All notable changes to this project will be documented in this file.
- Update testing infrastructure for all supported Rubies (@pboling and @josephpage)
- Breaking: Set
:basic_authas default for:auth_schemeinstead of:request_body. This was default behavior before 1.3.0. See #285 (@tetsuya, @wy193777) - Token is expired if
expired_attime is now (@davestevens) - Set the response object on the access token on Client#get_token (@cpetschnig)
- Fix "Unexpected middleware set" issue with Faraday when
OAUTH_DEBUG=true(@spectator, @gafrom) - Oauth2::Error : Error codes are strings instead of symbols (@NobodysNightmare)
- Dependency: Upgrade Faraday to 0.13.x (@zacharywelch)
- Dependency: Upgrade jwt to 2.x.x (@travisofthenorth)
- Fix logging to
$stdoutof request and response bodies via Faraday's logger andENV["OAUTH_DEBUG"] == 'true'(@pboling) - Security: Add checks to enforce
client_secretis never passed in authorize_url query params (@dfockler)
- #408 - Fixed expires_at for formatted time (@Lomey)
1.4.3 - 2020-01-29
- #483 - add project metadata to gemspec (@orien)
- #495 - support additional types of access token requests (@SteveyblamFreeagent, @thomcorley, @dgholz)
- Adds support for private_key_jwt and tls_client_auth
- #433 - allow field names with square brackets and numbers in params (@asm256)
1.4.2 - 2019-10-01
- #478 - support latest version of faraday & fix build (@pboling)
- Officially support Ruby 2.6 and truffleruby
1.4.1 - 2018-10-13
- #417 - update jwt dependency (@thewoolleyman)
- #419 - remove rubocop dependency (temporary, added back in #423) (@pboling)
- #418 - update faraday dependency (@pboling)
- #420 - update oauth2.gemspec (@pboling)
- #421 - fix CHANGELOG.md for previous releases (@pboling)
- #422 - update LICENSE and README.md (@pboling)
- #423 - update builds, Rakefile (@pboling)
1.4.0 - 2017-06-09
- Drop Ruby 1.8.7 support (@sferik)
- Fix some RuboCop offenses (@sferik)
- Dependency: Remove Yardstick (@sferik)
- Dependency: Upgrade Faraday to 0.12 (@sferik)
1.3.1 - 2017-03-03
- Add support for Ruby 2.4.0 (@pschambacher)
- Dependency: Upgrade Faraday to Faraday 0.11 (@mcfiredrill, @rhymes, @pschambacher)
1.3.0 - 2016-12-28
- Add support for header-based authentication to the
Clientso it can be used across the library (@bjeanes) - Default to header-based authentication when getting a token from an authorisation code (@maletor)
- Breaking: Allow an
auth_scheme(:basic_author:request_body) to be set on the client, defaulting to:request_bodyto maintain backwards compatibility (@maletor, @bjeanes) - Handle
redirect_uriaccording to the OAuth 2 spec, so it is passed on redirect and at the point of token exchange (@bjeanes) - Refactor handling of encoding of error responses (@urkle)
- Avoid instantiating an
Errorif there is no error to raise (@urkle) - Add support for Faraday 0.10 (@rhymes)
1.2.0 - 2016-07-01
- Properly handle encoding of error responses (so we don't blow up, for example, when Google's response includes a ∞) (@Motoshi-Nishihira)
- Make a copy of the options hash in
AccessToken#from_hashto avoid accidental mutations (@Linuus) - Use
raiserather thanfailto throw exceptions (@sferik)
1.1.0 - 2016-01-30
- Various refactors (eliminating
Hash#merge!usage inAccessToken#refresh!, useyieldinstead of#call, freezing mutable objects in constants, replacing constants with class variables) (@sferik) - Add support for Rack 2, and bump various other dependencies (@sferik)
1.0.0 - 2014-07-09
- Add an implementation of the MAC token spec.
- Fix Base64.strict_encode64 incompatibility with Ruby 1.8.7.
0.5.0 - 2011-07-29
- [breaking]
oauth_tokenrenamed tooauth_bearer. - [breaking]
authorize_pathClient option renamed toauthorize_url. - [breaking]
access_token_pathClient option renamed totoken_url. - [breaking]
access_token_methodClient option renamed totoken_method. - [breaking]
web_serverrenamed toauth_code.