img]][🖐style-wf] [![Kloc Roll][🧮kloc-img]][🧮kloc]                   |
+| 4️⃣ | testing               | [![Open Issues][⛳iss-o-img]][⛳iss-o] [![Closed Issues][🖇iss-c-img]][🖇iss-c] [![Supported][🏘sup-wf-img]][🏘sup-wf] [![Heads][🚎heads-wf-img]][🚎heads-wf] [![Unofficial Support][🖐uns-wf-img]][🖐uns-wf] [![MacOS][🧮mac-wf-img]][🧮mac-wf] [![Windows][📗win-wf-img]][📗win-wf]          |
+| 5️⃣ | coverage & security   | [![CodeClimate][⛳cclim-cov-img♻️]][⛳cclim-cov] [![CodeCov][🖇codecov-img♻️]][🖇codecov] [![Coveralls][🏘coveralls-img]][🏘coveralls] [![Security Policy][🚎sec-pol-img]][🚎sec-pol] [![CodeQL][🖐codeQL-img]][🖐codeQL] [![Code Coverage][🧮cov-wf-img]][🧮cov-wf]                           |
+| 6️⃣ | resources             | [![Discussion][⛳gh-discussions-img]][⛳gh-discussions] [![Get help on Codementor][🖇codementor-img]][🖇codementor] [![Chat][🏘chat-img]][🏘chat] [![Blog][🚎blog-img]][🚎blog] [![Blog][🖐wiki-img]][🖐wiki]                                                                                  |
+| 7️⃣ | spread 💖             | [![Liberapay Patrons][⛳liberapay-img]][⛳liberapay] [![Sponsor Me][🖇sponsor-img]][🖇sponsor] [![Tweet @ Peter][🏘tweet-img]][🏘tweet] [🌏][aboutme] [👼][angelme] [💻][coderme]                                                                                                              |
 
 <!--
 The link tokens in the following sections should be kept ordered by the row and badge numbering scheme
@@ -141,10 +143,10 @@ The link tokens in the following sections should be kept ordered by the row and
 [🖐prs-o-img]: https://img.shields.io/github/issues-pr/oauth-xx/oauth2
 [🧮prs-c]: https://github.com/oauth-xx/oauth2/pulls?q=is%3Apr+is%3Aclosed
 [🧮prs-c-img]: https://img.shields.io/github/issues-pr-closed/oauth-xx/oauth2
-[📗next]: https://github.com/oauth-xx/oauth2/milestone/12
-[📗next-img]: https://img.shields.io/github/milestones/progress/oauth-xx/oauth2/12?label=Next%20Version
+[📗next♻️]: https://github.com/oauth-xx/oauth2/milestone/15
+[📗next-img♻️]: https://img.shields.io/github/milestones/progress/oauth-xx/oauth2/15?label=Next%20Version
 
-<!-- 3️⃣ maintanence & linting -->
+<!-- 3️⃣ maintenance & linting -->
 [⛳cclim-maint]: https://codeclimate.com/github/oauth-xx/oauth2/maintainability
 [⛳cclim-maint-img♻️]: https://api.codeclimate.com/v1/badges/688c612528ff90a46955/maintainability
 [🖇triage-help]: https://www.codetriage.com/oauth-xx/oauth2
@@ -214,7 +216,6 @@ The link tokens in the following sections should be kept ordered by the row and
 [aboutme]: https://about.me/peter.boling
 [angelme]: https://angel.co/peter-boling
 [coderme]:http://coderwall.com/pboling
-[politicme]: https://nationalprogressiveparty.org
 
 ## Installation
 
@@ -230,7 +231,9 @@ If bundler is not being used to manage dependencies, install the gem by executin
 
 Available as part of the Tidelift Subscription.
 
