oauth2 2.0.7 → 2.0.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +177 -152
- data/CONTRIBUTING.md +5 -5
- data/LICENSE +1 -1
- data/README.md +79 -69
- data/SECURITY.md +12 -6
- data/lib/oauth2/access_token.rb +13 -3
- data/lib/oauth2/response.rb +2 -2
- data/lib/oauth2/version.rb +1 -1
- data/lib/oauth2.rb +10 -2
- metadata +30 -30
- data/lib/oauth2/snaky_hash.rb +0 -8
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ca10cc72ec9bc6e594334ea57a44fee4cbde470ce93da4148acce84fedcf8cf9
|
4
|
+
data.tar.gz: 6fc164a6f1ed3eaabe6e2d9287929be122b1cb2ae0e20a00411abc24158db495
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: cec417d5b26211bc6eda04bdc7595667937a6d1f35f0ca294c7c95487884e428ab9ce0bbedda16d9529367c9e9dbe563c80f858dc69851bf1950b53570eda9a1
|
7
|
+
data.tar.gz: 1a9e4f0dd3e2ec837fa8ffb6d5cdeef8b3b58c1ff16f1e5c368f9b41a0e403cd0c467523d58917d739e15cf41d24155005ca40df3df8c82ca7ab45de1bb3cce3
|
data/CHANGELOG.md
CHANGED
@@ -4,23 +4,41 @@ All notable changes to this project will be documented in this file.
|
|
4
4
|
The format (since v2) is based on [Keep a Changelog v1](https://keepachangelog.com/en/1.0.0/),
|
5
5
|
and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.0.0.html).
|
6
6
|
|
7
|
-
## [
|
7
|
+
## [Unreleased]
|
8
|
+
### Added
|
9
|
+
### Changed
|
10
|
+
### Fixed
|
11
|
+
### Removed
|
12
|
+
|
13
|
+
## [2.0.9] - 2022-09-16
|
14
|
+
### Added
|
15
|
+
- More specs (@pboling)
|
16
|
+
### Changed
|
17
|
+
- Complete migration to main branch as default (@pboling)
|
18
|
+
- Complete migration to Gitlab, updating all links, and references in VCS-managed files (@pboling)
|
19
|
+
|
20
|
+
## [2.0.8] - 2022-09-01
|
21
|
+
### Changed
|
22
|
+
- [!630](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/630) - Extract snaky_hash to external dependency (@pboling)
|
8
23
|
### Added
|
9
|
-
- [
|
24
|
+
- [!631](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/631) - New global configuration option OAuth2.config.silence_extra_tokens_warning (default: false) fixes [#628](https://gitlab.com/oauth-xx/oauth2/-/issues/628)
|
10
25
|
|
26
|
+
## [2.0.7] - 2022-08-22
|
27
|
+
### Added
|
28
|
+
- [#629](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/629) - Allow POST of JSON to get token (@pboling, @terracatta)
|
11
29
|
### Fixed
|
12
|
-
- [#626](https://
|
30
|
+
- [#626](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/626) - Fixes a regression in 2.0.6. Will now prefer the key order from the lookup, not the hash keys (@rickselby)
|
13
31
|
- Note: This fixes compatibility with `omniauth-oauth2` and AWS
|
14
|
-
- [#625](https://
|
32
|
+
- [#625](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/625) - Fixes the printed version in the post install message (@hasghari)
|
15
33
|
|
16
34
|
## [2.0.6] - 2022-07-13
|
17
35
|
### Fixed
|
18
|
-
- [#624](https://
|
36
|
+
- [#624](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/624) - Fixes a [regression](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/623) in v2.0.5, where an error would be raised in refresh_token flows due to (legitimate) lack of access_token (@pboling)
|
19
37
|
|
20
38
|
## [2.0.5] - 2022-07-07
|
21
39
|
### Fixed
|
22
|
-
- [#620](https://
|
23
|
-
- [#621](https://
|
40
|
+
- [#620](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/620) - Documentation improvements, to help with upgrading (@swanson)
|
41
|
+
- [#621](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/621) - Fixed [#528](https://gitlab.com/oauth-xx/oauth2/-/issues/528) and [#619](https://gitlab.com/oauth-xx/oauth2/-/issues/619) (@pboling)
|
24
42
|
- All data in responses is now returned, with the access token removed and set as `token`
|
25
43
|
- `refresh_token` is no longer dropped
|
26
44
|
- **BREAKING**: Microsoft's `id_token` is no longer left as `access_token['id_token']`, but moved to the standard `access_token.token` that all other strategies use
|
@@ -29,21 +47,21 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
|
|
29
47
|
|
30
48
|
## [2.0.4] - 2022-07-01
|
31
49
|
### Fixed
|
32
|
-
- [#618](https://
|
50
|
+
- [#618](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/618) - In some scenarios the `snaky` option default value was not applied (@pboling)
|
33
51
|
|
34
52
|
## [2.0.3] - 2022-06-28
|
35
53
|
### Added
|
36
|
-
- [#611](https://
|
37
|
-
- [#612](https://
|
54
|
+
- [#611](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/611) - Proper deprecation warnings for `extract_access_token` argument (@pboling)
|
55
|
+
- [#612](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/612) - Add `snaky: false` option to skip conversion to `OAuth2::SnakyHash` (default: true) (@pboling)
|
38
56
|
### Fixed
|
39
|
-
- [#608](https://
|
40
|
-
- [#615](https://
|
57
|
+
- [#608](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/608) - Wrap `Faraday::TimeoutError` in `OAuth2::TimeoutError` (@nbibler)
|
58
|
+
- [#615](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/615) - Fix support for requests with blocks, see `Faraday::Connection#run_request` (@pboling)
|
41
59
|
|
42
60
|
## [2.0.2] - 2022-06-24
|
43
61
|
### Fixed
|
44
|
-
- [#604](https://
|
45
|
-
- [#606](https://
|
46
|
-
- [#607](https://
|
62
|
+
- [#604](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/604) - Wrap `Faraday::TimeoutError` in `OAuth2::TimeoutError` (@stanhu)
|
63
|
+
- [#606](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/606) - Ruby 2.7 deprecation warning fix: Move `access_token_class` parameter into `Client` constructor (@stanhu)
|
64
|
+
- [#607](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/607) - CHANGELOG correction, reference to `OAuth2::ConnectionError` (@zavan)
|
47
65
|
|
48
66
|
## [2.0.1] - 2022-06-22
|
49
67
|
### Added
|
@@ -52,80 +70,84 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
|
|
52
70
|
|
53
71
|
## [2.0.0] - 2022-06-21
|
54
72
|
### Added
|
55
|
-
- [#158](https://
|
56
|
-
- [#190](https://
|
57
|
-
- [#220](https://
|
58
|
-
- [#298](https://
|
59
|
-
- [#305](https://
|
60
|
-
- [#346](https://
|
61
|
-
- [#351](https://
|
62
|
-
- [#362](https://
|
63
|
-
- [#363](https://
|
64
|
-
- [#364](https://
|
65
|
-
- [#365](https://
|
66
|
-
- [#376](https://
|
67
|
-
- [#381](https://
|
68
|
-
- [#394](https://
|
69
|
-
- [#412](https://
|
70
|
-
- [#413](https://
|
71
|
-
- [#442](https://
|
72
|
-
- [#494](https://
|
73
|
-
- [#549](https://
|
74
|
-
- [#550](https://
|
75
|
-
- [#552](https://
|
76
|
-
- [#553](https://
|
77
|
-
- [#560](https://
|
78
|
-
- [#571](https://
|
79
|
-
- [#575](https://
|
80
|
-
- [#581](https://
|
73
|
+
- [#158](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/158), [#344](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/344) - Optionally pass raw response to parsers (@niels)
|
74
|
+
- [#190](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/190), [#332](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/332), [#334](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/334), [#335](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/335), [#360](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/360), [#426](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/426), [#427](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/427), [#461](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/461) - Documentation (@josephpage, @pboling, @meganemura, @joshRpowell, @elliotcm)
|
75
|
+
- [#220](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/220) - Support IETF rfc7523 JWT Bearer Tokens Draft 04+ (@jhmoore)
|
76
|
+
- [#298](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/298) - Set the response object on the access token on Client#get_token for debugging (@cpetschnig)
|
77
|
+
- [#305](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/305) - Option: `OAuth2::Client#get_token` - `:access_token_class` (`AccessToken`); user specified class to use for all calls to `get_token` (@styd)
|
78
|
+
- [#346](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/571) - Modern gem structure (@pboling)
|
79
|
+
- [#351](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/351) - Support Jruby 9k (@pboling)
|
80
|
+
- [#362](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/362) - Support SemVer release version scheme (@pboling)
|
81
|
+
- [#363](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/363) - New method `OAuth2::AccessToken#refresh!` same as old `refresh`, with backwards compatibility alias (@pboling)
|
82
|
+
- [#364](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/364) - Support `application/hal+json` format (@pboling)
|
83
|
+
- [#365](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/365) - Support `application/vnd.collection+json` format (@pboling)
|
84
|
+
- [#376](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/376) - _Documentation_: Example / Test for Google 2-legged JWT (@jhmoore)
|
85
|
+
- [#381](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/381) - Spec for extra header params on client credentials (@nikz)
|
86
|
+
- [#394](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/394) - Option: `OAuth2::AccessToken#initialize` - `:expires_latency` (`nil`); number of seconds by which AccessToken validity will be reduced to offset latency (@klippx)
|
87
|
+
- [#412](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/412) - Support `application/vdn.api+json` format (from jsonapi.org) (@david-christensen)
|
88
|
+
- [#413](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/413) - _Documentation_: License scan and report (@meganemura)
|
89
|
+
- [#442](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/442) - Option: `OAuth2::Client#initialize` - `:logger` (`::Logger.new($stdout)`) logger to use when OAUTH_DEBUG is enabled (for parity with `1-4-stable` branch) (@rthbound)
|
90
|
+
