RubyGems - oauth2 - Versions diffs - 2.0.2 → 2.0.3 - Mend

oauth2 2.0.2 → 2.0.3

Files changed (10) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 50c8edb06960c0fcbdd726c2ef9e741840910c227891994393eb2d26decca35e
-  data.tar.gz: b022f74a86c53ea268c6fff23650b0a721e4b33950bf43acdb541f263fd6eb6d
+  metadata.gz: 834cadcf40991f2fd88a74f9ee614992d17c087d5862a4f7243cb83874f87683
+  data.tar.gz: 9a54a67d2def4e8232ff7b764ce70d87c4d9fb7125b72e234d07b84b507565b2
 SHA512:
-  metadata.gz: 8ea7cd4353651231682ba42c71df70bb223e9d9ffbdb1fa6b68e0b381d44db947082dedd1e006d679044dd67bf9546062959f5d114df8d8d18803ae04b53dbcf
-  data.tar.gz: 6046dc1b501152225fa49e4c6519b54a94ecf61254f2e7ac2dc042a712c2aab5ab84600296a559a24d97738acce83e32eeb513371dfafdc59a3dbac606b63fc7
+  metadata.gz: 190394d6e1d046de982b9ed978c54b810a15cbfbe41507c63f103a19be06b04d4a7f2a8cad4f3fc30c9cf4eed6314e353668b7e49d8e41826e1c460f944060ed
+  data.tar.gz: 10bd8f3f468165150ce7d79c31d0a4c7be72322660ae7579bf579bf68054106f21d16b408c56eedcc3a2359f14c84c770fa89dec93d0811c2ed328aa7b365f00

data/CHANGELOG.md CHANGED Viewed

@@ -4,8 +4,16 @@ All notable changes to this project will be documented in this file.
 The format (since v2) is based on [Keep a Changelog v1](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.0.0.html).
-## [2.0.2] - 2022-06-24
+## [2.0.3] - 2022-06-28
 ### Added
+- [#611](https://github.com/oauth-xx/oauth2/pull/611) - Proper deprecation warnings for `extract_access_token` argument (@pboling)
+- [#612](https://github.com/oauth-xx/oauth2/pull/612) - Add `snaky: false` option to skip conversion to `OAuth2::SnakyHash` (default: true) (@pboling)
+### Fixed
+- [#608](https://github.com/oauth-xx/oauth2/pull/608) - Wrap `Faraday::TimeoutError` in `OAuth2::TimeoutError` (@nbibler)
+- [#615](https://github.com/oauth-xx/oauth2/pull/615) - Fix support for requests with blocks, see `Faraday::Connection#run_request` (@pboling)
+## [2.0.2] - 2022-06-24
+### Fixed
 - [#604](https://github.com/oauth-xx/oauth2/pull/604) - Wrap `Faraday::TimeoutError` in `OAuth2::TimeoutError` (@stanhu)
 - [#606](https://github.com/oauth-xx/oauth2/pull/606) - Ruby 2.7 deprecation warning fix: Move `access_token_class` parameter into `Client` constructor (@stanhu)
 - [#607](https://github.com/oauth-xx/oauth2/pull/607) - CHANGELOG correction, reference to `OAuth2::ConnectionError` (@zavan)
@@ -221,7 +229,7 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 ## [0.0.4] + [0.0.3] + [0.0.2] + [0.0.1] - 2010-04-22
-[Unreleased]: https://github.com/oauth-xx/oauth2/compare/v2.0.0...HEAD
+[Unreleased]: https://github.com/oauth-xx/oauth2/compare/v2.0.3...HEAD
 [0.0.1]: https://github.com/oauth-xx/oauth2/compare/311d9f4...v0.0.1
 [0.0.2]: https://github.com/oauth-xx/oauth2/compare/v0.0.1...v0.0.2
 [0.0.3]: https://github.com/oauth-xx/oauth2/compare/v0.0.2...v0.0.3
@@ -259,4 +267,6 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 [1.4.9]: https://github.com/oauth-xx/oauth2/compare/v1.4.8...v1.4.9
 [2.0.0]: https://github.com/oauth-xx/oauth2/compare/v1.4.9...v2.0.0
 [2.0.1]: https://github.com/oauth-xx/oauth2/compare/v2.0.0...v2.0.1
+[2.0.2]: https://github.com/oauth-xx/oauth2/compare/v2.0.1...v2.0.2
+[2.0.3]: https://github.com/oauth-xx/oauth2/compare/v2.0.2...v2.0.3
 [gemfiles/readme]: gemfiles/README.md

data/CONTRIBUTING.md CHANGED Viewed

@@ -1,4 +1,12 @@
-## Submitting a Pull Request
+## Contributing
+Bug reports and pull requests are welcome on GitHub at [https://github.com/oauth-xx/oauth2][source]
+. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to
+the [code of conduct][conduct].
+To submit a patch, please fork the project and create a patch with tests. Once you're happy with it send a pull request!
+## Detailed instructions on Submitting a Pull Request
 1. [Fork the repository.][fork]
 2. [Create a topic branch.][branch]
 3. Add specs for your unimplemented feature or bug fix.
@@ -16,3 +24,21 @@
 [fork]: http://help.github.com/fork-a-repo/
 [branch]: http://learn.github.com/p/branching.html
 [pr]: http://help.github.com/send-pull-requests/
+## Contributors
+[![Contributors](https://contrib.rocks/image?repo=oauth-xx/oauth2)][contributors]
+Made with [contributors-img][contrib-rocks].
+[comment]: <> (Following links are used by README, CONTRIBUTING)
+[conduct]: https://github.com/oauth-xx/oauth2/blob/master/CODE_OF_CONDUCT.md
+[contrib-rocks]: https://contrib.rocks
+[contributors]: https://github.com/oauth-xx/oauth2/graphs/contributors
+[comment]: <> (Following links are used by README, CONTRIBUTING, Homepage)
+[source]: https://github.com/oauth-xx/oauth2/

data/README.md CHANGED Viewed

@@ -32,6 +32,7 @@ See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby.
 | Version | Release Date | Readme                                                   |
 |---------|--------------|----------------------------------------------------------|
+| 2.0.3   | 2022-06-28   | https://github.com/oauth-xx/oauth2/blob/v2.0.3/README.md |
 | 2.0.2   | 2022-06-24   | https://github.com/oauth-xx/oauth2/blob/v2.0.2/README.md |
 | 2.0.1   | 2022-06-22   | https://github.com/oauth-xx/oauth2/blob/v2.0.1/README.md |
 | 2.0.0   | 2022-06-21   | https://github.com/oauth-xx/oauth2/blob/v2.0.0/README.md |
@@ -113,7 +114,7 @@ appended indicators:
 | 4️⃣ | testing               | [![Open Issues][⛳iss-o-img]][⛳iss-o] [![Closed Issues][🖇iss-c-img]][🖇iss-c] [![Supported][🏘sup-wf-img]][🏘sup-wf] [![Heads][🚎heads-wf-img]][🚎heads-wf] [![Unofficial Support][🖐uns-wf-img]][🖐uns-wf] [![MacOS][🧮mac-wf-img]][🧮mac-wf] [![Windows][📗win-wf-img]][📗win-wf]          |
 | 5️⃣ | coverage & security   | [![CodeClimate][⛳cclim-cov-img♻️]][⛳cclim-cov] [![CodeCov][🖇codecov-img♻️]][🖇codecov] [![Coveralls][🏘coveralls-img]][🏘coveralls] [![Security Policy][🚎sec-pol-img]][🚎sec-pol] [![CodeQL][🖐codeQL-img]][🖐codeQL] [![Code Coverage][🧮cov-wf-img]][🧮cov-wf]                           |
 | 6️⃣ | resources             | [![Discussion][⛳gh-discussions-img]][⛳gh-discussions] [![Get help on Codementor][🖇codementor-img]][🖇codementor] [![Chat][🏘chat-img]][🏘chat] [![Blog][🚎blog-img]][🚎blog] [![Blog][🖐wiki-img]][🖐wiki]                                                                                  |
-| 7️⃣ | spread 💖             | [![Liberapay Patrons][⛳liberapay-img]][⛳liberapay] [![Sponsor Me][🖇sponsor-img]][🖇sponsor] [![Tweet @ Peter][🏘tweet-img]][🏘tweet] [🌏][aboutme] [👼][angelme] [💻][coderme] [🌹][politicme]                                                                                              |
+| 7️⃣ | spread 💖             | [![Liberapay Patrons][⛳liberapay-img]][⛳liberapay] [![Sponsor Me][🖇sponsor-img]][🖇sponsor] [![Tweet @ Peter][🏘tweet-img]][🏘tweet] [🌏][aboutme] [👼][angelme] [💻][coderme]                                                                                                              |
 <!--
 The link tokens in the following sections should be kept ordered by the row and badge numbering scheme
@@ -140,8 +141,8 @@ The link tokens in the following sections should be kept ordered by the row and
 [🖐prs-o-img]: https://img.shields.io/github/issues-pr/oauth-xx/oauth2
 [🧮prs-c]: https://github.com/oauth-xx/oauth2/pulls?q=is%3Apr+is%3Aclosed
 [🧮prs-c-img]: https://img.shields.io/github/issues-pr-closed/oauth-xx/oauth2
-[📗next♻️]: https://github.com/oauth-xx/oauth2/milestone/14
-[📗next-img♻️]: https://img.shields.io/github/milestones/progress/oauth-xx/oauth2/14?label=Next%20Version
+[📗next♻️]: https://github.com/oauth-xx/oauth2/milestone/15
+[📗next-img♻️]: https://img.shields.io/github/milestones/progress/oauth-xx/oauth2/15?label=Next%20Version
 <!-- 3️⃣ maintanence & linting -->
 [⛳cclim-maint]: https://codeclimate.com/github/oauth-xx/oauth2/maintainability
@@ -213,7 +214,6 @@ The link tokens in the following sections should be kept ordered by the row and
 [aboutme]: https://about.me/peter.boling
 [angelme]: https://angel.co/peter-boling
 [coderme]:http://coderwall.com/pboling
-[politicme]: https://nationalprogressiveparty.org
 ## Installation
@@ -342,6 +342,31 @@ client.class.name
 # => OAuth2::Client
 ```
+### snake_case and indifferent access in Response#parsed
+```ruby
+response = access.get('/api/resource', params: {'query_foo' => 'bar'})
+# Even if the actual response is CamelCase. it will be made available as snaky:
+JSON.parse(response.body)         # => {"accessToken"=>"aaaaaaaa", "additionalData"=>"additional"}
+response.parsed                   # => {"access_token"=>"aaaaaaaa", "additional_data"=>"additional"}
+response.parsed.access_token      # => "aaaaaaaa"
+response.parsed[:access_token]    # => "aaaaaaaa"
+response.parsed.additional_data   # => "additional"
+response.parsed[:additional_data] # => "additional"
+response.parsed.class.name        # => OAuth2::SnakyHash (subclass of Hashie::Mash::Rash, from `rash_alt` gem)
+```
+#### What if I hate snakes and/or indifference?
+```ruby
+response = access.get('/api/resource', params: {'query_foo' => 'bar'}, snaky: false)
+JSON.parse(response.body)         # => {"accessToken"=>"aaaaaaaa", "additionalData"=>"additional"}
+response.parsed                   # => {"accessToken"=>"aaaaaaaa", "additionalData"=>"additional"}
+response.parsed['accessToken']    # => "aaaaaaaa"
+response.parsed['additionalData'] # => "additional"
+response.parsed.class.name        # => Hash (just, regular old Hash)
+```
 <details>
   <summary>Debugging</summary>
@@ -372,7 +397,7 @@ The `AccessToken` methods `#get`, `#post`, `#put` and `#delete` and the generic
 will return an instance of the #OAuth2::Response class.
 This instance contains a `#parsed` method that will parse the response body and
-return a Hash if the `Content-Type` is `application/x-www-form-urlencoded` or if
+return a Hash-like [`OAuth2::SnakyHash`](https://github.com/oauth-xx/oauth2/blob/master/lib/oauth2/snaky_hash.rb) if the `Content-Type` is `application/x-www-form-urlencoded` or if
 the body is a JSON object.  It will return an Array if the body is a JSON
 array.  Otherwise, it will return the original body string.
@@ -486,7 +511,15 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 ## Contributing
-Bug reports and pull requests are welcome on GitHub at [https://github.com/oauth-xx/oauth2](https://github.com/oauth-xx/oauth2). This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+See [CONTRIBUTING.md][contributing]
+[contributing]: https://github.com/oauth-xx/oauth2/blob/main/CONTRIBUTING.md
+## Contributors
+[![Contributors](https://contrib.rocks/image?repo=oauth-xx/oauth2)]("https://github.com/oauth-xx/oauth2/graphs/contributors")
+Made with [contributors-img](https://contrib.rocks).
 ## Code of Conduct

data/SECURITY.md CHANGED Viewed

@@ -2,11 +2,11 @@
 ## Supported Versions
-| Version      | Supported |
-|--------------|-----------|
-| 2.0.<latest> | ✅         |
-| 1.4.<latest> | ✅         |
-| older        | ⛔️        |
+| Version  | Supported                 |
+|----------|---------------------------|
+| 2.latest | ✅                         |
+| 1.latest | ✅ (security updates only) |
+| older    | ⛔️                        |
 ## Reporting a Vulnerability

data/lib/oauth2/access_token.rb CHANGED Viewed

@@ -114,7 +114,7 @@ module OAuth2
     # @param [Symbol] verb the HTTP request method
     # @param [String] path the HTTP URL path of the request
     # @param [Hash] opts the options to make the request with
-    # @see Client#request
+    #   @see Client#request
     def request(verb, path, opts = {}, &block)
       configure_authentication!(opts)
       @client.request(verb, path, opts, &block)

data/lib/oauth2/client.rb CHANGED Viewed

@@ -41,7 +41,7 @@ module OAuth2
       @secret = client_secret
       @site = opts.delete(:site)
       ssl = opts.delete(:ssl)
+      warn('OAuth2::Client#initialize argument `extract_access_token` will be removed in oauth2 v3. Refactor to use `access_token_class`.') if opts[:extract_access_token]
       @options = {
         authorize_url: 'oauth/authorize',
         token_url: 'oauth/token',
@@ -108,9 +108,10 @@ module OAuth2
     # @option opts [Boolean] :raise_errors whether or not to raise an OAuth2::Error on 400+ status
     #   code response for this request.  Will default to client option
     # @option opts [Symbol] :parse @see Response::initialize
-    # @yield [req] The Faraday request
-    def request(verb, url, opts = {})
-      response = execute_request(verb, url, opts)
+    # @option opts [Symbol] :snaky @see Response::initialize
+    # @yield [req] @see Faraday::Connection#run_request
+    def request(verb, url, opts = {}, &block)
+      response = execute_request(verb, url, opts, &block)
       case response.status
       when 301, 302, 303, 307
@@ -146,11 +147,16 @@ module OAuth2
     # Initializes an AccessToken by making a request to the token endpoint
     #
-    # @param params [Hash] a Hash of params for the token endpoint
+    # @param params [Hash] a Hash of params for the token endpoint, except:
+    #   @option params [Symbol] :parse @see Response#initialize
+    #   @option params [true, false] :snaky @see Response#initialize
     # @param access_token_opts [Hash] access token options, to pass to the AccessToken object
     # @param extract_access_token [Proc] proc that extracts the access token from the response (DEPRECATED)
+    # @yield [req] @see Faraday::Connection#run_request
     # @return [AccessToken] the initialized AccessToken
-    def get_token(params, access_token_opts = {}, extract_access_token = options[:extract_access_token])
+    def get_token(params, access_token_opts = {}, extract_access_token = nil, &block)
+      warn('OAuth2::Client#get_token argument `extract_access_token` will be removed in oauth2 v3. Refactor to use `access_token_class` on #initialize.') if extract_access_token
+      extract_access_token ||= options[:extract_access_token]
       params = params.map do |key, value|
         if RESERVED_PARAM_KEYS.include?(key)
           [key.to_sym, value]
@@ -159,20 +165,25 @@ module OAuth2
         end
       end.to_h
+      request_opts = {
+        raise_errors: options[:raise_errors],
+        parse: params.delete(:parse),
+        snaky: params.delete(:snaky),
+      }
       params = authenticator.apply(params)
-      opts = {raise_errors: options[:raise_errors], parse: params.delete(:parse)}
       headers = params.delete(:headers) || {}
       if options[:token_method] == :post
-        opts[:body] = params
-        opts[:headers] = {'Content-Type' => 'application/x-www-form-urlencoded'}
+        request_opts[:body] = params
+        request_opts[:headers] = {'Content-Type' => 'application/x-www-form-urlencoded'}
       else
-        opts[:params] = params
-        opts[:headers] = {}
+        request_opts[:params] = params
+        request_opts[:headers] = {}
       end
-      opts[:headers].merge!(headers)
+      request_opts[:headers].merge!(headers)
       http_method = options[:token_method]
       http_method = :post if http_method == :post_with_query_string
-      response = request(http_method, token_url, opts)
+      response = request(http_method, token_url, request_opts, &block)
       # In v1.4.x, the deprecated extract_access_token option retrieves the token from the response.
       # We preserve this behavior here, but a custom access_token_class that implements #from_hash
@@ -256,7 +267,7 @@ module OAuth2
         raise TimeoutError, e
       end
-      Response.new(response, parse: opts[:parse])
+      Response.new(response, parse: opts[:parse], snaky: opts[:snaky])
     end
     # Returns the authenticator object

data/lib/oauth2/response.rb CHANGED Viewed

@@ -39,12 +39,17 @@ module OAuth2
     # Initializes a Response instance
     #
     # @param [Faraday::Response] response The Faraday response instance
-    # @param [Hash] opts options in which to initialize the instance
-    # @option opts [Symbol] :parse (:automatic) how to parse the response body.  one of :query (for x-www-form-urlencoded),
+    # @param [Symbol] parse (:automatic) how to parse the response body.  one of :query (for x-www-form-urlencoded),
     #   :json, or :automatic (determined by Content-Type response header)
-    def initialize(response, opts = {})
+    # @param [true, false] snaky (true) Convert @parsed to a snake-case,
+    #   indifferent-access OAuth2::SnakyHash, which is a subclass of Hashie::Mash::Rash (from rash_alt gem)?
+    # @param [Hash] options all other options for initializing the instance
+    def initialize(response, parse: :automatic, snaky: true, **options)
       @response = response
-      @options = {parse: :automatic}.merge(opts)
+      @options = {
+        parse: parse,
+        snaky: snaky,
+      }.merge(options)
     end
     # The HTTP response headers
@@ -81,7 +86,7 @@ module OAuth2
           end
         end
-      @parsed = OAuth2::SnakyHash.new(@parsed) if @parsed.is_a?(Hash)
+      @parsed = OAuth2::SnakyHash.new(@parsed) if options[:snaky] && @parsed.is_a?(Hash)
       @parsed
     end
@@ -125,10 +130,14 @@ module OAuth2
 end
 OAuth2::Response.register_parser(:xml, ['text/xml', 'application/rss+xml', 'application/rdf+xml', 'application/atom+xml', 'application/xml']) do |body|
+  next body unless body.respond_to?(:to_str)
   MultiXml.parse(body)
 end
 OAuth2::Response.register_parser(:json, ['application/json', 'text/javascript', 'application/hal+json', 'application/vnd.collection+json', 'application/vnd.api+json', 'application/problem+json']) do |body|
+  next body unless body.respond_to?(:to_str)
   body = body.dup.force_encoding(::Encoding::ASCII_8BIT) if body.respond_to?(:force_encoding)
   ::JSON.parse(body)

data/lib/oauth2/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module OAuth2
   module Version
-    VERSION = '2.0.2'.freeze
+    VERSION = '2.0.3'.freeze
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: oauth2
 version: !ruby/object:Gem::Version
-  version: 2.0.2
+  version: 2.0.3
 platform: ruby
 authors:
 - Peter Boling
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-06-24 00:00:00.000000000 Z
+date: 2022-06-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -307,10 +307,10 @@ licenses:
 - MIT
 metadata:
   homepage_uri: https://github.com/oauth-xx/oauth2
-  source_code_uri: https://github.com/oauth-xx/oauth2/tree/v2.0.2
-  changelog_uri: https://github.com/oauth-xx/oauth2/blob/v2.0.2/CHANGELOG.md
+  source_code_uri: https://github.com/oauth-xx/oauth2/tree/v2.0.3
+  changelog_uri: https://github.com/oauth-xx/oauth2/blob/v2.0.3/CHANGELOG.md
   bug_tracker_uri: https://github.com/oauth-xx/oauth2/issues
-  documentation_uri: https://www.rubydoc.info/gems/oauth2/2.0.2
+  documentation_uri: https://www.rubydoc.info/gems/oauth2/2.0.3
   wiki_uri: https://github.com/oauth-xx/oauth2/wiki
   rubygems_mfa_required: 'true'
 post_install_message: