oauth2 2.0.3 → 2.0.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 834cadcf40991f2fd88a74f9ee614992d17c087d5862a4f7243cb83874f87683
-  data.tar.gz: 9a54a67d2def4e8232ff7b764ce70d87c4d9fb7125b72e234d07b84b507565b2
+  metadata.gz: 6ca4e3435d4b69bcdf5607cf41d9b5f67b3671160d860cda0e8a66fdc6ca9ea7
+  data.tar.gz: 74170cea4731366ce12134db250ca23b937791a349b3cb62c6833a729d8964fa
 SHA512:
-  metadata.gz: 190394d6e1d046de982b9ed978c54b810a15cbfbe41507c63f103a19be06b04d4a7f2a8cad4f3fc30c9cf4eed6314e353668b7e49d8e41826e1c460f944060ed
-  data.tar.gz: 10bd8f3f468165150ce7d79c31d0a4c7be72322660ae7579bf579bf68054106f21d16b408c56eedcc3a2359f14c84c770fa89dec93d0811c2ed328aa7b365f00
+  metadata.gz: '02886a1ab24fe6cc0f2a0624646fd07b74f1151540e4a79c2a7b50b4fa9d051bdc801d22413ee1c815e0df95f8c20185e98a8edce6e8909b276d0f3be3d3e5e3'
+  data.tar.gz: c23909dd4d2502a9ecd0e7ea8832d9611542af282230bd7c7b126bf76394a80acd14e8cf73be0362ea90875c63192cac4102878cfafab5cfc0419adfeb236a7d

data/CHANGELOG.md

@@ -4,6 +4,24 @@ All notable changes to this project will be documented in this file.
 The format (since v2) is based on [Keep a Changelog v1](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.0.0.html).
 
+## [2.0.6] - 2022-07-13
+### Fixed
+- [#624](https://github.com/oauth-xx/oauth2/pull/624) - Fixes a [regression](https://github.com/oauth-xx/oauth2/pull/623) in v2.0.5, where an error would be raised in refresh_token flows due to (legitimate) lack of access_token (@pboling)
+
+## [2.0.5] - 2022-07-07
+### Fixed
+- [#620](https://github.com/oauth-xx/oauth2/pull/620) - Documentation improvements, to help with upgrading (@swanson)
+- [#621](https://github.com/oauth-xx/oauth2/pull/621) - Fixed [#528](https://github.com/oauth-xx/oauth2/issues/528) and [#619](https://github.com/oauth-xx/oauth2/issues/619) (@pboling)
+  - All data in responses is now returned, with the access token removed and set as `token`
+    - `refresh_token` is no longer dropped
+    - **BREAKING**: Microsoft's `id_token` is no longer left as `access_token['id_token']`, but moved to the standard `access_token.token` that all other strategies use
+  - Remove `parse` and `snaky` from options so they don't get included in response
+  - There is now 100% test coverage, for lines _and_ branches, and it will stay that way.
+
+## [2.0.4] - 2022-07-01
+### Fixed
+- [#618](https://github.com/oauth-xx/oauth2/pull/618) - In some scenarios the `snaky` option default value was not applied (@pboling)
+
 ## [2.0.3] - 2022-06-28
 ### Added
 - [#611](https://github.com/oauth-xx/oauth2/pull/611) - Proper deprecation warnings for `extract_access_token` argument (@pboling)
@@ -61,6 +79,10 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 - [#414](https://github.com/oauth-xx/oauth2/pull/414) - Use Base64.strict_encode64 instead of custom internal logic (@meganemura)
 - [#489](https://github.com/oauth-xx/oauth2/pull/489) - **BREAKING**: Default value for option `OAuth2::Client` - `:authorize_url` removed leading slash to work with relative paths by default (`'oauth/authorize'`) (@ghost)
 - [#489](https://github.com/oauth-xx/oauth2/pull/489) - **BREAKING**: Default value for option `OAuth2::Client` - `:token_url` removed leading slash to work with relative paths by default (`'oauth/token'`) (@ghost)
+- [#507](https://github.com/oauth-xx/oauth2/pull/507), [#575](https://github.com/oauth-xx/oauth2/pull/575) - **BREAKING**: Transform keys to camel case, always, by default (ultimately via `rash_alt` gem)
+  - Original keys will still work as previously, in most scenarios, thanks to `rash_alt` gem.
+  - However, this is a _breaking_ change if you rely on `response.parsed.to_h`, as the keys in the result will be camel case.
+  - As of version 2.0.4 you can turn key transformation off with the `snaky: false` option.
 - [#576](https://github.com/oauth-xx/oauth2/pull/576) - **BREAKING**: Stop rescuing parsing errors (@pboling)
 - [#591](https://github.com/oauth-xx/oauth2/pull/576) - _DEPRECATION_: `OAuth2::Client` - `:extract_access_token` option is deprecated
 ### Fixed
@@ -90,6 +112,9 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 - [#589](https://github.com/oauth-xx/oauth2/pull/589), [#593](https://github.com/oauth-xx/oauth2/pull/593) - Remove support for expired MAC token draft spec (@stanhu)
 - [#590](https://github.com/oauth-xx/oauth2/pull/590) - _Dependency_: Removed `multi_json` (@stanhu)
 