- [#494](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/494) - Support [OIDC 1.0 Private Key JWT](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication); based on the OAuth JWT assertion specification [(RFC 7523)](https://tools.ietf.org/html/rfc7523) (@SteveyblamWork)
|
91
|
+
- [#549](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/549) - Wrap `Faraday::ConnectionFailed` in `OAuth2::ConnectionError` (@nikkypx)
|
92
|
+
- [#550](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/550) - Raise error if location header not present when redirecting (@stanhu)
|
93
|
+
- [#552](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/552) - Add missing `version.rb` require (@ahorek)
|
94
|
+
- [#553](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/553) - Support `application/problem+json` format (@janz93)
|
95
|
+
- [#560](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/560) - Support IETF rfc6749, section 2.3.1 - don't set auth params when `nil` (@bouk)
|
96
|
+
- [#571](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/571) - Support Ruby 3.1 (@pboling)
|
97
|
+
- [#575](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/575) - Support IETF rfc7231, section 7.1.2 - relative location in redirect (@pboling)
|
98
|
+
- [#581](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/581) - _Documentation_: of breaking changes (@pboling)
|
81
99
|
### Changed
|
82
|
-
- [#191](https://
|
83
|
-
- [#312](https://
|
84
|
-
- [#317](https://
|
85
|
-
- [#338](https://
|
86
|
-
- [#339](https://
|
87
|
-
- [#410](https://
|
88
|
-
- [#414](https://
|
89
|
-
- [#489](https://
|
90
|
-
- [#489](https://
|
91
|
-
- [#507](https://
|
100
|
+
- [#191](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/191) - **BREAKING**: Token is expired if `expired_at` time is `now` (@davestevens)
|
101
|
+
- [#312](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/312) - **BREAKING**: Set `:basic_auth` as default for `:auth_scheme` instead of `:request_body`. This was default behavior before 1.3.0. (@tetsuya, @wy193777)
|
102
|
+
- [#317](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/317) - _Dependency_: Upgrade `jwt` to 2.x.x (@travisofthenorth)
|
103
|
+
- [#338](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/338) - _Dependency_: Switch from `Rack::Utils.escape` to `CGI.escape` (@josephpage)
|
104
|
+
- [#339](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/339), [#368](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/368), [#424](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/424), [#479](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/479), [#493](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/493), [#539](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/539), [#542](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/542), [#553](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/553) - CI Updates, code coverage, linting, spelling, type fixes, New VERSION constant (@pboling, @josephpage, @ahorek)
|
105
|
+
- [#410](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/410) - **BREAKING**: Removed the ability to call .error from an OAuth2::Response object (@jhmoore)
|
106
|
+
- [#414](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/414) - Use Base64.strict_encode64 instead of custom internal logic (@meganemura)
|
107
|
+
- [#489](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/489) - **BREAKING**: Default value for option `OAuth2::Client` - `:authorize_url` removed leading slash to work with relative paths by default (`'oauth/authorize'`) (@ghost)
|
108
|
+
- [#489](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/489) - **BREAKING**: Default value for option `OAuth2::Client` - `:token_url` removed leading slash to work with relative paths by default (`'oauth/token'`) (@ghost)
|
109
|
+
- [#507](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/507), [#575](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/575) - **BREAKING**: Transform keys to camel case, always, by default (ultimately via `rash_alt` gem)
|
92
110
|
- Original keys will still work as previously, in most scenarios, thanks to `rash_alt` gem.
|
93
111
|
- However, this is a _breaking_ change if you rely on `response.parsed.to_h`, as the keys in the result will be camel case.
|
94
112
|
- As of version 2.0.4 you can turn key transformation off with the `snaky: false` option.
|
95
|
-
- [#576](https://
|
96
|
-
- [#591](https://
|
113
|
+
- [#576](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/576) - **BREAKING**: Stop rescuing parsing errors (@pboling)
|
114
|
+
- [#591](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/576) - _DEPRECATION_: `OAuth2::Client` - `:extract_access_token` option is deprecated
|
97
115
|
### Fixed
|
98
|
-
- [#158](https://
|
99
|
-
- [#294](https://
|
100
|
-
- [#300](https://
|
101
|
-
- [#318](https://
|
102
|
-
- [#322](https://
|
103
|
-
- [#328](https://
|
104
|
-
- [#339](https://
|
105
|
-
- [#366](https://
|
106
|
-
- [#380](https://
|
107
|
-
- [#399](https://
|
108
|
-
- [#410](https://
|
109
|
-
- [#460](https://
|
110
|
-
- [#472](https://
|
111
|
-
- [#482](https://
|
112
|
-
- [#536](https://
|
113
|
-
- [#595](https://
|
114
|
-
- [#596](https://
|
115
|
-
- [#598](https://
|
116
|
+
- [#158](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/158), [#344](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/344) - Handling of errors when using `omniauth-facebook` (@niels)
|
117
|
+
- [#294](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/294) - Fix: "Unexpected middleware set" issue with Faraday when `OAUTH_DEBUG=true` (@spectator, @gafrom)
|
118
|
+
- [#300](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/300) - _Documentation_: `Oauth2::Error` - Error codes are strings, not symbols (@NobodysNightmare)
|
119
|
+
- [#318](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/318), [#326](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/326), [#343](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/343), [#347](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/347), [#397](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/397), [#464](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/464), [#561](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/561), [#565](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/565) - _Dependency_: Support all versions of `faraday` (see [gemfiles/README.md][gemfiles/readme] for compatibility matrix with Ruby engines & versions) (@pboling, @raimondasv, @zacharywelch, @Fudoshiki, @ryogift, @sj26, @jdelStrother)
|
120
|
+
- [#322](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/322), [#331](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/331), [#337](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/337), [#361](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/361), [#371](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/371), [#377](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/377), [#383](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/383), [#392](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/392), [#395](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/395), [#400](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/400), [#401](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/401), [#403](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/403), [#415](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/415), [#567](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/567) - Updated Rubocop, Rubocop plugins and improved code style (@pboling, @bquorning, @lautis, @spectator)
|
121
|
+
- [#328](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/328) - _Documentation_: Homepage URL is SSL (@amatsuda)
|
122
|
+
- [#339](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/339), [#479](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/479) - Update testing infrastructure for all supported Rubies (@pboling and @josephpage)
|
123
|
+
- [#366](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/366) - **Security**: Fix logging to `$stdout` of request and response bodies via Faraday's logger and `ENV["OAUTH_DEBUG"] == 'true'` (@pboling)
|
124
|
+
- [#380](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/380) - Fix: Stop attempting to encode non-encodable objects in `Oauth2::Error` (@jhmoore)
|
125
|
+
- [#399](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/399) - Fix: Stop duplicating `redirect_uri` in `get_token` (@markus)
|
126
|
+
- [#410](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/410) - Fix: `SystemStackError` caused by circular reference between Error and Response classes (@jhmoore)
|
127
|
+
- [#460](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/460) - Fix: Stop throwing errors when `raise_errors` is set to `false`; analog of [#524](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/524) for `1-4-stable` branch (@joaolrpaulo)
|
128
|
+
- [#472](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/472) - **Security**: Add checks to enforce `client_secret` is *never* passed in authorize_url query params for `implicit` and `auth_code` grant types (@dfockler)
|
129
|
+
- [#482](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/482) - _Documentation_: Update last of `intridea` links to `oauth-xx` (@pboling)
|
130
|
+
- [#536](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/536) - **Security**: Compatibility with more (and recent) Ruby OpenSSL versions, Github Actions, Rubocop updated, analogous to [#535](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/535) on `1-4-stable` branch (@pboling)
|
131
|
+
- [#595](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/595) - Graceful handling of empty responses from `Client#get_token`, respecting `:raise_errors` config (@stanhu)
|
132
|
+
- [#596](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/596) - Consistency between `AccessToken#refresh` and `Client#get_token` named arguments (@stanhu)
|
133
|
+
- [#598](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/598) - Fix unparseable data not raised as error in `Client#get_token`, respecting `:raise_errors` config (@stanhu)
|
116
134
|
### Removed
|
117
|
-
- [#341](https://
|
118
|
-
- [#342](https://
|
119
|
-
- [#539](https://
|
120
|
-
- [#566](https://
|
121
|
-
- [#589](https://
|
122
|
-
- [#590](https://
|
135
|
+
- [#341](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/341) - Remove Rdoc & Jeweler related files (@josephpage)
|
136
|
+
- [#342](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/342) - **BREAKING**: Dropped support for Ruby 1.8 (@josephpage)
|
137
|
+
- [#539](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/539) - Remove reliance on globally included OAuth2 in tests, analog of [#538](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/538) for 1-4-stable (@anderscarling)
|
138
|
+
- [#566](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/566) - _Dependency_: Removed `wwtd` (@bquorning)
|
139
|
+
- [#589](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/589), [#593](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/593) - Remove support for expired MAC token draft spec (@stanhu)
|
140
|
+
- [#590](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/590) - _Dependency_: Removed `multi_json` (@stanhu)
|
141
|
+
|
142
|
+
## [1.4.11] - 2022-09-16
|
143
|
+
- Complete migration to main branch as default (@pboling)
|
144
|
+
- Complete migration to Gitlab, updating all links, and references in VCS-managed files (@pboling)
|
123
145
|
|
124
146
|
## [1.4.10] - 2022-07-01
|
125
|
-
- FIPS Compatibility [#587](https://
|
147
|
+
- FIPS Compatibility [#587](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/587) (@akostadinov)
|
126
148
|
|
127
149
|
## [1.4.9] - 2022-02-20
|
128
|
-
- Fixes compatibility with Faraday v2 [572](https://
|
150
|
+
- Fixes compatibility with Faraday v2 [572](https://gitlab.com/oauth-xx/oauth2/-/issues/572)
|
129
151
|
- Includes supported versions of Faraday in test matrix:
|
130
152
|
- Faraday ~> 2.2.0 with Ruby >= 2.6
|
131
153
|
- Faraday ~> 1.10 with Ruby >= 2.4
|
@@ -135,47 +157,47 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
|
|
135
157
|
## [1.4.8] - 2022-02-18
|
136
158
|
- MFA is now required to push new gem versions (@pboling)
|
137
159
|
- README overhaul w/ new Ruby Version and Engine compatibility policies (@pboling)
|
138
|
-
- [#569](https://
|
160
|
+
- [#569](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/569) Backport fixes ([#561](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/561) by @ryogift), and add more fixes, to allow faraday 1.x and 2.x (@jrochkind)
|
139
161
|
- Improve Code Coverage tracking (Coveralls, CodeCov, CodeClimate), and enable branch coverage (@pboling)
|
140
162
|
- Add CodeQL, Security Policy, Funding info (@pboling)
|
141
163
|
- Added Ruby 3.1, jruby, jruby-head, truffleruby, truffleruby-head to build matrix (@pboling)
|
142
|
-
- [#543](https://
|
164
|
+
- [#543](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/543) - Support for more modern Open SSL libraries (@pboling)
|
143
165
|
|
144
166
|
## [1.4.7] - 2021-03-19
|
145
|
-
- [#541](https://
|
167
|
+
- [#541](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/541) - Backport fix to expires_at handling [#533](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/533) to 1-4-stable branch. (@dobon)
|
146
168
|
|
147
169
|
## [1.4.6] - 2021-03-19
|
148
|
-
- [#540](https://
|
149
|
-
- [#537](https://
|
150
|
-
- [#538](https://
|
170
|
+
- [#540](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/540) - Add VERSION constant (@pboling)
|
171
|
+
- [#537](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/537) - Fix crash in OAuth2::Client#get_token (@anderscarling)
|
172
|
+
- [#538](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/538) - Remove reliance on globally included OAuth2 in tests, analogous to [#539](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/539) on main branch (@anderscarling)
|
151
173
|
|
152
174
|
## [1.4.5] - 2021-03-18
|
153
|
-
- [#535](https://
|
154
|
-
- [#518](https://
|
155
|
-
- [#507](https://
|
156
|
-
- [#500](https://
|
175
|
+
- [#535](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/535) - Compatibility with range of supported Ruby OpenSSL versions, Rubocop updates, Github Actions, analogous to [#536](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/536) on main branch (@pboling)
|
176
|
+
- [#518](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/518) - Add extract_access_token option to OAuth2::Client (@jonspalmer)
|
177
|
+
- [#507](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/507) - Fix camel case content type, response keys (@anvox)
|
178
|
+
- [#500](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/500) - Fix YARD documentation formatting (@olleolleolle)
|
157
179
|
|
158
180
|
## [1.4.4] - 2020-02-12
|
159
|
-
- [#408](https://
|
181
|
+
- [#408](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/408) - Fixed expires_at for formatted time (@Lomey)
|
160
182
|
|
161
183
|
## [1.4.3] - 2020-01-29
|
162
|
-
- [#483](https://
|
163
|
-
- [#495](https://
|
184
|
+
- [#483](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/483) - add project metadata to gemspec (@orien)
|
185
|
+
- [#495](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/495) - support additional types of access token requests (@SteveyblamFreeagent, @thomcorley, @dgholz)
|
164
186
|
- Adds support for private_key_jwt and tls_client_auth
|
165
|
-
- [#433](https://
|
187
|
+
- [#433](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/433) - allow field names with square brackets and numbers in params (@asm256)
|
166
188
|
|
167
189
|
## [1.4.2] - 2019-10-01
|
168
|
-
- [#478](https://
|
190
|
+
- [#478](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/478) - support latest version of faraday & fix build (@pboling)
|
169
191
|
- Officially support Ruby 2.6 and truffleruby
|
170
192
|
|
171
193
|
## [1.4.1] - 2018-10-13
|
172
|
-
- [#417](https://
|
173
|
-
- [#419](https://
|
174
|
-
- [#418](https://
|
175
|
-
- [#420](https://
|
176
|
-
- [#421](https://
|
177
|
-
- [#422](https://
|
178
|
-
- [#423](https://
|
194
|
+
- [#417](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/417) - update jwt dependency (@thewoolleyman)
|
195
|
+
- [#419](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/419) - remove rubocop dependency (temporary, added back in [#423](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/423)) (@pboling)
|
196
|
+
- [#418](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/418) - update faraday dependency (@pboling)
|
197
|
+
- [#420](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/420) - update [oauth2.gemspec](https://gitlab.com/oauth-xx/oauth2/-/blob/1-4-stable/oauth2.gemspec) (@pboling)
|
198
|
+
- [#421](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/421) - fix [CHANGELOG.md](https://gitlab.com/oauth-xx/oauth2/-/blob/1-4-stable/CHANGELOG.md) for previous releases (@pboling)
|
199
|
+
- [#422](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/422) - update [LICENSE](https://gitlab.com/oauth-xx/oauth2/-/blob/1-4-stable/LICENSE) and [README.md](https://gitlab.com/oauth-xx/oauth2/-/blob/1-4-stable/README.md) (@pboling)
|
200
|
+
- [#423](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/423) - update [builds](https://travis-ci.org/oauth-xx/oauth2/builds), [Rakefile](https://gitlab.com/oauth-xx/oauth2/-/blob/1-4-stable/Rakefile) (@pboling)
|
179
201
|
- officially document supported Rubies
|
180
202
|
* Ruby 1.9.3
|
181
203
|
* Ruby 2.0.0
|
@@ -225,17 +247,16 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
|
|
225
247
|
## [1.0.0] - 2014-07-09
|
226
248
|
### Added
|
227
249
|
- Add an implementation of the MAC token spec.
|
228
|
-
|
229
250
|
### Fixed
|
230
251
|
- Fix Base64.strict_encode64 incompatibility with Ruby 1.8.7.
|
231
|
-
## [0.5.0] - 2011-07-29
|
232
252
|
|
253
|
+
## [0.5.0] - 2011-07-29
|
233
254
|
### Changed
|
234
|
-
-
|
235
|
-
-
|
236
|
-
-
|
237
|
-
-
|
238
|
-
-
|
255
|
+
- *breaking* `oauth_token` renamed to `oauth_bearer`.
|
256
|
+
- *breaking* `authorize_path` Client option renamed to `authorize_url`.
|
257
|
+
- *breaking* `access_token_path` Client option renamed to `token_url`.
|
258
|
+
- *breaking* `access_token_method` Client option renamed to `token_method`.
|
259
|
+
- *breaking* `web_server` renamed to `auth_code`.
|
239
260
|
|
240
261
|
## [0.4.1] - 2011-04-20
|
241
262
|
|
@@ -263,48 +284,52 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
|
|
263
284
|
|
264
285
|
## [0.0.4] + [0.0.3] + [0.0.2] + [0.0.1] - 2010-04-22
|
265
286
|
|
266
|
-
[0.0.1]: https://
|
267
|
-
[0.0.2]: https://
|
268
|
-
[0.0.3]: https://
|
269
|
-
[0.0.4]: https://
|
270
|
-
[0.0.5]: https://
|
271
|
-
[0.0.6]: https://
|
272
|
-
[0.0.7]: https://
|
273
|
-
[0.0.8]: https://
|
274
|
-
[0.0.9]: https://
|
275
|
-
[0.0.10]: https://
|
276
|
-
[0.0.11]: https://
|
277
|
-
[0.0.12]: https://
|
278
|
-
[0.0.13]: https://
|
279
|
-
[0.1.0]: https://
|
280
|
-
[0.1.1]: https://
|
281
|
-
[0.2.0]: https://
|
282
|
-
[0.3.0]: https://
|
283
|
-
[0.4.0]: https://
|
284
|
-
[0.4.1]: https://
|
285
|
-
[0.5.0]: https://
|
286
|
-
[1.0.0]: https://
|
287
|
-
[1.1.0]: https://
|
288
|
-
[1.2.0]: https://
|
289
|
-
[1.3.0]: https://
|
290
|
-
[1.3.1]: https://
|
291
|
-
[1.4.0]: https://
|
292
|
-
[1.4.1]: https://
|
293
|
-
[1.4.2]: https://
|
294
|
-
[1.4.3]: https://
|
295
|
-
[1.4.4]: https://
|
296
|
-
[1.4.5]: https://
|
297
|
-
[1.4.6]: https://
|
298
|
-
[1.4.7]: https://
|
299
|
-
[1.4.8]: https://
|
300
|
-
[1.4.9]: https://
|
301
|
-
[1.4.10]: https://
|
302
|
-
[
|
303
|
-
[2.0.
|
304
|
-
[2.0.
|
305
|
-
[2.0.
|
306
|
-
[2.0.
|
307
|
-
[2.0.
|
308
|
-
[2.0.
|
309
|
-
[
|
287
|
+
[0.0.1]: https://gitlab.com/oauth-xx/oauth2/-/compare/311d9f4...v0.0.1
|
288
|
+
[0.0.2]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.0.1...v0.0.2
|
289
|
+
[0.0.3]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.0.2...v0.0.3
|
290
|
+
[0.0.4]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.0.3...v0.0.4
|
291
|
+
[0.0.5]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.0.4...v0.0.5
|
292
|
+
[0.0.6]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.0.5...v0.0.6
|
293
|
+
[0.0.7]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.0.6...v0.0.7
|
294
|
+
[0.0.8]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.0.7...v0.0.8
|
295
|
+
[0.0.9]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.0.8...v0.0.9
|
296
|
+
[0.0.10]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.0.9...v0.0.10
|
297
|
+
[0.0.11]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.0.10...v0.0.11
|
298
|
+
[0.0.12]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.0.11...v0.0.12
|
299
|
+
[0.0.13]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.0.12...v0.0.13
|
300
|
+
[0.1.0]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.0.13...v0.1.0
|
301
|
+
[0.1.1]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.1.0...v0.1.1
|
302
|
+
[0.2.0]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.1.1...v0.2.0
|
303
|
+
[0.3.0]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.2.0...v0.3.0
|
304
|
+
[0.4.0]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.3.0...v0.4.0
|
305
|
+
[0.4.1]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.4.0...v0.4.1
|
306
|
+
[0.5.0]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.4.1...v0.5.0
|
307
|
+
[1.0.0]: https://gitlab.com/oauth-xx/oauth2/-/compare/v0.9.4...v1.0.0
|
308
|
+
[1.1.0]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.0.0...v1.1.0
|
309
|
+
[1.2.0]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.1.0...v1.2.0
|
310
|
+
[1.3.0]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.2.0...v1.3.0
|
311
|
+
[1.3.1]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.3.0...v1.3.1
|
312
|
+
[1.4.0]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.3.1...v1.4.0
|
313
|
+
[1.4.1]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.4.0...v1.4.1
|
314
|
+
[1.4.2]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.4.1...v1.4.2
|
315
|
+
[1.4.3]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.4.2...v1.4.3
|
316
|
+
[1.4.4]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.4.3...v1.4.4
|
317
|
+
[1.4.5]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.4.4...v1.4.5
|
318
|
+
[1.4.6]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.4.5...v1.4.6
|
319
|
+
[1.4.7]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.4.6...v1.4.7
|
320
|
+
[1.4.8]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.4.7...v1.4.8
|
321
|
+
[1.4.9]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.4.8...v1.4.9
|
322
|
+
[1.4.10]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.4.9...v1.4.10
|
323
|
+
[1.4.11]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.4.10...v1.4.11
|
324
|
+
[2.0.0]: https://gitlab.com/oauth-xx/oauth2/-/compare/v1.4.11...v2.0.0
|
325
|
+
[2.0.1]: https://gitlab.com/oauth-xx/oauth2/-/compare/v2.0.0...v2.0.1
|
326
|
+
[2.0.2]: https://gitlab.com/oauth-xx/oauth2/-/compare/v2.0.1...v2.0.2
|
327
|
+
[2.0.3]: https://gitlab.com/oauth-xx/oauth2/-/compare/v2.0.2...v2.0.3
|
328
|
+
[2.0.4]: https://gitlab.com/oauth-xx/oauth2/-/compare/v2.0.3...v2.0.4
|
329
|
+
[2.0.5]: https://gitlab.com/oauth-xx/oauth2/-/compare/v2.0.4...v2.0.5
|
330
|
+
[2.0.6]: https://gitlab.com/oauth-xx/oauth2/-/compare/v2.0.5...v2.0.6
|
331
|
+
[2.0.7]: https://gitlab.com/oauth-xx/oauth2/-/compare/v2.0.6...v2.0.7
|
332
|
+
[2.0.8]: https://gitlab.com/oauth-xx/oauth2/-/compare/v2.0.7...v2.0.8
|
333
|
+
[2.0.9]: https://gitlab.com/oauth-xx/oauth2/-/compare/v2.0.8...v2.0.9
|
334
|
+
[Unreleased]: https://gitlab.com/oauth-xx/oauth2/-/compare/v2.0.9...HEAD
|
310
335
|
[gemfiles/readme]: gemfiles/README.md
|
data/CONTRIBUTING.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
## Contributing
|
2
2
|
|
3
|
-
Bug reports and pull requests are welcome on
|
3
|
+
Bug reports and pull requests are welcome on GitLab at [https://gitlab.com/oauth-xx/oauth2][source]
|
4
4
|
. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to
|
5
5
|
the [code of conduct][conduct].
|
6
6
|
|
@@ -27,18 +27,18 @@ To submit a patch, please fork the project and create a patch with tests. Once y
|
|
27
27
|
|
28
28
|
## Contributors
|
29
29
|
|
30
|
-
[![Contributors](https://contrib.rocks/image?repo=oauth-xx/oauth2)][contributors]
|
30
|
+
[![Contributors](https://contrib.rocks/image?repo=oauth-xx/oauth2)][🚎contributors]
|
31
31
|
|
32
32
|
Made with [contributors-img][contrib-rocks].
|
33
33
|
|
34
34
|
[comment]: <> (Following links are used by README, CONTRIBUTING)
|
35
35
|
|
36
|
-
[conduct]: https://
|
36
|
+
[conduct]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CODE_OF_CONDUCT.md
|
37
37
|
|
38
38
|
[contrib-rocks]: https://contrib.rocks
|
39
39
|
|
40
|
-
[contributors]: https://
|
40
|
+
[🚎contributors]: https://gitlab.com/oauth-xx/oauth2/-/graphs/main
|
41
41
|
|
42
42
|
[comment]: <> (Following links are used by README, CONTRIBUTING, Homepage)
|
43
43
|
|
44
|
-
[source]: https://
|
44
|
+
[source]: https://gitlab.com/oauth-xx/oauth2/
|
data/LICENSE
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
MIT License
|
2
2
|
|
3
3
|
Copyright (c) 2011 - 2013 Michael Bleigh and Intridea, Inc.
|
4
|
-
Copyright (c) 2017 - 2022 oauth-xx organization, https://
|
4
|
+
Copyright (c) 2017 - 2022 oauth-xx organization, https://gitlab.com/oauth-xx
|
5
5
|
|
6
6
|
Permission is hereby granted, free of charge, to any person obtaining a copy
|
7
7
|
of this software and associated documentation files (the "Software"), to deal
|
data/README.md
CHANGED
@@ -1,9 +1,9 @@
|
|
1
1
|
<p align="center">
|
2
2
|
<a href="http://oauth.net/2/" target="_blank" rel="noopener">
|
3
|
-
<img src="https://github.com/oauth-xx/oauth2/raw/
|
3
|
+
<img src="https://github.com/oauth-xx/oauth2/raw/main/docs/images/logo/oauth2-logo-124px.png?raw=true" alt="OAuth 2.0 Logo by Chris Messina, CC BY-SA 3.0">
|
4
4
|
</a>
|
5
5
|
<a href="https://www.ruby-lang.org/" target="_blank" rel="noopener">
|
6
|
-
<img width="124px" src="https://github.com/oauth-xx/oauth2/raw/
|
6
|
+
<img width="124px" src="https://github.com/oauth-xx/oauth2/raw/main/docs/images/logo/ruby-logo-198px.svg?raw=true" alt="Yukihiro Matsumoto, Ruby Visual Identity Team, CC BY-SA 2.5">
|
7
7
|
</a>
|
8
8
|
</p>
|
9
9
|
|
@@ -21,7 +21,7 @@ See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby.
|
|
21
21
|
* [oauth sibling gem][sibling-gem] for OAuth 1.0 implementations in Ruby.
|
22
22
|
|
23
23
|
[oauth2-spec]: https://oauth.net/2/
|
24
|
-
[sibling-gem]: https://
|
24
|
+
[sibling-gem]: https://gitlab.com/oauth-xx/oauth
|
25
25
|
|
26
26
|
## Release Documentation
|
27
27
|
|
@@ -32,13 +32,16 @@ See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby.
|
|
32
32
|
|
33
33
|
| Version | Release Date | Readme |
|
34
34
|
|---------|--------------|----------------------------------------------------------|
|
35
|
-
| 2.0.
|
36
|
-
| 2.0.
|
37
|
-
| 2.0.
|
38
|
-
| 2.0.
|
39
|
-
| 2.0.
|
40
|
-
| 2.0.
|
41
|
-
| 2.0.
|
35
|
+
| 2.0.9 | 2022-09-16 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.9/README.md |
|
36
|
+
| 2.0.8 | 2022-09-01 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.8/README.md |
|
37
|
+
| 2.0.7 | 2022-08-22 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.7/README.md |
|
38
|
+
| 2.0.6 | 2022-07-13 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.6/README.md |
|
39
|
+
| 2.0.5 | 2022-07-07 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.5/README.md |
|
40
|
+
| 2.0.4 | 2022-07-01 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.4/README.md |
|
41
|
+
| 2.0.3 | 2022-06-28 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.3/README.md |
|
42
|
+
| 2.0.2 | 2022-06-24 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.2/README.md |
|
43
|
+
| 2.0.1 | 2022-06-22 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.1/README.md |
|
44
|
+
| 2.0.0 | 2022-06-21 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.0/README.md |
|
42
45
|
</details>
|
43
46
|
|
44
47
|
### Older Releases
|
@@ -46,19 +49,20 @@ See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby.
|
|
46
49
|
<details>
|
47
50
|
<summary>1.4.x Readmes</summary>
|
48
51
|
|
49
|
-
| Version | Release Date | Readme
|
50
|
-
|
51
|
-
| 1.4.
|
52
|
-
| 1.4.
|
53
|
-
| 1.4.
|
54
|
-
| 1.4.
|
55
|
-
| 1.4.
|
56
|
-
| 1.4.
|
57
|
-
| 1.4.
|
58
|
-
| 1.4.
|
59
|
-
| 1.4.
|
60
|
-
| 1.4.
|
61
|
-
| 1.4.
|
52
|
+
| Version | Release Date | Readme |
|
53
|
+
|---------|--------------|-------------------------------------------------------------|
|
54
|
+
| 1.4.11 | Sep 16, 2022 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.11/README.md |
|
55
|
+
| 1.4.10 | Jul 1, 2022 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.10/README.md |
|
56
|
+
| 1.4.9 | Feb 20, 2022 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.9/README.md |
|
57
|
+
| 1.4.8 | Feb 18, 2022 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.8/README.md |
|
58
|
+
| 1.4.7 | Mar 19, 2021 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.7/README.md |
|
59
|
+
| 1.4.6 | Mar 19, 2021 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.6/README.md |
|
60
|
+
| 1.4.5 | Mar 18, 2021 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.5/README.md |
|
61
|
+
| 1.4.4 | Feb 12, 2020 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.4/README.md |
|
62
|
+
| 1.4.3 | Jan 29, 2020 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.3/README.md |
|
63
|
+
| 1.4.2 | Oct 1, 2019 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.2/README.md |
|
64
|
+
| 1.4.1 | Oct 13, 2018 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.1/README.md |
|
65
|
+
| 1.4.0 | Jun 9, 2017 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.0/README.md |
|
62
66
|
</details>
|
63
67
|
|
64
68
|
<details>
|
@@ -66,8 +70,8 @@ See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby.
|
|
66
70
|
|
67
71
|
| Version | Release Date | Readme |
|
68
72
|
|----------|--------------|----------------------------------------------------------|
|
69
|
-
| 1.3.1 | Mar 3, 2017 | https://
|
70
|
-
| 1.3.0 | Dec 27, 2016 | https://
|
73
|
+
| 1.3.1 | Mar 3, 2017 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.3.1/README.md |
|
74
|
+
| 1.3.0 | Dec 27, 2016 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.3.0/README.md |
|
71
75
|
</details>
|
72
76
|
|
73
77
|
<details>
|
@@ -75,10 +79,10 @@ See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby.
|
|
75
79
|
|
76
80
|
| Version | Release Date | Readme |
|
77
81
|
|----------|--------------|----------------------------------------------------------|
|
78
|
-
| 1.2.0 | Jun 30, 2016 | https://
|
79
|
-
| 1.1.0 | Jan 30, 2016 | https://
|
80
|
-
| 1.0.0 | May 23, 2014 | https://
|
81
|
-
| < 1.0.0 | Find here | https://
|
82
|
+
| 1.2.0 | Jun 30, 2016 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.2.0/README.md |
|
83
|
+
| 1.1.0 | Jan 30, 2016 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.1.0/README.md |
|
84
|
+
| 1.0.0 | May 23, 2014 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.0.0/README.md |
|
85
|
+
| < 1.0.0 | Find here | https://gitlab.com/oauth-xx/oauth2/-/tags |
|
82
86
|
</details>
|
83
87
|
|
84
88
|
## Status
|
@@ -110,15 +114,15 @@ appended indicators:
|
|
110
114
|
♻️ - URL needs to be updated from SASS integration. Find / Replace is insufficient.
|
111
115
|
-->
|
112
116
|
|
113
|
-
| | Project | bundle add oauth2
|
114
|
-
|
115
|
-
| 1️⃣ | name, license, docs | [![RubyGems.org][⛳️name-img]][⛳️gem] [![License: MIT][🖇src-license-img]][🖇src-license] [![FOSSA][🏘fossa-img]][🏘fossa] [![RubyDoc.info][🚎yard-img]][🚎yard] [![InchCI][🖐inch-ci-img]][🚎yard]
|
116
|
-
| 2️⃣ | version & activity | [![Gem Version][⛳️version-img]][⛳️gem] [![Total Downloads][🖇DL-total-img]][⛳️gem] [![Download Rank][🏘DL-rank-img]][⛳️gem] [![Source Code][🚎src-home-img]][🚎src-home]
|
117
|
-
| 3️⃣ | maintanence & linting | [![Maintainability][⛳cclim-maint-img♻️]][⛳cclim-maint] [![Helpers][🖇triage-help-img]][🖇triage-help] [![Depfu][🏘depfu-img♻️]][🏘depfu♻️] [![Contributors][🚎contributors-img]][🚎contributors] [![Style][🖐style-wf-img]][🖐style-wf] [![Kloc Roll][🧮kloc-img]][🧮kloc]
|
118
|
-
| 4️⃣ | testing | [![
|
119
|
-
| 5️⃣ | coverage & security | [![CodeClimate][⛳cclim-cov-img♻️]][⛳cclim-cov] [![CodeCov][🖇codecov-img♻️]][🖇codecov] [![Coveralls][🏘coveralls-img]][🏘coveralls] [![Security Policy][🚎sec-pol-img]][🚎sec-pol] [![CodeQL][🖐codeQL-img]][🖐codeQL] [![Code Coverage][🧮cov-wf-img]][🧮cov-wf]
|
120
|
-
| 6️⃣ | resources | [![Discussion][⛳
|
121
|
-
| 7️⃣ | spread 💖 | [![Liberapay Patrons][⛳liberapay-img]][⛳liberapay] [![Sponsor Me][🖇sponsor-img]][🖇sponsor] [![Tweet @ Peter][🏘tweet-img]][🏘tweet] [🌏][aboutme] [👼][angelme] [💻][coderme]
|
117
|
+
| | Project | bundle add oauth2 |
|
118
|
+
|:----|-----------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
119
|
+
| 1️⃣ | name, license, docs | [![RubyGems.org][⛳️name-img]][⛳️gem] [![License: MIT][🖇src-license-img]][🖇src-license] [![FOSSA][🏘fossa-img]][🏘fossa] [![RubyDoc.info][🚎yard-img]][🚎yard] [![InchCI][🖐inch-ci-img]][🚎yard] |
|
120
|
+
| 2️⃣ | version & activity | [![Gem Version][⛳️version-img]][⛳️gem] [![Total Downloads][🖇DL-total-img]][⛳️gem] [![Download Rank][🏘DL-rank-img]][⛳️gem] [![Source Code][🚎src-home-img]][🚎src-home] |
|
121
|
+
| 3️⃣ | maintanence & linting | [![Maintainability][⛳cclim-maint-img♻️]][⛳cclim-maint] [![Helpers][🖇triage-help-img]][🖇triage-help] [![Depfu][🏘depfu-img♻️]][🏘depfu♻️] [![Contributors][🚎contributors-img]][🚎contributors] [![Style][🖐style-wf-img]][🖐style-wf] [![Kloc Roll][🧮kloc-img]][🧮kloc] |
|
122
|
+
| 4️⃣ | testing | [![Supported][🏘sup-wf-img]][🏘sup-wf] [![Heads][🚎heads-wf-img]][🚎heads-wf] [![Unofficial Support][🖐uns-wf-img]][🖐uns-wf] [![MacOS][🧮mac-wf-img]][🧮mac-wf] [![Windows][📗win-wf-img]][📗win-wf] |
|
123
|
+
| 5️⃣ | coverage & security | [![CodeClimate][⛳cclim-cov-img♻️]][⛳cclim-cov] [![CodeCov][🖇codecov-img♻️]][🖇codecov] [![Coveralls][🏘coveralls-img]][🏘coveralls] [![Security Policy][🚎sec-pol-img]][🚎sec-pol] [![CodeQL][🖐codeQL-img]][🖐codeQL] [![Code Coverage][🧮cov-wf-img]][🧮cov-wf] |
|
124
|
+
| 6️⃣ | resources | [![Discussion][⛳gg-discussions-img]][⛳gg-discussions] [![Get help on Codementor][🖇codementor-img]][🖇codementor] [![Chat][🏘chat-img]][🏘chat] [![Blog][🚎blog-img]][🚎blog] [![Blog][🖐wiki-img]][🖐wiki] |
|
125
|
+
| 7️⃣ | spread 💖 | [![Liberapay Patrons][⛳liberapay-img]][⛳liberapay] [![Sponsor Me][🖇sponsor-img]][🖇sponsor] [![Tweet @ Peter][🏘tweet-img]][🏘tweet] [🌏][aboutme] [👼][angelme] [💻][coderme] |
|
122
126
|
|
123
127
|
<!--
|
124
128
|
The link tokens in the following sections should be kept ordered by the row and badge numbering scheme
|
@@ -139,14 +143,8 @@ The link tokens in the following sections should be kept ordered by the row and
|
|
139
143
|
[⛳️version-img]: http://img.shields.io/gem/v/oauth2.svg
|
140
144
|
[🖇DL-total-img]: https://img.shields.io/gem/dt/oauth2.svg
|
141
145
|
[🏘DL-rank-img]: https://img.shields.io/gem/rt/oauth2.svg
|
142
|
-
[🚎src-home]: https://
|
143
|
-
[🚎src-home-img]: https://img.shields.io/badge/source-
|
144
|
-
[🖐prs-o]: https://github.com/oauth-xx/oauth2/pulls
|
145
|
-
[🖐prs-o-img]: https://img.shields.io/github/issues-pr/oauth-xx/oauth2
|
146
|
-
[🧮prs-c]: https://github.com/oauth-xx/oauth2/pulls?q=is%3Apr+is%3Aclosed
|
147
|
-
[🧮prs-c-img]: https://img.shields.io/github/issues-pr-closed/oauth-xx/oauth2
|
148
|
-
[📗next♻️]: https://github.com/oauth-xx/oauth2/milestone/2
|
149
|
-
[📗next-img♻️]: https://img.shields.io/github/milestones/progress/oauth-xx/oauth2/2?label=Next%20Version
|
146
|
+
[🚎src-home]: https://gitlab.com/oauth-xx/oauth2/
|
147
|
+
[🚎src-home-img]: https://img.shields.io/badge/source-gitlab-blue.svg?style=flat
|
150
148
|
|
151
149
|
<!-- 3️⃣ maintenance & linting -->
|
152
150
|
[⛳cclim-maint]: https://codeclimate.com/github/oauth-xx/oauth2/maintainability
|
@@ -155,7 +153,7 @@ The link tokens in the following sections should be kept ordered by the row and
|
|
155
153
|
[🖇triage-help-img]: https://www.codetriage.com/oauth-xx/oauth2/badges/users.svg
|
156
154
|
[🏘depfu♻️]: https://depfu.com/github/oauth-xx/oauth2?project_id=4445
|
157
155
|
[🏘depfu-img♻️]: https://badges.depfu.com/badges/6d34dc1ba682bbdf9ae2a97848241743/count.svg
|
158
|
-
[🚎contributors]: https://
|
156
|
+
[🚎contributors]: https://gitlab.com/oauth-xx/oauth2/-/graphs/main
|
159
157
|
[🚎contributors-img]: https://img.shields.io/github/contributors-anon/oauth-xx/oauth2
|
160
158
|
[🖐style-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/style.yml
|
161
159
|
[🖐style-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/style.yml/badge.svg
|
@@ -163,10 +161,6 @@ The link tokens in the following sections should be kept ordered by the row and
|
|
163
161
|
[🧮kloc-img]: https://img.shields.io/tokei/lines/github.com/oauth-xx/oauth2
|
164
162
|
|
165
163
|
<!-- 4️⃣ testing -->
|
166
|
-
[⛳iss-o]: https://github.com/oauth-xx/oauth2/issues
|
167
|
-
[⛳iss-o-img]: https://img.shields.io/github/issues-raw/oauth-xx/oauth2
|
168
|
-
[🖇iss-c]: https://github.com/oauth-xx/oauth2/issues?q=is%3Aissue+is%3Aclosed
|
169
|
-
[🖇iss-c-img]: https://img.shields.io/github/issues-closed-raw/oauth-xx/oauth2
|
170
164
|
[🏘sup-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/supported.yml
|
171
165
|
[🏘sup-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/supported.yml/badge.svg
|
172
166
|
[🚎heads-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/heads.yml
|
@@ -181,11 +175,11 @@ The link tokens in the following sections should be kept ordered by the row and
|
|
181
175
|
<!-- 5️⃣ coverage & security -->
|
182
176
|
[⛳cclim-cov]: https://codeclimate.com/github/oauth-xx/oauth2/test_coverage
|
183
177
|
[⛳cclim-cov-img♻️]: https://api.codeclimate.com/v1/badges/688c612528ff90a46955/test_coverage
|
184
|
-
[🖇codecov-img♻️]: https://codecov.io/gh/oauth-xx/oauth2/branch/
|
178
|
+
[🖇codecov-img♻️]: https://codecov.io/gh/oauth-xx/oauth2/branch/main/graph/badge.svg?token=bNqSzNiuo2
|
185
179
|
[🖇codecov]: https://codecov.io/gh/oauth-xx/oauth2
|
186
|
-
[🏘coveralls]: https://coveralls.io/github/oauth-xx/oauth2?branch=
|
187
|
-
[🏘coveralls-img]: https://coveralls.io/repos/github/oauth-xx/oauth2/badge.svg?branch=
|
188
|
-
[🚎sec-pol]: https://
|
180
|
+
[🏘coveralls]: https://coveralls.io/github/oauth-xx/oauth2?branch=main
|
181
|
+
[🏘coveralls-img]: https://coveralls.io/repos/github/oauth-xx/oauth2/badge.svg?branch=main
|
182
|
+
[🚎sec-pol]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/SECURITY.md
|
189
183
|
[🚎sec-pol-img]: https://img.shields.io/badge/security-policy-brightgreen.svg?style=flat
|
190
184
|
[🖐codeQL]: https://github.com/oauth-xx/oauth2/security/code-scanning
|
191
185
|
[🖐codeQL-img]: https://github.com/oauth-xx/oauth2/actions/workflows/codeql-analysis.yml/badge.svg
|
@@ -193,15 +187,15 @@ The link tokens in the following sections should be kept ordered by the row and
|
|
193
187
|
[🧮cov-wf-img]: https://github.com/oauth-xx/oauth2/actions/workflows/coverage.yml/badge.svg
|
194
188
|
|
195
189
|
<!-- 6️⃣ resources -->
|
196
|
-
[⛳
|
197
|
-
[⛳
|
190
|
+
[⛳gg-discussions]: https://groups.google.com/g/oauth-ruby
|
191
|
+
[⛳gg-discussions-img]: https://img.shields.io/badge/google-group-purple.svg?style=flat
|
198
192
|
[🖇codementor]: https://www.codementor.io/peterboling?utm_source=github&utm_medium=button&utm_term=peterboling&utm_campaign=github
|
199
193
|
[🖇codementor-img]: https://cdn.codementor.io/badges/get_help_github.svg
|
200
194
|
[🏘chat]: https://gitter.im/oauth-xx/oauth2
|
201
195
|
[🏘chat-img]: https://img.shields.io/gitter/room/oauth-xx/oauth2.svg
|
202
196
|
[🚎blog]: http://www.railsbling.com/tags/oauth2/
|
203
197
|
[🚎blog-img]: https://img.shields.io/badge/blog-railsbling-brightgreen.svg?style=flat
|
204
|
-
[🖐wiki]: https://
|
198
|
+
[🖐wiki]: https://gitlab.com/oauth-xx/oauth2/-/wikis/home
|
205
199
|
[🖐wiki-img]: https://img.shields.io/badge/wiki-examples-brightgreen.svg?style=flat
|
206
200
|
|
207
201
|
<!-- 7️⃣ spread 💖 -->
|
@@ -265,7 +259,7 @@ For more see [SECURITY.md][🚎sec-pol].
|
|
265
259
|
- As of version 2.0.4 you can turn key transformation off with the `snaky: false` option.
|
266
260
|
- By default, the `:auth_scheme` is now `:basic_auth` (instead of `:request_body`)
|
267
261
|
- Third-party strategies and gems may need to be updated if a provider was requiring client id/secret in the request body
|
268
|
-
- [... A lot more](https://
|
262
|
+
- [... A lot more](https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md#2.0.0)
|
269
263
|
|
270
264
|
## Compatibility
|
271
265
|
|
@@ -280,8 +274,7 @@ This gem is tested against MRI, JRuby, and Truffleruby.
|
|
280
274
|
Each of those has varying versions that target a specific version of MRI Ruby.
|
281
275
|
This gem should work in the just-listed Ruby engines according to the targeted MRI compatibility in the table below.
|
282
276
|
If you would like to add support for additional engines,
|
283
|
-
|
284
|
-
then submit a PR to the correct maintenance branch as according to the table below.
|
277
|
+
see `gemfiles/README.md`, then submit a PR to the correct maintenance branch as according to the table below.
|
285
278
|
</details>
|
286
279
|
|
287
280
|
<details>
|
@@ -303,7 +296,7 @@ of a major release, support for that Ruby version may be dropped.
|
|
303
296
|
|
304
297
|
| | Ruby OAuth2 Version | Maintenance Branch | Supported Officially | Supported Unofficially | Supported Incidentally |
|
305
298
|
|:----|---------------------|--------------------|-------------------------|------------------------|------------------------|
|
306
|
-
| 1️⃣ | 2.0.x | `
|
299
|
+
| 1️⃣ | 2.0.x | `main` | 2.7, 3.0, 3.1 | 2.5, 2.6 | 2.2, 2.3, 2.4 |
|
307
300
|
| 2️⃣ | 1.4.x | `1-4-stable` | 2.5, 2.6, 2.7, 3.0, 3.1 | 2.1, 2.2, 2.3, 2.4 | 1.9, 2.0 |
|
308
301
|
| 3️⃣ | older | N/A | Best of luck to you! | Please upgrade! | |
|
309
302
|
|
@@ -312,6 +305,19 @@ See [SECURITY.md][🚎sec-pol]
|
|
312
305
|
|
313
306
|
## Usage Examples
|
314
307
|
|
308
|
+
### Global Configuration
|
309
|
+
|
310
|
+
If you started seeing this warning, but everything it working fine, you can now silence it.
|
311
|
+
```log
|
312
|
+
OAuth2::AccessToken.from_hash: `hash` contained more than one 'token' key
|
313
|
+
```
|
314
|
+
|
315
|
+
```ruby
|
316
|
+
OAuth2.configure do |config|
|
317
|
+
config.silence_extra_tokens_warning = true # default: false
|
318
|
+
end
|
319
|
+
```
|
320
|
+
|
315
321
|
### `authorize_url` and `token_url` are on site root (Just Works!)
|
316
322
|
|
317
323
|
```ruby
|
@@ -409,7 +415,7 @@ The `AccessToken` methods `#get`, `#post`, `#put` and `#delete` and the generic
|
|
409
415
|
will return an instance of the #OAuth2::Response class.
|
410
416
|
|
411
417
|
This instance contains a `#parsed` method that will parse the response body and
|
412
|
-
return a Hash-like [`OAuth2::SnakyHash`](https://
|
418
|
+
return a Hash-like [`OAuth2::SnakyHash`](https://gitlab.com/oauth-xx/oauth2/-/blob/main/lib/oauth2/snaky_hash.rb) if the `Content-Type` is `application/x-www-form-urlencoded` or if
|
413
419
|
the body is a JSON object. It will return an Array if the body is a JSON
|
414
420
|
array. Otherwise, it will return the original body string.
|
415
421
|
|
@@ -439,7 +445,11 @@ Response instance will contain the `OAuth2::Error` instance.
|
|
439
445
|
|
440
446
|
Currently the Authorization Code, Implicit, Resource Owner Password Credentials, Client Credentials, and Assertion
|
441
447
|
authentication grant types have helper strategy classes that simplify client
|
442
|
-
use. They are available via the [`#auth_code`](https://
|
448
|
+
use. They are available via the [`#auth_code`](https://gitlab.com/oauth-xx/oauth2/-/blob/main/lib/oauth2/strategy/auth_code.rb),
|
449
|
+
[`#implicit`](https://gitlab.com/oauth-xx/oauth2/-/blob/main/lib/oauth2/strategy/implicit.rb),
|
450
|
+
[`#password`](https://gitlab.com/oauth-xx/oauth2/-/blob/main/lib/oauth2/strategy/password.rb),
|
451
|
+
[`#client_credentials`](https://gitlab.com/oauth-xx/oauth2/-/blob/main/lib/oauth2/strategy/client_credentials.rb), and
|
452
|
+
[`#assertion`](https://gitlab.com/oauth-xx/oauth2/-/blob/main/lib/oauth2/strategy/assertion.rb) methods respectively.
|
443
453
|
|
444
454
|
These aren't full examples, but demonstrative of the differences between usage for each strategy.
|
445
455
|
```ruby
|
@@ -511,8 +521,8 @@ spec.add_dependency 'oauth2', '~> 2.0'
|
|
511
521
|
|
512
522
|
[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2.svg?type=large)][fossa2]
|
513
523
|
|
514
|
-
[license]: https://
|
515
|
-
[oauth-xx]: https://
|
524
|
+
[license]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/LICENSE
|
525
|
+
[oauth-xx]: https://gitlab.com/oauth-xx
|
516
526
|
[fossa2]: https://app.fossa.io/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2?ref=badge_large
|
517
527
|
|
518
528
|
## Development
|
@@ -525,14 +535,14 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
|
|
525
535
|
|
526
536
|
See [CONTRIBUTING.md][contributing]
|
527
537
|
|
528
|
-
[contributing]: https://
|
538
|
+
[contributing]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CONTRIBUTING.md
|
529
539
|
|
530
540
|
## Contributors
|
531
541
|
|
532
|
-
[![Contributors](https://contrib.rocks/image?repo=oauth-xx/oauth2)]("https://
|
542
|
+
[![Contributors](https://contrib.rocks/image?repo=oauth-xx/oauth2)]("https://gitlab.com/oauth-xx/oauth2/-/graphs/main")
|
533
543
|
|
534
544
|
Made with [contributors-img](https://contrib.rocks).
|
535
545
|
|
536
546
|
## Code of Conduct
|
537
547
|
|
538
|
-
Everyone interacting in the OAuth2 project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://
|
548
|
+
Everyone interacting in the OAuth2 project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct](https://gitlab.com/oauth-xx/oauth2/-/blob/main/CODE_OF_CONDUCT.md).
|
data/SECURITY.md
CHANGED
@@ -2,11 +2,15 @@
|
|
2
2
|
|
3
3
|
## Supported Versions
|
4
4
|
|
5
|
-
| Version | Supported |
|
6
|
-
|
7
|
-
| 2.latest | ✅
|
8
|
-
| 1.latest | ✅
|
9
|
-
|
|
5
|
+
| Version | Supported | EOL | Post-EOL / Enterprise |
|
6
|
+
|----------|-----------|---------|---------------------------------------|
|
7
|
+
| 2.latest | ✅ | 04/2024 | [Tidelift Subscription][tidelift-ref] |
|
8
|
+
| 1.latest | ✅ | 04/2023 | [Tidelift Subscription][tidelift-ref] |
|
9
|
+
| <= 1 | ⛔ | ⛔ | ⛔ |
|
10
|
+
|
11
|
+
### EOL Policy
|
12
|
+
|
13
|
+
Non-commercial support for the oldest version of Ruby (which itself is going EOL) will be dropped each year in April.
|
10
14
|
|
11
15
|
## Reporting a Vulnerability
|
12
16
|
|
@@ -17,4 +21,6 @@ Tidelift will coordinate the fix and disclosure.
|
|
17
21
|
|
18
22
|
Available as part of the Tidelift Subscription.
|
19
23
|
|
20
|
-
The maintainers of oauth2 and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. [Learn more.]
|
24
|
+
The maintainers of oauth2 and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. [Learn more.][tidelift-ref]
|
25
|
+
|
26
|
+
[tidelift-ref]: https://tidelift.com/subscription/pkg/rubygems-oauth2?utm_source=rubygems-oauth2&utm_medium=referral&utm_campaign=enterprise&utm_term=repo
|
data/lib/oauth2/access_token.rb
CHANGED
@@ -14,14 +14,13 @@ module OAuth2
|
|
14
14
|
#
|
15
15
|
# @param [Client] client the OAuth2::Client instance
|
16
16
|
# @param [Hash] hash a hash of AccessToken property values
|
17
|
-
# @option hash [String] 'access_token', 'id_token', 'token', :access_token, :id_token, or :token the access token
|
17
|
+
# @option hash [String, Symbol] 'access_token', 'id_token', 'token', :access_token, :id_token, or :token the access token
|
18
18
|
# @return [AccessToken] the initialized AccessToken
|
19
19
|
def from_hash(client, hash)
|
20
20
|
fresh = hash.dup
|
21
21
|
supported_keys = TOKEN_KEY_LOOKUP & fresh.keys
|
22
22
|
key = supported_keys[0]
|
23
|
-
|
24
|
-
warn("OAuth2::AccessToken.from_hash: `hash` contained more than one 'token' key (#{supported_keys}); using #{key.inspect}.") if supported_keys.length > 1
|
23
|
+
extra_tokens_warning(supported_keys, key)
|
25
24
|
token = fresh.delete(key)
|
26
25
|
new(client, token, fresh)
|
27
26
|
end
|
@@ -34,6 +33,16 @@ module OAuth2
|
|
34
33
|
def from_kvform(client, kvform)
|
35
34
|
from_hash(client, Rack::Utils.parse_query(kvform))
|
36
35
|
end
|
36
|
+
|
37
|
+
private
|
38
|
+
|
39
|
+
# Having too many is sus, and may lead to bugs. Having none is fine (e.g. refresh flow doesn't need a token).
|
40
|
+
def extra_tokens_warning(supported_keys, key)
|
41
|
+
return if OAuth2.config.silence_extra_tokens_warning
|
42
|
+
return if supported_keys.length <= 1
|
43
|
+
|
44
|
+
warn("OAuth2::AccessToken.from_hash: `hash` contained more than one 'token' key (#{supported_keys}); using #{key.inspect}.")
|
45
|
+
end
|
37
46
|
end
|
38
47
|
|
39
48
|
# Initialize an AccessToken
|
@@ -67,6 +76,7 @@ module OAuth2
|
|
67
76
|
warn('OAuth2::AccessToken has no token')
|
68
77
|
end
|
69
78
|
end
|
79
|
+
# @option opts [Fixnum, String] :expires is deprecated
|
70
80
|
@expires_in ||= opts.delete('expires')
|
71
81
|
@expires_in &&= @expires_in.to_i
|
72
82
|
@expires_at &&= convert_expires_at(@expires_at)
|
data/lib/oauth2/response.rb
CHANGED
@@ -46,7 +46,7 @@ module OAuth2
|
|
46
46
|
# @param [Symbol] parse (:automatic) how to parse the response body. one of :query (for x-www-form-urlencoded),
|
47
47
|
# :json, or :automatic (determined by Content-Type response header)
|
48
48
|
# @param [true, false] snaky (true) Convert @parsed to a snake-case,
|
49
|
-
# indifferent-access
|
49
|
+
# indifferent-access SnakyHash::StringKeyed, which is a subclass of Hashie::Mash (from hashie gem)?
|
50
50
|
# @param [Hash] options all other options for initializing the instance
|
51
51
|
def initialize(response, parse: :automatic, snaky: true, **options)
|
52
52
|
@response = response
|
@@ -90,7 +90,7 @@ module OAuth2
|
|
90
90
|
end
|
91
91
|
end
|
92
92
|
|
93
|
-
@parsed =
|
93
|
+
@parsed = SnakyHash::StringKeyed.new(@parsed) if options[:snaky] && @parsed.is_a?(Hash)
|
94
94
|
|
95
95
|
@parsed
|
96
96
|
end
|
data/lib/oauth2/version.rb
CHANGED
data/lib/oauth2.rb
CHANGED
@@ -5,13 +5,12 @@ require 'cgi'
|
|
5
5
|
require 'time'
|
6
6
|
|
7
7
|
# third party gems
|
8
|
-
require '
|
8
|
+
require 'snaky_hash'
|
9
9
|
require 'version_gem'
|
10
10
|
|
11
11
|
# includes gem files
|
12
12
|
require 'oauth2/version'
|
13
13
|
require 'oauth2/error'
|
14
|
-
require 'oauth2/snaky_hash'
|
15
14
|
require 'oauth2/authenticator'
|
16
15
|
require 'oauth2/client'
|
17
16
|
require 'oauth2/strategy/base'
|
@@ -25,6 +24,15 @@ require 'oauth2/response'
|
|
25
24
|
|
26
25
|
# The namespace of this library
|
27
26
|
module OAuth2
|
27
|
+
DEFAULT_CONFIG = SnakyHash::SymbolKeyed.new(silence_extra_tokens_warning: false)
|
28
|
+
@config = DEFAULT_CONFIG.dup
|
29
|
+
class << self
|
30
|
+
attr_accessor :config
|
31
|
+
end
|
32
|
+
def configure
|
33
|
+
yield @config
|
34
|
+
end
|
35
|
+
module_function :configure
|
28
36
|
end
|
29
37
|
|
30
38
|
OAuth2::Version.class_eval do
|
metadata
CHANGED
@@ -1,16 +1,16 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: oauth2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0.
|
4
|
+
version: 2.0.9
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Peter Boling
|
8
8
|
- Erik Michaels-Ober
|
9
9
|
- Michael Bleigh
|
10
|
-
autorequire:
|
10
|
+
autorequire:
|
11
11
|
bindir: exe
|
12
12
|
cert_chain: []
|
13
|
-
date: 2022-
|
13
|
+
date: 2022-09-16 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: faraday
|
@@ -75,7 +75,7 @@ dependencies:
|
|
75
75
|
version: '1.2'
|
76
76
|
- - "<"
|
77
77
|
- !ruby/object:Gem::Version
|
78
|
-
version: '
|
78
|
+
version: '4'
|
79
79
|
type: :runtime
|
80
80
|
prerelease: false
|
81
81
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -85,27 +85,21 @@ dependencies:
|
|
85
85
|
version: '1.2'
|
86
86
|
- - "<"
|
87
87
|
- !ruby/object:Gem::Version
|
88
|
-
version: '
|
88
|
+
version: '4'
|
89
89
|
- !ruby/object:Gem::Dependency
|
90
|
-
name:
|
90
|
+
name: snaky_hash
|
91
91
|
requirement: !ruby/object:Gem::Requirement
|
92
92
|
requirements:
|
93
|
-
- - "
|
94
|
-
- !ruby/object:Gem::Version
|
95
|
-
version: '0.4'
|
96
|
-
- - "<"
|
93
|
+
- - "~>"
|
97
94
|
- !ruby/object:Gem::Version
|
98
|
-
version: '
|
95
|
+
version: '2.0'
|
99
96
|
type: :runtime
|
100
97
|
prerelease: false
|
101
98
|
version_requirements: !ruby/object:Gem::Requirement
|
102
99
|
requirements:
|
103
|
-
- - "
|
104
|
-
- !ruby/object:Gem::Version
|
105
|
-
version: '0.4'
|
106
|
-
- - "<"
|
100
|
+
- - "~>"
|
107
101
|
- !ruby/object:Gem::Version
|
108
|
-
version: '
|
102
|
+
version: '2.0'
|
109
103
|
- !ruby/object:Gem::Dependency
|
110
104
|
name: version_gem
|
111
105
|
requirement: !ruby/object:Gem::Requirement
|
@@ -294,7 +288,6 @@ files:
|
|
294
288
|
- lib/oauth2/client.rb
|
295
289
|
- lib/oauth2/error.rb
|
296
290
|
- lib/oauth2/response.rb
|
297
|
-
- lib/oauth2/snaky_hash.rb
|
298
291
|
- lib/oauth2/strategy/assertion.rb
|
299
292
|
- lib/oauth2/strategy/auth_code.rb
|
300
293
|
- lib/oauth2/strategy/base.rb
|
@@ -302,26 +295,32 @@ files:
|
|
302
295
|
- lib/oauth2/strategy/implicit.rb
|
303
296
|
- lib/oauth2/strategy/password.rb
|
304
297
|
- lib/oauth2/version.rb
|
305
|
-
homepage: https://
|
298
|
+
homepage: https://gitlab.com/oauth-xx/oauth2
|
306
299
|
licenses:
|
307
300
|
- MIT
|
308
301
|
metadata:
|
309
|
-
homepage_uri: https://
|
310
|
-
source_code_uri: https://
|
311
|
-
changelog_uri: https://
|
312
|
-
bug_tracker_uri: https://
|
313
|
-
documentation_uri: https://www.rubydoc.info/gems/oauth2/2.0.
|
314
|
-
wiki_uri: https://
|
302
|
+
homepage_uri: https://gitlab.com/oauth-xx/oauth2
|
303
|
+
source_code_uri: https://gitlab.com/oauth-xx/oauth2/-/tree/v2.0.9
|
304
|
+
changelog_uri: https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.9/CHANGELOG.md
|
305
|
+
bug_tracker_uri: https://gitlab.com/oauth-xx/oauth2/-/issues
|
306
|
+
documentation_uri: https://www.rubydoc.info/gems/oauth2/2.0.9
|
307
|
+
wiki_uri: https://gitlab.com/oauth-xx/oauth2/-/wiki
|
308
|
+
funding_uri: https://liberapay.com/pboling
|
315
309
|
rubygems_mfa_required: 'true'
|
316
310
|
post_install_message: |2+
|
317
311
|
|
318
|
-
You have installed oauth2 version 2.0.
|
312
|
+
You have installed oauth2 version 2.0.9, congratulations!
|
313
|
+
|
314
|
+
There are BREAKING changes if you are upgrading from < v2, but most will not encounter them, and updating your code should be easy!
|
319
315
|
|
320
|
-
|
316
|
+
We have made two other major migrations:
|
317
|
+
1. master branch renamed to main
|
318
|
+
2. Github has been replaced with Gitlab
|
321
319
|
|
322
320
|
Please see:
|
323
|
-
• https://
|
324
|
-
• https://
|
321
|
+
• https://gitlab.com/oauth-xx/oauth2#what-is-new-for-v20
|
322
|
+
• https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md
|
323
|
+
• https://groups.google.com/g/oauth-ruby/c/QA_dtrXWXaE
|
325
324
|
|
326
325
|
Please report issues, and support the project! Thanks, |7eter l-|. l3oling
|
327
326
|
|
@@ -339,8 +338,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
339
338
|
- !ruby/object:Gem::Version
|
340
339
|
version: '0'
|
341
340
|
requirements: []
|
342
|
-
rubygems_version: 3.3.
|
343
|
-
signing_key:
|
341
|
+
rubygems_version: 3.3.21
|
342
|
+
signing_key:
|
344
343
|
specification_version: 4
|
345
344
|
summary: A Ruby wrapper for the OAuth 2.0 protocol.
|
346
345
|
test_files: []
|
346
|
+
...
|