RubyGems - oauth2 - Versions diffs - 2.0.2 → 2.0.3 - Mend

oauth2 2.0.2 → 2.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 50c8edb06960c0fcbdd726c2ef9e741840910c227891994393eb2d26decca35e
-  data.tar.gz: b022f74a86c53ea268c6fff23650b0a721e4b33950bf43acdb541f263fd6eb6d
+  metadata.gz: 834cadcf40991f2fd88a74f9ee614992d17c087d5862a4f7243cb83874f87683
+  data.tar.gz: 9a54a67d2def4e8232ff7b764ce70d87c4d9fb7125b72e234d07b84b507565b2
 SHA512:
-  metadata.gz: 8ea7cd4353651231682ba42c71df70bb223e9d9ffbdb1fa6b68e0b381d44db947082dedd1e006d679044dd67bf9546062959f5d114df8d8d18803ae04b53dbcf
-  data.tar.gz: 6046dc1b501152225fa49e4c6519b54a94ecf61254f2e7ac2dc042a712c2aab5ab84600296a559a24d97738acce83e32eeb513371dfafdc59a3dbac606b63fc7
+  metadata.gz: 190394d6e1d046de982b9ed978c54b810a15cbfbe41507c63f103a19be06b04d4a7f2a8cad4f3fc30c9cf4eed6314e353668b7e49d8e41826e1c460f944060ed
+  data.tar.gz: 10bd8f3f468165150ce7d79c31d0a4c7be72322660ae7579bf579bf68054106f21d16b408c56eedcc3a2359f14c84c770fa89dec93d0811c2ed328aa7b365f00

data/CHANGELOG.md CHANGED Viewed

@@ -4,8 +4,16 @@ All notable changes to this project will be documented in this file.
 The format (since v2) is based on [Keep a Changelog v1](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.0.0.html).
-## [2.0.2] - 2022-06-24
+## [2.0.3] - 2022-06-28
 ### Added
+- [#611](https://github.com/oauth-xx/oauth2/pull/611) - Proper deprecation warnings for `extract_access_token` argument (@pboling)
+- [#612](https://github.com/oauth-xx/oauth2/pull/612) - Add `snaky: false` option to skip conversion to `OAuth2::SnakyHash` (default: true) (@pboling)
+### Fixed
+- [#608](https://github.com/oauth-xx/oauth2/pull/608) - Wrap `Faraday::TimeoutError` in `OAuth2::TimeoutError` (@nbibler)
+- [#615](https://github.com/oauth-xx/oauth2/pull/615) - Fix support for requests with blocks, see `Faraday::Connection#run_request` (@pboling)
+## [2.0.2] - 2022-06-24
+### Fixed
 - [#604](https://github.com/oauth-xx/oauth2/pull/604) - Wrap `Faraday::TimeoutError` in `OAuth2::TimeoutError` (@stanhu)
 - [#606](https://github.com/oauth-xx/oauth2/pull/606) - Ruby 2.7 deprecation warning fix: Move `access_token_class` parameter into `Client` constructor (@stanhu)
 - [#607](https://github.com/oauth-xx/oauth2/pull/607) - CHANGELOG correction, reference to `OAuth2::ConnectionError` (@zavan)
@@ -221,7 +229,7 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 ## [0.0.4] + [0.0.3] + [0.0.2] + [0.0.1] - 2010-04-22
-[Unreleased]: https://github.com/oauth-xx/oauth2/compare/v2.0.0...HEAD
+[Unreleased]: https://github.com/oauth-xx/oauth2/compare/v2.0.3...HEAD
 [0.0.1]: https://github.com/oauth-xx/oauth2/compare/311d9f4...v0.0.1
 [0.0.2]: https://github.com/oauth-xx/oauth2/compare/v0.0.1...v0.0.2
 [0.0.3]: https://github.com/oauth-xx/oauth2/compare/v0.0.2...v0.0.3
@@ -259,4 +267,6 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 [1.4.9]: https://github.com/oauth-xx/oauth2/compare/v1.4.8...v1.4.9
 [2.0.0]: https://github.com/oauth-xx/oauth2/compare/v1.4.9...v2.0.0
 [2.0.1]: https://github.com/oauth-xx/oauth2/compare/v2.0.0...v2.0.1
+[2.0.2]: https://github.com/oauth-xx/oauth2/compare/v2.0.1...v2.0.2
+[2.0.3]: https://github.com/oauth-xx/oauth2/compare/v2.0.2...v2.0.3
 [gemfiles/readme]: gemfiles/README.md

data/CONTRIBUTING.md CHANGED Viewed

@@ -1,4 +1,12 @@
-## Submitting a Pull Request
+## Contributing
+Bug reports and pull requests are welcome on GitHub at [https://github.com/oauth-xx/oauth2][source]
+. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to
+the [code of conduct][conduct].