+## [1.4.10] - 2022-07-01
+- FIPS Compatibility [#587](https://github.com/oauth-xx/oauth2/pull/587) (@akostadinov)
+
 ## [1.4.9] - 2022-02-20
 - Fixes compatibility with Faraday v2 [572](https://github.com/oauth-xx/oauth2/issues/572)
 - Includes supported versions of Faraday in test matrix:
@@ -100,7 +125,7 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 
 ## [1.4.8] - 2022-02-18
 - MFA is now required to push new gem versions (@pboling)
-- README overhaul w/ new Ruby Verion and Engine compatibility policies (@pboling)
+- README overhaul w/ new Ruby Version and Engine compatibility policies (@pboling)
 - [#569](https://github.com/oauth-xx/oauth2/pull/569) Backport fixes ([#561](https://github.com/oauth-xx/oauth2/pull/561) by @ryogift), and add more fixes, to allow faraday 1.x and 2.x (@jrochkind)
 - Improve Code Coverage tracking (Coveralls, CodeCov, CodeClimate), and enable branch coverage (@pboling)
 - Add CodeQL, Security Policy, Funding info (@pboling)
@@ -229,7 +254,6 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 
 ## [0.0.4] + [0.0.3] + [0.0.2] + [0.0.1] - 2010-04-22
 
-[Unreleased]: https://github.com/oauth-xx/oauth2/compare/v2.0.3...HEAD
 [0.0.1]: https://github.com/oauth-xx/oauth2/compare/311d9f4...v0.0.1
 [0.0.2]: https://github.com/oauth-xx/oauth2/compare/v0.0.1...v0.0.2
 [0.0.3]: https://github.com/oauth-xx/oauth2/compare/v0.0.2...v0.0.3
@@ -265,8 +289,13 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 [1.4.7]: https://github.com/oauth-xx/oauth2/compare/v1.4.6...v1.4.7
 [1.4.8]: https://github.com/oauth-xx/oauth2/compare/v1.4.7...v1.4.8
 [1.4.9]: https://github.com/oauth-xx/oauth2/compare/v1.4.8...v1.4.9
-[2.0.0]: https://github.com/oauth-xx/oauth2/compare/v1.4.9...v2.0.0
+[1.4.10]: https://github.com/oauth-xx/oauth2/compare/v1.4.9...v1.4.10
+[2.0.0]: https://github.com/oauth-xx/oauth2/compare/v1.4.10...v2.0.0
 [2.0.1]: https://github.com/oauth-xx/oauth2/compare/v2.0.0...v2.0.1
 [2.0.2]: https://github.com/oauth-xx/oauth2/compare/v2.0.1...v2.0.2
 [2.0.3]: https://github.com/oauth-xx/oauth2/compare/v2.0.2...v2.0.3
+[2.0.4]: https://github.com/oauth-xx/oauth2/compare/v2.0.3...v2.0.4
+[2.0.5]: https://github.com/oauth-xx/oauth2/compare/v2.0.4...v2.0.5
+[2.0.6]: https://github.com/oauth-xx/oauth2/compare/v2.0.5...v2.0.6
+[Unreleased]: https://github.com/oauth-xx/oauth2/compare/v2.0.6...HEAD
 [gemfiles/readme]: gemfiles/README.md

data/README.md

@@ -32,6 +32,9 @@ See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby.
 
 | Version | Release Date | Readme                                                   |
 |---------|--------------|----------------------------------------------------------|
+| 2.0.6   | 2022-07-13   | https://github.com/oauth-xx/oauth2/blob/v2.0.6/README.md |
+| 2.0.5   | 2022-07-07   | https://github.com/oauth-xx/oauth2/blob/v2.0.5/README.md |
+| 2.0.4   | 2022-07-01   | https://github.com/oauth-xx/oauth2/blob/v2.0.4/README.md |
 | 2.0.3   | 2022-06-28   | https://github.com/oauth-xx/oauth2/blob/v2.0.3/README.md |
 | 2.0.2   | 2022-06-24   | https://github.com/oauth-xx/oauth2/blob/v2.0.2/README.md |
 | 2.0.1   | 2022-06-22   | https://github.com/oauth-xx/oauth2/blob/v2.0.1/README.md |
@@ -43,18 +46,19 @@ See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby.
 <details>
   <summary>1.4.x Readmes</summary>
 
-| Version | Release Date | Readme                                                   |
-|---------|--------------|----------------------------------------------------------|
-| 1.4.9   | Feb 20, 2022 | https://github.com/oauth-xx/oauth2/blob/v1.4.9/README.md |
-| 1.4.8   | Feb 18, 2022 | https://github.com/oauth-xx/oauth2/blob/v1.4.8/README.md |
-| 1.4.7   | Mar 19, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.7/README.md |
-| 1.4.6   | Mar 19, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.6/README.md |
-| 1.4.5   | Mar 18, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.5/README.md |
-| 1.4.4   | Feb 12, 2020 | https://github.com/oauth-xx/oauth2/blob/v1.4.4/README.md |
-| 1.4.3   | Jan 29, 2020 | https://github.com/oauth-xx/oauth2/blob/v1.4.3/README.md |
-| 1.4.2   | Oct 1, 2019  | https://github.com/oauth-xx/oauth2/blob/v1.4.2/README.md |
-| 1.4.1   | Oct 13, 2018 | https://github.com/oauth-xx/oauth2/blob/v1.4.1/README.md |
-| 1.4.0   | Jun 9, 2017  | https://github.com/oauth-xx/oauth2/blob/v1.4.0/README.md |
+| Version | Release Date | Readme                                                    |
+|---------|--------------|-----------------------------------------------------------|
+| 1.4.10  | Jul 1, 2022  | https://github.com/oauth-xx/oauth2/blob/v1.4.10/README.md |
+| 1.4.9   | Feb 20, 2022 | https://github.com/oauth-xx/oauth2/blob/v1.4.9/README.md  |
+| 1.4.8   | Feb 18, 2022 | https://github.com/oauth-xx/oauth2/blob/v1.4.8/README.md  |
+| 1.4.7   | Mar 19, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.7/README.md  |
+| 1.4.6   | Mar 19, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.6/README.md  |
+| 1.4.5   | Mar 18, 2021 | https://github.com/oauth-xx/oauth2/blob/v1.4.5/README.md  |
+| 1.4.4   | Feb 12, 2020 | https://github.com/oauth-xx/oauth2/blob/v1.4.4/README.md  |
+| 1.4.3   | Jan 29, 2020 | https://github.com/oauth-xx/oauth2/blob/v1.4.3/README.md  |
+| 1.4.2   | Oct 1, 2019  | https://github.com/oauth-xx/oauth2/blob/v1.4.2/README.md  |
+| 1.4.1   | Oct 13, 2018 | https://github.com/oauth-xx/oauth2/blob/v1.4.1/README.md  |
+| 1.4.0   | Jun 9, 2017  | https://github.com/oauth-xx/oauth2/blob/v1.4.0/README.md  |
 </details>
 
 <details>
@@ -141,10 +145,10 @@ The link tokens in the following sections should be kept ordered by the row and
 [🖐prs-o-img]: https://img.shields.io/github/issues-pr/oauth-xx/oauth2
 [🧮prs-c]: https://github.com/oauth-xx/oauth2/pulls?q=is%3Apr+is%3Aclosed
 [🧮prs-c-img]: https://img.shields.io/github/issues-pr-closed/oauth-xx/oauth2
-[📗next♻️]: https://github.com/oauth-xx/oauth2/milestone/15
-[📗next-img♻️]: https://img.shields.io/github/milestones/progress/oauth-xx/oauth2/15?label=Next%20Version
+[📗next♻️]: https://github.com/oauth-xx/oauth2/milestone/2
+[📗next-img♻️]: https://img.shields.io/github/milestones/progress/oauth-xx/oauth2/2?label=Next%20Version
 
-<!-- 3️⃣ maintanence & linting -->
+<!-- 3️⃣ maintenance & linting -->
 [⛳cclim-maint]: https://codeclimate.com/github/oauth-xx/oauth2/maintainability
 [⛳cclim-maint-img♻️]: https://api.codeclimate.com/v1/badges/688c612528ff90a46955/maintainability
 [🖇triage-help]: https://www.codetriage.com/oauth-xx/oauth2
@@ -229,7 +233,9 @@ If bundler is not being used to manage dependencies, install the gem by executin
 
 Available as part of the Tidelift Subscription.
 
-The maintainers of OAuth2 and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. [Learn more.](https://tidelift.com/subscription/pkg/rubygems-oauth2?utm_source=rubygems-oauth2&utm_medium=referral&utm_campaign=enterprise)
+The maintainers of OAuth2 and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. [Learn more.][tidelift-ref]
+
+[tidelift-ref]: https://tidelift.com/subscription/pkg/rubygems-oauth2?utm_source=rubygems-oauth2&utm_medium=referral&utm_campaign=enterprise
 
 ## Security contact information
 
@@ -253,6 +259,12 @@ For more see [SECURITY.md][🚎sec-pol].
     - `:access_token_class` (`AccessToken`); user specified class to use for all calls to `get_token`
 - Adds new option to `OAuth2::AccessToken#initialize`:
     - `:expires_latency` (`nil`); number of seconds by which AccessToken validity will be reduced to offset latency
+- By default, keys are transformed to camel case.
+  - Original keys will still work as previously, in most scenarios, thanks to `rash_alt` gem.
+  - However, this is a _breaking_ change if you rely on `response.parsed.to_h`, as the keys in the result will be camel case.
+  - As of version 2.0.4 you can turn key transformation off with the `snaky: false` option.
+- By default, the `:auth_scheme` is now `:basic_auth` (instead of `:request_body`)
+  - Third-party strategies and gems may need to be updated if a provider was requiring client id/secret in the request body
 - [... A lot more](https://github.com/oauth-xx/oauth2/blob/master/CHANGELOG.md#2.0.0)
 
 ## Compatibility
@@ -289,13 +301,13 @@ fashion. If critical issues for a particular implementation exist at the time
 of a major release, support for that Ruby version may be dropped.
 </details>
 
-|     | Ruby OAuth 2 Version | Maintenance Branch | Supported Officially    | Supported Unofficially | Supported Incidentally |
-|:----|----------------------|--------------------|-------------------------|------------------------|------------------------|
-| 1️⃣ | 2.0.x                | `master`           | 2.7, 3.0, 3.1           | 2.5, 2.6               | 2.2, 2.3, 2.4          |
-| 2️⃣ | 1.4.x                | `1-4-stable`       | 2.5, 2.6, 2.7, 3.0, 3.1 | 2.1, 2.2, 2.3, 2.4     | 1.9, 2.0               |
-| 3️⃣ | older                | N/A                | Best of luck to you!    | Please upgrade!        |                        |
+|     | Ruby OAuth2 Version | Maintenance Branch | Supported Officially    | Supported Unofficially | Supported Incidentally |
+|:----|---------------------|--------------------|-------------------------|------------------------|------------------------|
+| 1️⃣ | 2.0.x               | `master`           | 2.7, 3.0, 3.1           | 2.5, 2.6               | 2.2, 2.3, 2.4          |
+| 2️⃣ | 1.4.x               | `1-4-stable`       | 2.5, 2.6, 2.7, 3.0, 3.1 | 2.1, 2.2, 2.3, 2.4     | 1.9, 2.0               |
+| 3️⃣ | older               | N/A                | Best of luck to you!    | Please upgrade!        |                        |
 
-NOTE: The 1.4 series will only receive critical bug and security updates.
+NOTE: The 1.4 series will only receive critical security updates.
 See [SECURITY.md][🚎sec-pol]
 
 ## Usage Examples
@@ -513,7 +525,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 
 See [CONTRIBUTING.md][contributing]
 
-[contributing]: https://github.com/oauth-xx/oauth2/blob/main/CONTRIBUTING.md
+[contributing]: https://github.com/oauth-xx/oauth2/blob/master/CONTRIBUTING.md
 
 ## Contributors
 

data/lib/oauth2/access_token.rb

@@ -2,18 +2,28 @@
 
 module OAuth2
   class AccessToken # rubocop:disable Metrics/ClassLength
+    TOKEN_KEYS_STR = %w[access_token id_token token accessToken idToken].freeze
+    TOKEN_KEYS_SYM = %i[access_token id_token token accessToken idToken].freeze
+    TOKEN_KEY_LOOKUP = TOKEN_KEYS_STR + TOKEN_KEYS_SYM
+
     attr_reader :client, :token, :expires_in, :expires_at, :expires_latency, :params
     attr_accessor :options, :refresh_token, :response
 
     class << self
       # Initializes an AccessToken from a Hash
       #
-      # @param client [Client] the OAuth2::Client instance
-      # @param hash [Hash] a hash of AccessToken property values
+      # @param [Client] client the OAuth2::Client instance
+      # @param [Hash] hash a hash of AccessToken property values
+      # @option hash [String] 'access_token', 'id_token', 'token', :access_token, :id_token, or :token the access token
       # @return [AccessToken] the initialized AccessToken
       def from_hash(client, hash)
-        hash = hash.dup
-        new(client, hash.delete('access_token') || hash.delete(:access_token) || hash.delete('token') || hash.delete(:token), hash)
+        fresh = hash.dup
+        supported_keys = fresh.keys & TOKEN_KEY_LOOKUP
+        key = supported_keys[0]
+        # Having too many is sus, and may lead to bugs. Having none is fine (e.g. refresh flow doesn't need a token).
+        warn("OAuth2::AccessToken.from_hash: `hash` contained more than one 'token' key (#{supported_keys}); using #{key.inspect}.") if supported_keys.length > 1
+        token = fresh.delete(key)
+        new(client, token, fresh)
       end
 
       # Initializes an AccessToken from a key/value application/x-www-form-urlencoded string
@@ -24,16 +34,12 @@ module OAuth2
       def from_kvform(client, kvform)
         from_hash(client, Rack::Utils.parse_query(kvform))
       end
-
-      def contains_token?(hash)
-        hash.key?('access_token') || hash.key?('id_token') || hash.key?('token')
-      end
     end
 
     # Initialize an AccessToken
     #
     # @param [Client] client the OAuth2::Client instance
-    # @param [String] token the Access Token value
+    # @param [String] token the Access Token value (optional, may not be used in refresh flows)
     # @param [Hash] opts the options to create the Access Token with
     # @option opts [String] :refresh_token (nil) the refresh_token value
     # @option opts [FixNum, String] :expires_in (nil) the number of seconds in which the AccessToken will expire
@@ -47,10 +53,20 @@ module OAuth2
     def initialize(client, token, opts = {})
       @client = client
       @token = token.to_s
+
       opts = opts.dup
       %i[refresh_token expires_in expires_at expires_latency].each do |arg|
         instance_variable_set("@#{arg}", opts.delete(arg) || opts.delete(arg.to_s))
       end
+      no_tokens = (@token.nil? || @token.empty?) && (@refresh_token.nil? || @refresh_token.empty?)
+      if no_tokens
+        if @client.options[:raise_errors]
+          error = Error.new(opts)
+          raise(error)
+        else
+          warn('OAuth2::AccessToken has no token')
+        end
+      end
       @expires_in ||= opts.delete('expires')
       @expires_in &&= @expires_in.to_i
       @expires_at &&= convert_expires_at(@expires_at)
@@ -95,7 +111,11 @@ module OAuth2
       params[:refresh_token] = refresh_token
       new_token = @client.get_token(params, access_token_opts)
       new_token.options = options
-      new_token.refresh_token = refresh_token unless new_token.refresh_token
+      if new_token.refresh_token
+        # Keep it, if there is one
+      else
+        new_token.refresh_token = refresh_token
+      end
       new_token
     end
     # A compatibility alias

data/lib/oauth2/client.rb

@@ -9,7 +9,7 @@ module OAuth2
 
   # The OAuth2::Client class
   class Client # rubocop:disable Metrics/ClassLength
-    RESERVED_PARAM_KEYS = %w[headers parse].freeze
+    RESERVED_PARAM_KEYS = %w[body headers params parse snaky].freeze
 
     attr_reader :id, :secret, :site
     attr_accessor :options
@@ -108,7 +108,7 @@ module OAuth2
     # @option opts [Boolean] :raise_errors whether or not to raise an OAuth2::Error on 400+ status
     #   code response for this request.  Will default to client option
     # @option opts [Symbol] :parse @see Response::initialize
-    # @option opts [Symbol] :snaky @see Response::initialize
+    # @option opts [true, false] :snaky (true) @see Response::initialize
     # @yield [req] @see Faraday::Connection#run_request
     def request(verb, url, opts = {}, &block)
       response = execute_request(verb, url, opts, &block)
@@ -149,7 +149,7 @@ module OAuth2
     #
     # @param params [Hash] a Hash of params for the token endpoint, except:
     #   @option params [Symbol] :parse @see Response#initialize
-    #   @option params [true, false] :snaky @see Response#initialize
+    #   @option params [true, false] :snaky (true) @see Response#initialize
     # @param access_token_opts [Hash] access token options, to pass to the AccessToken object
     # @param extract_access_token [Proc] proc that extracts the access token from the response (DEPRECATED)
     # @yield [req] @see Faraday::Connection#run_request
@@ -165,12 +165,14 @@ module OAuth2
         end
       end.to_h
 
+      parse = params.key?(:parse) ? params.delete(:parse) : Response::DEFAULT_OPTIONS[:parse]
+      snaky = params.key?(:snaky) ? params.delete(:snaky) : Response::DEFAULT_OPTIONS[:snaky]
+
       request_opts = {
         raise_errors: options[:raise_errors],
-        parse: params.delete(:parse),
-        snaky: params.delete(:snaky),
+        parse: parse,
+        snaky: snaky,
       }
-
       params = authenticator.apply(params)
       headers = params.delete(:headers) || {}
       if options[:token_method] == :post
@@ -267,7 +269,10 @@ module OAuth2
         raise TimeoutError, e
       end
 
-      Response.new(response, parse: opts[:parse], snaky: opts[:snaky])
+      parse = opts.key?(:parse) ? opts.delete(:parse) : Response::DEFAULT_OPTIONS[:parse]
+      snaky = opts.key?(:snaky) ? opts.delete(:snaky) : Response::DEFAULT_OPTIONS[:snaky]
+
+      Response.new(response, parse: parse, snaky: snaky)
     end
 
     # Returns the authenticator object
@@ -294,7 +299,7 @@ module OAuth2
       access_token_class = options[:access_token_class]
       data = response.parsed
 
-      unless data.is_a?(Hash) && access_token_class.contains_token?(data)
+      unless data.is_a?(Hash) && !data.empty?
         return unless options[:raise_errors]
 
         error = Error.new(response)

data/lib/oauth2/error.rb

@@ -2,21 +2,29 @@
 
 module OAuth2
   class Error < StandardError
-    attr_reader :response, :code, :description
+    attr_reader :response, :body, :code, :description
 
     # standard error codes include:
     # 'invalid_request', 'invalid_client', 'invalid_token', 'invalid_grant', 'unsupported_grant_type', 'invalid_scope'
+    # response might be a Response object, or the response.parsed hash
     def initialize(response)
       @response = response
-      message_opts = {}
-
-      if response.parsed.is_a?(Hash)
-        @code = response.parsed['error']
-        @description = response.parsed['error_description']
-        message_opts = parse_error_description(@code, @description)
+      if response.respond_to?(:parsed)
+        if response.parsed.is_a?(Hash)
+          @code = response.parsed['error']
+          @description = response.parsed['error_description']
+        end
+      elsif response.is_a?(Hash)
+        @code = response['error']
+        @description = response['error_description']
       end
-
-      super(error_message(response.body, message_opts))
+      @body = if response.respond_to?(:body)
+                response.body
+              else
+                @response
+              end
+      message_opts = parse_error_description(@code, @description)
+      super(error_message(@body, message_opts))
     end
 
   private

data/lib/oauth2/response.rb

@@ -7,6 +7,10 @@ require 'rack'
 module OAuth2
   # OAuth2::Response class
   class Response
+    DEFAULT_OPTIONS = {
+      parse: :automatic,
+      snaky: true,
+    }.freeze
     attr_reader :response
     attr_accessor :options
 

data/lib/oauth2/strategy/assertion.rb

@@ -80,7 +80,7 @@ module OAuth2
         assertion = build_assertion(claims, encoding_opts)
         params = build_request(assertion, request_opts)
 
-        @client.get_token(params, response_opts.merge('refresh_token' => nil))
+        @client.get_token(params, response_opts)
       end
 
     private

data/lib/oauth2/strategy/auth_code.rb

@@ -25,7 +25,7 @@ module OAuth2
       #
       # @param [String] code The Authorization Code value
       # @param [Hash] params additional params
-      # @param [Hash] opts options
+      # @param [Hash] opts access_token_opts, @see Client#get_token
       # @note that you must also provide a :redirect_uri with most OAuth 2.0 providers
       def get_token(code, params = {}, opts = {})
         params = {'grant_type' => 'authorization_code', 'code' => code}.merge(@client.redirection_params).merge(params)

data/lib/oauth2/strategy/client_credentials.rb

@@ -19,7 +19,7 @@ module OAuth2
       # @param [Hash] opts options
       def get_token(params = {}, opts = {})
         params = params.merge('grant_type' => 'client_credentials')
-        @client.get_token(params, opts.merge('refresh_token' => nil))
+        @client.get_token(params, opts)
       end
     end
   end

data/lib/oauth2/version.rb

@@ -2,6 +2,6 @@
 
 module OAuth2
   module Version
-    VERSION = '2.0.3'.freeze
+    VERSION = '2.0.6'.freeze
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: oauth2
 version: !ruby/object:Gem::Version
-  version: 2.0.3
+  version: 2.0.6
 platform: ruby
 authors:
 - Peter Boling
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-06-28 00:00:00.000000000 Z
+date: 2022-07-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -112,14 +112,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1.1'
 - !ruby/object:Gem::Dependency
   name: addressable
   requirement: !ruby/object:Gem::Requirement
@@ -307,13 +307,24 @@ licenses:
 - MIT
 metadata:
   homepage_uri: https://github.com/oauth-xx/oauth2
-  source_code_uri: https://github.com/oauth-xx/oauth2/tree/v2.0.3
-  changelog_uri: https://github.com/oauth-xx/oauth2/blob/v2.0.3/CHANGELOG.md
+  source_code_uri: https://github.com/oauth-xx/oauth2/tree/v2.0.6
+  changelog_uri: https://github.com/oauth-xx/oauth2/blob/v2.0.6/CHANGELOG.md
   bug_tracker_uri: https://github.com/oauth-xx/oauth2/issues
-  documentation_uri: https://www.rubydoc.info/gems/oauth2/2.0.3
+  documentation_uri: https://www.rubydoc.info/gems/oauth2/2.0.6
   wiki_uri: https://github.com/oauth-xx/oauth2/wiki
   rubygems_mfa_required: 'true'
-post_install_message: 
+post_install_message: |2+
+
+  You have installed oauth2 version OAuth2::Version, congratulations!
+
+  There are BREAKING changes, but most will not encounter them, and updating your code should be easy!
+
+  Please see:
+  • https://github.com/oauth-xx/oauth2#what-is-new-for-v20
+  • https://github.com/oauth-xx/oauth2/blob/master/CHANGELOG.md
+
+  Please report issues, and support the project! Thanks, |7eter l-|. l3oling
+
 rdoc_options: []
 require_paths:
 - lib