-The maintainers of OAuth2 and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. [Learn more.](https://tidelift.com/subscription/pkg/rubygems-oauth2?utm_source=rubygems-oauth2&utm_medium=referral&utm_campaign=enterprise)
+The maintainers of OAuth2 and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. [Learn more.][tidelift-ref]
+
+[tidelift-ref]: https://tidelift.com/subscription/pkg/rubygems-oauth2?utm_source=rubygems-oauth2&utm_medium=referral&utm_campaign=enterprise
 
 ## Security contact information
 
@@ -290,13 +293,13 @@ fashion. If critical issues for a particular implementation exist at the time
 of a major release, support for that Ruby version may be dropped.
 </details>
 
-|     | Ruby OAuth 2 Version | Maintenance Branch | Supported Officially    | Supported Unofficially | Supported Incidentally |
-|:----|----------------------|--------------------|-------------------------|------------------------|------------------------|
-| 1️⃣ | 2.0.x                | `master`           | 2.7, 3.0, 3.1           | 2.5, 2.6               | 2.2, 2.3, 2.4          |
-| 2️⃣ | 1.4.x                | `1-4-stable`       | 2.5, 2.6, 2.7, 3.0, 3.1 | 2.1, 2.2, 2.3, 2.4     | 1.9, 2.0               |
-| 3️⃣ | older                | N/A                | Best of luck to you!    | Please upgrade!        |                        |
+|     | Ruby OAuth2 Version | Maintenance Branch | Supported Officially    | Supported Unofficially | Supported Incidentally |
+|:----|---------------------|--------------------|-------------------------|------------------------|------------------------|
+| 1️⃣ | 2.0.x               | `master`           | 2.7, 3.0, 3.1           | 2.5, 2.6               | 2.2, 2.3, 2.4          |
+| 2️⃣ | 1.4.x               | `1-4-stable`       | 2.5, 2.6, 2.7, 3.0, 3.1 | 2.1, 2.2, 2.3, 2.4     | 1.9, 2.0               |
+| 3️⃣ | older               | N/A                | Best of luck to you!    | Please upgrade!        |                        |
 
-NOTE: The 1.4 series will only receive critical bug and security updates.
+NOTE: The 1.4 series will only receive critical security updates.
 See [SECURITY.md][🚎sec-pol]
 
 ## Usage Examples
@@ -343,6 +346,31 @@ client.class.name
 # => OAuth2::Client
 ```
 
+### snake_case and indifferent access in Response#parsed
+
+```ruby
+response = access.get('/api/resource', params: {'query_foo' => 'bar'})
+# Even if the actual response is CamelCase. it will be made available as snaky:
+JSON.parse(response.body)         # => {"accessToken"=>"aaaaaaaa", "additionalData"=>"additional"}
+response.parsed                   # => {"access_token"=>"aaaaaaaa", "additional_data"=>"additional"}
+response.parsed.access_token      # => "aaaaaaaa"
+response.parsed[:access_token]    # => "aaaaaaaa"
+response.parsed.additional_data   # => "additional"
+response.parsed[:additional_data] # => "additional"
+response.parsed.class.name        # => OAuth2::SnakyHash (subclass of Hashie::Mash::Rash, from `rash_alt` gem)
+```
+
+#### What if I hate snakes and/or indifference?
+
+```ruby
+response = access.get('/api/resource', params: {'query_foo' => 'bar'}, snaky: false)
+JSON.parse(response.body)         # => {"accessToken"=>"aaaaaaaa", "additionalData"=>"additional"}
+response.parsed                   # => {"accessToken"=>"aaaaaaaa", "additionalData"=>"additional"}
+response.parsed['accessToken']    # => "aaaaaaaa"
+response.parsed['additionalData'] # => "additional"
+response.parsed.class.name        # => Hash (just, regular old Hash)
+```
+
 <details>
   <summary>Debugging</summary>
 
@@ -373,7 +401,7 @@ The `AccessToken` methods `#get`, `#post`, `#put` and `#delete` and the generic
 will return an instance of the #OAuth2::Response class.
 
 This instance contains a `#parsed` method that will parse the response body and
-return a Hash if the `Content-Type` is `application/x-www-form-urlencoded` or if
+return a Hash-like [`OAuth2::SnakyHash`](https://github.com/oauth-xx/oauth2/blob/master/lib/oauth2/snaky_hash.rb) if the `Content-Type` is `application/x-www-form-urlencoded` or if
 the body is a JSON object.  It will return an Array if the body is a JSON
 array.  Otherwise, it will return the original body string.
 
@@ -421,17 +449,17 @@ access = client.client_credentials.get_token
 # Client Assertion Strategy
 # see: https://tools.ietf.org/html/rfc7523
 claimset = {
-  :iss => "http://localhost:3001",
-  :aud => "http://localhost:8080/oauth2/token",
-  :sub => "me@example.com",
-  :exp => Time.now.utc.to_i + 3600
+  iss: 'http://localhost:3001',
+  aud: 'http://localhost:8080/oauth2/token',
+  sub: 'me@example.com',
+  exp: Time.now.utc.to_i + 3600,
 }
 assertion_params = [claimset, 'HS256', 'secret_key']
 access = client.assertion.get_token(assertion_params)
 
 # The `access` (i.e. access token) is then used like so:
 access.token # actual access_token string, if you need it somewhere
-access.get("/api/stuff") # making api calls with access token
+access.get('/api/stuff') # making api calls with access token
 ```
 
 If you want to specify additional headers to be sent out with the
@@ -487,7 +515,15 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/oauth-xx/oauth2. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+See [CONTRIBUTING.md][contributing]
+
+[contributing]: https://github.com/oauth-xx/oauth2/blob/main/CONTRIBUTING.md
+
+## Contributors
+
+[![Contributors](https://contrib.rocks/image?repo=oauth-xx/oauth2)]("https://github.com/oauth-xx/oauth2/graphs/contributors")
+
+Made with [contributors-img](https://contrib.rocks).
 
 ## Code of Conduct
 

data/SECURITY.md

@@ -2,11 +2,11 @@
 
 ## Supported Versions
 
-| Version      | Supported |
-|--------------|-----------|
-| 2.0.<latest> | ✅         |
-| 1.4.<latest> | ✅         |
-| older        | ⛔️        |
+| Version  | Supported                 |
+|----------|---------------------------|
+| 2.latest | ✅                         |
+| 1.latest | ✅ (security updates only) |
+| older    | ⛔️                        |
 
 ## Reporting a Vulnerability
 

data/lib/oauth2/access_token.rb

@@ -88,12 +88,12 @@ module OAuth2
     #
     # @return [AccessToken] a new AccessToken
     # @note options should be carried over to the new AccessToken
-    def refresh(params = {}, access_token_opts = {}, access_token_class: self.class)
+    def refresh(params = {}, access_token_opts = {})
       raise('A refresh_token is not available') unless refresh_token
 
       params[:grant_type] = 'refresh_token'
       params[:refresh_token] = refresh_token
-      new_token = @client.get_token(params, access_token_opts, access_token_class: access_token_class)
+      new_token = @client.get_token(params, access_token_opts)
       new_token.options = options
       new_token.refresh_token = refresh_token unless new_token.refresh_token
       new_token
@@ -114,7 +114,7 @@ module OAuth2
     # @param [Symbol] verb the HTTP request method
     # @param [String] path the HTTP URL path of the request
     # @param [Hash] opts the options to make the request with
-    # @see Client#request
+    #   @see Client#request
     def request(verb, path, opts = {}, &block)
       configure_authentication!(opts)
       @client.request(verb, path, opts, &block)

data/lib/oauth2/client.rb

@@ -5,9 +5,11 @@ require 'logger'
 
 module OAuth2
   ConnectionError = Class.new(Faraday::ConnectionFailed)
+  TimeoutError = Class.new(Faraday::TimeoutError)
+
   # The OAuth2::Client class
   class Client # rubocop:disable Metrics/ClassLength
-    RESERVED_PARAM_KEYS = %w[headers parse].freeze
+    RESERVED_PARAM_KEYS = %w[body headers params parse snaky].freeze
 
     attr_reader :id, :secret, :site
     attr_accessor :options
@@ -31,6 +33,7 @@ module OAuth2
     # @option options [Boolean] :raise_errors (true) whether or not to raise an OAuth2::Error on responses with 400+ status codes
     # @option options [Logger] :logger (::Logger.new($stdout)) which logger to use when OAUTH_DEBUG is enabled
     # @option options [Proc] :extract_access_token proc that takes the client and the response Hash and extracts the access token from the response (DEPRECATED)
+    # @option options [Class] :access_token_class [Class] class of access token for easier subclassing OAuth2::AccessToken, @version 2.0+
     # @yield [builder] The Faraday connection builder
     def initialize(client_id, client_secret, options = {}, &block)
       opts = options.dup
@@ -38,7 +41,7 @@ module OAuth2
       @secret = client_secret
       @site = opts.delete(:site)
       ssl = opts.delete(:ssl)
-
+      warn('OAuth2::Client#initialize argument `extract_access_token` will be removed in oauth2 v3. Refactor to use `access_token_class`.') if opts[:extract_access_token]
       @options = {
         authorize_url: 'oauth/authorize',
         token_url: 'oauth/token',
@@ -49,6 +52,7 @@ module OAuth2
         max_redirects: 5,
         raise_errors: true,
         logger: ::Logger.new($stdout),
+        access_token_class: AccessToken,
       }.merge(opts)
       @options[:connection_opts][:ssl] = ssl if ssl
     end
@@ -104,20 +108,10 @@ module OAuth2
     # @option opts [Boolean] :raise_errors whether or not to raise an OAuth2::Error on 400+ status
     #   code response for this request.  Will default to client option
     # @option opts [Symbol] :parse @see Response::initialize
-    # @yield [req] The Faraday request
-    def request(verb, url, opts = {})
-      url = connection.build_url(url).to_s
-
-      begin
-        response = connection.run_request(verb, url, opts[:body], opts[:headers]) do |req|
-          req.params.update(opts[:params]) if opts[:params]
-          yield(req) if block_given?
-        end
-      rescue Faraday::ConnectionFailed => e
-        raise ConnectionError, e
-      end
-
-      response = Response.new(response, parse: opts[:parse])
+    # @option opts [true, false] :snaky (true) @see Response::initialize
+    # @yield [req] @see Faraday::Connection#run_request
+    def request(verb, url, opts = {}, &block)
+      response = execute_request(verb, url, opts, &block)
 
       case response.status
       when 301, 302, 303, 307
@@ -153,12 +147,16 @@ module OAuth2
 
     # Initializes an AccessToken by making a request to the token endpoint
     #
-    # @param params [Hash] a Hash of params for the token endpoint
+    # @param params [Hash] a Hash of params for the token endpoint, except:
+    #   @option params [Symbol] :parse @see Response#initialize
+    #   @option params [true, false] :snaky (true) @see Response#initialize
     # @param access_token_opts [Hash] access token options, to pass to the AccessToken object
     # @param extract_access_token [Proc] proc that extracts the access token from the response (DEPRECATED)
-    # @param access_token_class [Class] class of access token for easier subclassing OAuth2::AccessToken, @version 2.0+
+    # @yield [req] @see Faraday::Connection#run_request
     # @return [AccessToken] the initialized AccessToken
-    def get_token(params, access_token_opts = {}, extract_access_token = options[:extract_access_token], access_token_class: AccessToken)
+    def get_token(params, access_token_opts = {}, extract_access_token = nil, &block)
+      warn('OAuth2::Client#get_token argument `extract_access_token` will be removed in oauth2 v3. Refactor to use `access_token_class` on #initialize.') if extract_access_token
+      extract_access_token ||= options[:extract_access_token]
       params = params.map do |key, value|
         if RESERVED_PARAM_KEYS.include?(key)
           [key.to_sym, value]
@@ -167,20 +165,24 @@ module OAuth2
         end
       end.to_h
 
+      request_opts = {
+        raise_errors: options[:raise_errors],
+        parse: params.fetch(:parse, Response::DEFAULT_OPTIONS[:parse]),
+        snaky: params.fetch(:snaky, Response::DEFAULT_OPTIONS[:snaky]),
+      }
       params = authenticator.apply(params)
-      opts = {raise_errors: options[:raise_errors], parse: params.delete(:parse)}
       headers = params.delete(:headers) || {}
       if options[:token_method] == :post
-        opts[:body] = params
-        opts[:headers] = {'Content-Type' => 'application/x-www-form-urlencoded'}
+        request_opts[:body] = params
+        request_opts[:headers] = {'Content-Type' => 'application/x-www-form-urlencoded'}
       else
-        opts[:params] = params
-        opts[:headers] = {}
+        request_opts[:params] = params
+        request_opts[:headers] = {}
       end
-      opts[:headers].merge!(headers)
+      request_opts[:headers].merge!(headers)
       http_method = options[:token_method]
       http_method = :post if http_method == :post_with_query_string
-      response = request(http_method, token_url, opts)
+      response = request(http_method, token_url, request_opts, &block)
 
       # In v1.4.x, the deprecated extract_access_token option retrieves the token from the response.
       # We preserve this behavior here, but a custom access_token_class that implements #from_hash
@@ -188,7 +190,7 @@ module OAuth2
       if extract_access_token
         parse_response_with_legacy_extract(response, access_token_opts, extract_access_token)
       else
-        parse_response(response, access_token_opts, access_token_class)
+        parse_response(response, access_token_opts)
       end
     end
 
@@ -250,6 +252,26 @@ module OAuth2
 
   private
 
+    def execute_request(verb, url, opts = {})
+      url = connection.build_url(url).to_s
+
+      begin
+        response = connection.run_request(verb, url, opts[:body], opts[:headers]) do |req|
+          req.params.update(opts[:params]) if opts[:params]
+          yield(req) if block_given?
+        end
+      rescue Faraday::ConnectionFailed => e
+        raise ConnectionError, e
+      rescue Faraday::TimeoutError => e
+        raise TimeoutError, e
+      end
+
+      parse = opts.fetch(:parse, Response::DEFAULT_OPTIONS[:parse])
+      snaky = opts.fetch(:snaky, Response::DEFAULT_OPTIONS[:snaky])
+
+      Response.new(response, parse: parse, snaky: snaky)
+    end
+
     # Returns the authenticator object
     #
     # @return [Authenticator] the initialized Authenticator
@@ -270,7 +292,8 @@ module OAuth2
       nil
     end
 
-    def parse_response(response, access_token_opts, access_token_class)
+    def parse_response(response, access_token_opts)
+      access_token_class = options[:access_token_class]
       data = response.parsed
 
       unless data.is_a?(Hash) && access_token_class.contains_token?(data)

data/lib/oauth2/response.rb

@@ -7,6 +7,10 @@ require 'rack'
 module OAuth2
   # OAuth2::Response class
   class Response
+    DEFAULT_OPTIONS = {
+      parse: :automatic,
+      snaky: true,
+    }.freeze
     attr_reader :response
     attr_accessor :options
 
@@ -39,12 +43,17 @@ module OAuth2
     # Initializes a Response instance
     #
     # @param [Faraday::Response] response The Faraday response instance
-    # @param [Hash] opts options in which to initialize the instance
-    # @option opts [Symbol] :parse (:automatic) how to parse the response body.  one of :query (for x-www-form-urlencoded),
+    # @param [Symbol] parse (:automatic) how to parse the response body.  one of :query (for x-www-form-urlencoded),
     #   :json, or :automatic (determined by Content-Type response header)
-    def initialize(response, opts = {})
+    # @param [true, false] snaky (true) Convert @parsed to a snake-case,
+    #   indifferent-access OAuth2::SnakyHash, which is a subclass of Hashie::Mash::Rash (from rash_alt gem)?
+    # @param [Hash] options all other options for initializing the instance
+    def initialize(response, parse: :automatic, snaky: true, **options)
       @response = response
-      @options = {parse: :automatic}.merge(opts)
+      @options = {
+        parse: parse,
+        snaky: snaky,
+      }.merge(options)
     end
 
     # The HTTP response headers
@@ -81,7 +90,7 @@ module OAuth2
           end
         end
 
-      @parsed = OAuth2::SnakyHash.new(@parsed) if @parsed.is_a?(Hash)
+      @parsed = OAuth2::SnakyHash.new(@parsed) if options[:snaky] && @parsed.is_a?(Hash)
 
       @parsed
     end
@@ -125,10 +134,14 @@ module OAuth2
 end
 
 OAuth2::Response.register_parser(:xml, ['text/xml', 'application/rss+xml', 'application/rdf+xml', 'application/atom+xml', 'application/xml']) do |body|
+  next body unless body.respond_to?(:to_str)
+
   MultiXml.parse(body)
 end
 
 OAuth2::Response.register_parser(:json, ['application/json', 'text/javascript', 'application/hal+json', 'application/vnd.collection+json', 'application/vnd.api+json', 'application/problem+json']) do |body|
+  next body unless body.respond_to?(:to_str)
+
   body = body.dup.force_encoding(::Encoding::ASCII_8BIT) if body.respond_to?(:force_encoding)
 
   ::JSON.parse(body)

data/lib/oauth2/version.rb

@@ -2,6 +2,6 @@
 
 module OAuth2
   module Version
-    VERSION = '2.0.1'.freeze
+    VERSION = '2.0.4'.freeze
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: oauth2
 version: !ruby/object:Gem::Version
-  version: 2.0.1
+  version: 2.0.4
 platform: ruby
 authors:
 - Peter Boling
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-06-22 00:00:00.000000000 Z
+date: 2022-07-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -112,14 +112,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1.1'
 - !ruby/object:Gem::Dependency
   name: addressable
   requirement: !ruby/object:Gem::Requirement
@@ -307,13 +307,24 @@ licenses:
 - MIT
 metadata:
   homepage_uri: https://github.com/oauth-xx/oauth2
-  source_code_uri: https://github.com/oauth-xx/oauth2/tree/v2.0.1
-  changelog_uri: https://github.com/oauth-xx/oauth2/blob/v2.0.1/CHANGELOG.md
+  source_code_uri: https://github.com/oauth-xx/oauth2/tree/v2.0.4
+  changelog_uri: https://github.com/oauth-xx/oauth2/blob/v2.0.4/CHANGELOG.md
   bug_tracker_uri: https://github.com/oauth-xx/oauth2/issues
-  documentation_uri: https://www.rubydoc.info/gems/oauth2/2.0.1
+  documentation_uri: https://www.rubydoc.info/gems/oauth2/2.0.4
   wiki_uri: https://github.com/oauth-xx/oauth2/wiki
   rubygems_mfa_required: 'true'
-post_install_message: 
+post_install_message: |2+
+
+  You have installed oauth2 version OAuth2::Version, congratulations!
+
+  There are BREAKING changes, but most will not encounter them, and updating your code should be easy!
+
+  Please see:
+  • https://github.com/oauth-xx/oauth2#what-is-new-for-v20
+  • https://github.com/oauth-xx/oauth2/blob/master/CHANGELOG.md
+
+  Please report issues, and support the project! Thanks, |7eter l-|. l3oling
+
 rdoc_options: []
 require_paths:
 - lib