+To submit a patch, please fork the project and create a patch with tests. Once you're happy with it send a pull request!
+## Detailed instructions on Submitting a Pull Request
 1. [Fork the repository.][fork]
 2. [Create a topic branch.][branch]
 3. Add specs for your unimplemented feature or bug fix.
@@ -16,3 +24,21 @@
 [fork]: http://help.github.com/fork-a-repo/
 [branch]: http://learn.github.com/p/branching.html
 [pr]: http://help.github.com/send-pull-requests/
+## Contributors
+[![Contributors](https://contrib.rocks/image?repo=oauth-xx/oauth2)][contributors]
+Made with [contributors-img][contrib-rocks].
+[comment]: <> (Following links are used by README, CONTRIBUTING)
+[conduct]: https://github.com/oauth-xx/oauth2/blob/master/CODE_OF_CONDUCT.md
+[contrib-rocks]: https://contrib.rocks
+[contributors]: https://github.com/oauth-xx/oauth2/graphs/contributors
+[comment]: <> (Following links are used by README, CONTRIBUTING, Homepage)
+[source]: https://github.com/oauth-xx/oauth2/

data/README.md CHANGED Viewed

@@ -32,6 +32,7 @@ See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby.
 | Version | Release Date | Readme                                                   |
 |---------|--------------|----------------------------------------------------------|
+| 2.0.3   | 2022-06-28   | https://github.com/oauth-xx/oauth2/blob/v2.0.3/README.md |
 | 2.0.2   | 2022-06-24   | https://github.com/oauth-xx/oauth2/blob/v2.0.2/README.md |
 | 2.0.1   | 2022-06-22   | https://github.com/oauth-xx/oauth2/blob/v2.0.1/README.md |
 | 2.0.0   | 2022-06-21   | https://github.com/oauth-xx/oauth2/blob/v2.0.0/README.md |
@@ -113,7 +114,7 @@ appended indicators:
 | 4️⃣ | testing               | [![Open Issues][⛳iss-o-img]][⛳iss-o] [![Closed Issues][🖇iss-c-img]][🖇iss-c] [![Supported][🏘sup-wf-img]][🏘sup-wf] [![Heads][🚎heads-wf-img]][🚎heads-wf] [![Unofficial Support][🖐uns-wf-img]][🖐uns-wf] [![MacOS][🧮mac-wf-img]][🧮mac-wf] [![Windows][📗win-wf-img]][📗win-wf]          |
 | 5️⃣ | coverage & security   | [![CodeClimate][⛳cclim-cov-img♻️]][⛳cclim-cov] [![CodeCov][🖇codecov-img♻️]][🖇codecov] [![Coveralls][🏘coveralls-img]][🏘coveralls] [![Security Policy][🚎sec-pol-img]][🚎sec-pol] [![CodeQL][🖐codeQL-img]][🖐codeQL] [![Code Coverage][🧮cov-wf-img]][🧮cov-wf]                           |
 | 6️⃣ | resources             | [![Discussion][⛳gh-discussions-img]][⛳gh-discussions] [![Get help on Codementor][🖇codementor-img]][🖇codementor] [![Chat][🏘chat-img]][🏘chat] [![Blog][🚎blog-img]][🚎blog] [![Blog][🖐wiki-img]][🖐wiki]                                                                                  |
-| 7️⃣ | spread 💖             | [![Liberapay Patrons][⛳liberapay-img]][⛳liberapay] [![Sponsor Me][🖇sponsor-img]][🖇sponsor] [![Tweet @ Peter][🏘tweet-img]][🏘tweet] [🌏][aboutme] [👼][angelme] [💻][coderme] [🌹][politicme]                                                                                              |
+| 7️⃣ | spread 💖             | [![Liberapay Patrons][⛳liberapay-img]][⛳liberapay] [![Sponsor Me][🖇sponsor-img]][🖇sponsor] [![Tweet @ Peter][🏘tweet-img]][🏘tweet] [🌏][aboutme] [👼][angelme] [💻][coderme]                                                                                                              |
 <!--
 The link tokens in the following sections should be kept ordered by the row and badge numbering scheme
@@ -140,8 +141,8 @@ The link tokens in the following sections should be kept ordered by the row and
 [🖐prs-o-img]: https://img.shields.io/github/issues-pr/oauth-xx/oauth2
 [🧮prs-c]: https://github.com/oauth-xx/oauth2/pulls?q=is%3Apr+is%3Aclosed
 [🧮prs-c-img]: https://img.shields.io/github/issues-pr-closed/oauth-xx/oauth2
-[📗next♻️]: https://github.com/oauth-xx/oauth2/milestone/14
-[📗next-img♻️]: https://img.shields.io/github/milestones/progress/oauth-xx/oauth2/14?label=Next%20Version
+[📗next♻️]: https://github.com/oauth-xx/oauth2/milestone/15
+[📗next-img♻️]: https://img.shields.io/github/milestones/progress/oauth-xx/oauth2/15?label=Next%20Version
 <!-- 3️⃣ maintanence & linting -->
 [⛳cclim-maint]: https://codeclimate.com/github/oauth-xx/oauth2/maintainability
@@ -213,7 +214,6 @@ The link tokens in the following sections should be kept ordered by the row and
 [aboutme]: https://about.me/peter.boling
 [angelme]: https://angel.co/peter-boling
 [coderme]:http://coderwall.com/pboling
-[politicme]: https://nationalprogressiveparty.org
 ## Installation
@@ -342,6 +342,31 @@ client.class.name
 # => OAuth2::Client
 ```
+### snake_case and indifferent access in Response#parsed
+```ruby
+response = access.get('/api/resource', params: {'query_foo' => 'bar'})
+# Even if the actual response is CamelCase. it will be made available as snaky:
+JSON.parse(response.body)         # => {"accessToken"=>"aaaaaaaa", "additionalData"=>"additional"}
+response.parsed                   # => {"access_token"=>"aaaaaaaa", "additional_data"=>"additional"}
+response.parsed.access_token      # => "aaaaaaaa"
+response.parsed[:access_token]    # => "aaaaaaaa"
+response.parsed.additional_data   # => "additional"
+response.parsed[:additional_data] # => "additional"
+response.parsed.class.name        # => OAuth2::SnakyHash (subclass of Hashie::Mash::Rash, from `rash_alt` gem)
+```
+#### What if I hate snakes and/or indifference?
+```ruby
+response = access.get('/api/resource', params: {'query_foo' => 'bar'}, snaky: false)
+JSON.parse(response.body)         # => {"accessToken"=>"aaaaaaaa", "additionalData"=>"additional"}
+response.parsed                   # => {"accessToken"=>"aaaaaaaa", "additionalData"=>"additional"}
+response.parsed['accessToken']    # => "aaaaaaaa"
+response.parsed['additionalData'] # => "additional"
+response.parsed.class.name        # => Hash (just, regular old Hash)
+```
 <details>
   <summary>Debugging</summary>
@@ -372,7 +397,7 @@ The `AccessToken` methods `#get`, `#post`, `#put` and `#delete` and the generic
 will return an instance of the #OAuth2::Response class.
 This instance contains a `#parsed` method that will parse the response body and
-return a Hash if the `Content-Type` is `application/x-www-form-urlencoded` or if
+return a Hash-like [`OAuth2::SnakyHash`](https://github.com/oauth-xx/oauth2/blob/master/lib/oauth2/snaky_hash.rb) if the `Content-Type` is `application/x-www-form-urlencoded` or if
 the body is a JSON object.  It will return an Array if the body is a JSON
 array.  Otherwise, it will return the original body string.
@@ -486,7 +511,15 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 ## Contributing
-Bug reports and pull requests are welcome on GitHub at [https://github.com/oauth-xx/oauth2](https://github.com/oauth-xx/oauth2). This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+See [CONTRIBUTING.md][contributing]
+[contributing]: https://github.com/oauth-xx/oauth2/blob/main/CONTRIBUTING.md
+## Contributors
+[![Contributors](https://contrib.rocks/image?repo=oauth-xx/oauth2)]("https://github.com/oauth-xx/oauth2/graphs/contributors")
+Made with [contributors-img](https://contrib.rocks).
 ## Code of Conduct

data/SECURITY.md CHANGED Viewed

@@ -2,11 +2,11 @@
 ## Supported Versions
-| Version      | Supported |
-|--------------|-----------|
-| 2.0.<latest> | ✅         |
-| 1.4.<latest> | ✅         |
-| older        | ⛔️        |
+| Version  | Supported                 |
+|----------|---------------------------|
+| 2.latest | ✅                         |
+| 1.latest | ✅ (security updates only) |
+| older    | ⛔️                        |
 ## Reporting a Vulnerability

data/lib/oauth2/access_token.rb CHANGED Viewed

@@ -114,7 +114,7 @@ module OAuth2
     # @param [Symbol] verb the HTTP request method
     # @param [String] path the HTTP URL path of the request
     # @param [Hash] opts the options to make the request with
-    # @see Client#request
+    #   @see Client#request
     def request(verb, path, opts = {}, &block)
       configure_authentication!(opts)
       @client.request(verb, path, opts, &block)

data/lib/oauth2/client.rb CHANGED Viewed

@@ -41,7 +41,7 @@ module OAuth2
       @secret = client_secret
       @site = opts.delete(:site)
       ssl = opts.delete(:ssl)
+      warn('OAuth2::Client#initialize argument `extract_access_token` will be removed in oauth2 v3. Refactor to use `access_token_class`.') if opts[:extract_access_token]
       @options = {
         authorize_url: 'oauth/authorize',
         token_url: 'oauth/token',
@@ -108,9 +108,10 @@ module OAuth2
     # @option opts [Boolean] :raise_errors whether or not to raise an OAuth2::Error on 400+ status
     #   code response for this request.  Will default to client option
     # @option opts [Symbol] :parse @see Response::initialize
-    # @yield [req] The Faraday request
-    def request(verb, url, opts = {})
-      response = execute_request(verb, url, opts)
+    # @option opts [Symbol] :snaky @see Response::initialize
+    # @yield [req] @see Faraday::Connection#run_request
+    def request(verb, url, opts = {}, &block)
+      response = execute_request(verb, url, opts, &block)
       case response.status
       when 301, 302, 303, 307
@@ -146,11 +147,16 @@ module OAuth2
     # Initializes an AccessToken by making a request to the token endpoint
     #
-    # @param params [Hash] a Hash of params for the token endpoint
+    # @param params [Hash] a Hash of params for the token endpoint, except:
+    #   @option params [Symbol] :parse @see Response#initialize
+    #   @option params [true, false] :snaky @see Response#initialize
     # @param access_token_opts [Hash] access token options, to pass to the AccessToken object
     # @param extract_access_token [Proc] proc that extracts the access token from the response (DEPRECATED)
+    # @yield [req] @see Faraday::Connection#run_request
     # @return [AccessToken] the initialized AccessToken
-    def get_token(params, access_token_opts = {}, extract_access_token = options[:extract_access_token])
+    def get_token(params, access_token_opts = {}, extract_access_token = nil, &block)
+      warn('OAuth2::Client#get_token argument `extract_access_token` will be removed in oauth2 v3. Refactor to use `access_token_class` on #initialize.') if extract_access_token
+      extract_access_token ||= options[:extract_access_token]
       params = params.map do |key, value|
         if RESERVED_PARAM_KEYS.include?(key)
           [key.to_sym, value]
@@ -159,20 +165,25 @@ module OAuth2
         end
       end.to_h
+      request_opts = {
+        raise_errors: options[:raise_errors],
+        parse: params.delete(:parse),
+        snaky: params.delete(:snaky),
+      }
       params = authenticator.apply(params)
-      opts = {raise_errors: options[:raise_errors], parse: params.delete(:parse)}
       headers = params.delete(:headers) || {}
       if options[:token_method] == :post
-        opts[:body] = params
-        opts[:headers] = {'Content-Type' => 'application/x-www-form-urlencoded'}
+        request_opts[:body] = params
+        request_opts[:headers] = {'Content-Type' => 'application/x-www-form-urlencoded'}
       else
-        opts[:params] = params
-        opts[:headers] = {}
+        request_opts[:params] = params
+        request_opts[:headers] = {}
       end
-      opts[:headers].merge!(headers)
+      request_opts[:headers].merge!(headers)
       http_method = options[:token_method]
       http_method = :post if http_method == :post_with_query_string
-      response = request(http_method, token_url, opts)
+      response = request(http_method, token_url, request_opts, &block)
       # In v1.4.x, the deprecated extract_access_token option retrieves the token from the response.
       # We preserve this behavior here, but a custom access_token_class that implements #from_hash
@@ -256,7 +267,7 @@ module OAuth2
         raise TimeoutError, e
       end
-      Response.new(response, parse: opts[:parse])
+      Response.new(response, parse: opts[:parse], snaky: opts[:snaky])
     end
     # Returns the authenticator object

data/lib/oauth2/response.rb CHANGED Viewed

@@ -39,12 +39,17 @@ module OAuth2
     # Initializes a Response instance
     #
     # @param [Faraday::Response] response The Faraday response instance
-    # @param [Hash] opts options in which to initialize the instance
-    # @option opts [Symbol] :parse (:automatic) how to parse the response body.  one of :query (for x-www-form-urlencoded),
+    # @param [Symbol] parse (:automatic) how to parse the response body.  one of :query (for x-www-form-urlencoded),
     #   :json, or :automatic (determined by Content-Type response header)
-    def initialize(response, opts = {})
+    # @param [true, false] snaky (true) Convert @parsed to a snake-case,
+    #   indifferent-access OAuth2::SnakyHash, which is a subclass of Hashie::Mash::Rash (from rash_alt gem)?
+    # @param [Hash] options all other options for initializing the instance
+    def initialize(response, parse: :automatic, snaky: true, **options)
       @response = response
-      @options = {parse: :automatic}.merge(opts)
+      @options = {
+        parse: parse,
+        snaky: snaky,
+      }.merge(options)
     end
     # The HTTP response headers
@@ -81,7 +86,7 @@ module OAuth2
           end
         end
-      @parsed = OAuth2::SnakyHash.new(@parsed) if @parsed.is_a?(Hash)
+      @parsed = OAuth2::SnakyHash.new(@parsed) if options[:snaky] && @parsed.is_a?(Hash)
       @parsed
     end
@@ -125,10 +130,14 @@ module OAuth2
 end
 OAuth2::Response.register_parser(:xml, ['text/xml', 'application/rss+xml', 'application/rdf+xml', 'application/atom+xml', 'application/xml']) do |body|
+  next body unless body.respond_to?(:to_str)
   MultiXml.parse(body)
 end
 OAuth2::Response.register_parser(:json, ['application/json', 'text/javascript', 'application/hal+json', 'application/vnd.collection+json', 'application/vnd.api+json', 'application/problem+json']) do |body|
+  next body unless body.respond_to?(:to_str)
   body = body.dup.force_encoding(::Encoding::ASCII_8BIT) if body.respond_to?(:force_encoding)
   ::JSON.parse(body)

data/lib/oauth2/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module OAuth2
   module Version
-    VERSION = '2.0.2'.freeze
+    VERSION = '2.0.3'.freeze
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: oauth2
 version: !ruby/object:Gem::Version
-  version: 2.0.2
+  version: 2.0.3
 platform: ruby
 authors:
 - Peter Boling
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-06-24 00:00:00.000000000 Z
+date: 2022-06-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -307,10 +307,10 @@ licenses:
 - MIT
 metadata:
   homepage_uri: https://github.com/oauth-xx/oauth2
-  source_code_uri: https://github.com/oauth-xx/oauth2/tree/v2.0.2
-  changelog_uri: https://github.com/oauth-xx/oauth2/blob/v2.0.2/CHANGELOG.md
+  source_code_uri: https://github.com/oauth-xx/oauth2/tree/v2.0.3
+  changelog_uri: https://github.com/oauth-xx/oauth2/blob/v2.0.3/CHANGELOG.md
   bug_tracker_uri: https://github.com/oauth-xx/oauth2/issues
-  documentation_uri: https://www.rubydoc.info/gems/oauth2/2.0.2
+  documentation_uri: https://www.rubydoc.info/gems/oauth2/2.0.3
   wiki_uri: https://github.com/oauth-xx/oauth2/wiki
   rubygems_mfa_required: 'true'
 post_install_message: