Changelog View Source

v2.0.1 (2022-06-20)

Bug fixes

  • Fix incorrect Accept header when requesting token

v2.0.0 (2019-07-15)

Bug fixes (possibly backwards incompatible)

  • Ensure that the OAuth client is authenticated via Authorization header as described in the spec (#131).

v1.0.1 (2019-04-12)

Bug fixes

  • Always use the provided serializer if one is registered (#132)

v1.0.0 (2019-03-13)

Backward Incompatible Changes

  • There is no longer a default serializer for application/json. Please make sure to register a serializer with OAuth2.Client.put_serializer/3.
  • Serializers are now registered via OAuth2.Client.put_serializer/3. This change allows applications wrapping oauth2 a way to provide default serializers without requiring the user to manually configure a serializer.

v0.9.4 (2018-10-18)

Improvements

  • Relaxed hackney version requirements

v0.9.3 (2018-08-13)

Bug fixes

  • Various type specs fixed

v0.9.2 (2017-11-17)

Bug fixes

  • Updates the OAuth2.Client.get_token! function to handle error OAuth2.Response structs.

v0.9.1 (2017-03-10)

Improvements

  • Fix dialyzer warnings.
  • Update hackney to 1.7

Bug fixes

  • De-dupe headers.

v0.9.0 (2017-02-02)

Improvements

  • Remove deprecated usage of Behaviour and defcallback
  • Provides better support for configuring request_opts that will be used on every request. This is useful for configuring SSL options, etc.
  • Provides support for hackneys streaming of responses.
  • Better warnings when a serializer isn't properly configured.

Backward Incompatible Changes

  • Responses with status codes between 400..599 will now return {:error, %OAuth2.Response{}} instead of {:ok, %OAuth2.Response{}}
  • When using the ! versions of functions, {:error, %OAuth2.Response{}} will be converted to an %OAuth2.Error{} and raised.

v0.8.3 (2017-01-26)

  • Fix compile-time warnings for Elixir 1.4
  • Fix dialyzer warnings on @type params
  • Fix content-type resolving when there are multiple params
  • Return the same refresh token unless a new one is provided
  • Raise an exception when missing serializer configuration

v0.8.2 (2016-11-22)

Bug Fixes

  • Fixed an issue in handling non-standard expires key in access token requests.

v0.8.1 (2016-11-18)

Improvements

  • Added the ability to debug responses from the provider.

Bug Fixes

  • Fixed regression in handling text/plain content-type for tokens in #74

v0.8.0 (2016-10-05)

Improvements

Bug Fixes

  • Fixed broken RefreshToken strategy reported in #66
  • Fixed an issue where checking the content-type was defaulting to application/json causing Poison to explode.

v0.7.0 (2016-08-16)

Improvements

  • Add support for custom serializers based on MIME types.
  • Remove dependency on HTTPoison in favor of using hackney directly.
  • Remove dependency on mimetype_parser.
  • Poison is now only a test dependency.

Bug Fixes

  • expires_in values that are returned as strings are now properly parsed into integers for expires_at.

Backward Incompatible Changes

Prior to version v0.7.0 OAuth2.Client was primarily used for the purpose of interfacing with the OAuth server to retrieve a token. OAuth2.Token was then responsible for using that token to make authenticated requests.

In v0.7.0 this interface has been refactored so that an OAuth2.Client struct now references an OAuth2.Token directly and many of the action methods have been moved so that they are called on OAuth2.Client, with an instance of the client struct as their first argument.

Please consult the README for an example of general usage to retrieve a token and make a request.

The following methods have been moved and adjusted so that they take a OAuth2.Client.t which contains a token, rather than a token directly:

  • OAuth2.AccessToken.get -> OAuth2.Client.get
  • OAuth2.AccessToken.get! -> OAuth2.Client.get!
  • OAuth2.AccessToken.put -> OAuth2.Client.put
  • OAuth2.AccessToken.put! -> OAuth2.Client.put!
  • OAuth2.AccessToken.patch -> OAuth2.Client.patch
  • OAuth2.AccessToken.patch! -> OAuth2.Client.patch!
  • OAuth2.AccessToken.post -> OAuth2.Client.post
  • OAuth2.AccessToken.post! -> OAuth2.Client.post!
  • OAuth2.AccessToken.delete -> OAuth2.Client.delete
  • OAuth2.AccessToken.delete! -> OAuth2.Client.delete!
  • OAuth2.AccessToken.refresh -> OAuth2.Client.refresh_token
  • OAuth2.AccessToken.refresh! -> OAuth2.Client.refresh_token!

Additionally, the following methods have been moved to OAuth2.Request

  • OAuth2.AccessToken.request -> OAuth2.Request.request
  • OAuth2.AccessToken.request! -> OAuth2.Request.request!

Diff: https://github.com/scrogson/oauth2/compare/v0.6.0...v0.7.0

v0.6.0 (2016-06-24)

Improvements

  • Use Poison ~> 2.0
  • Reset client headers after fetching the token

Bug Fixes

  • Fix up auth code flow to match the RFC

Diff: https://github.com/scrogson/oauth2/compare/v0.5.0...v0.6.0

v0.5.0 (2015-11-03)

Improvements

  • You can now request a refresh token with OAuth2.AccessToken.refresh. The ! alternative is also available.
  • Added Bypass for improved testability.
  • Plug is no longer a direct dependency. It is only included as a test dependency through the Bypass library.
  • OAuth2.AccessToken now supports DELETE requests with delete and delete!
  • More tests!

Bug Fixes

  • Params are no longer sent in both the body and as a query string for POST requests with OAuth2.Client.get_token
  • Responses will no longer be parsed automatically if the content-type is not supported by this lib. Registering custom parsers is a future goal for this library.
  • Errors are now properly raised when they occur.

Backwards Incompatible Changes

Diff: https://github.com/scrogson/oauth2/compare/v0.4.0...v0.5.0

v0.4.0 (2015-10-27)

Additions/Improvements

  • OAuth2.AccessToken now supports: post, post!, put, put!, patch, and patch!.
  • Better documentation
  • Test coverage improved

Bug fixes

  • Empty response bodies are no longer decoded

Breaking changes

  • OAuth2.AccessToken.get!/4 now returns OAuth2.Response{} instead of just the parsed body.

Acknowledgments

Thanks to @meatherly, @dejanstrbac, and @optikfluffel for their contributions!

Diff: https://github.com/scrogson/oauth2/compare/v0.3.0...v0.4.0

v0.3.0 (2015-08-19)

Bump Plug dependency to 1.0.

Diff: https://github.com/scrogson/oauth2/compare/v0.2.0...v0.3.0

v0.2.0 (2015-07-13)

Diff: https://github.com/scrogson/oauth2/compare/v0.1.1...v0.2.0

v0.1.1 (2015-04-18)

  • Remove compilation warnings.
  • Fix request_body function for ClientCredentials

Diff: https://github.com/scrogson/oauth2/compare/v0.1.0...v0.1.1

v0.1.0 (2015-04-14)

This release bring breaking changes and more documentation.

Please see the README or Hex Docs for more details.

Diff: https://github.com/scrogson/oauth2/compare/v0.0.5...v0.1.0

v0.0.5 (2015-04-11)

  • Handles Facebook expires key for Access Tokens.
  • Ensure the token type defaults to 'Bearer' when it is not present.

Diff: https://github.com/scrogson/oauth2/compare/0.0.3...v0.0.5

v0.0.3 (2015-01-12)

  • Relax version requirements for Poison.

v0.0.2 (2015-01-10)

This release brings Password and Client Credentials strategies.

http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.3 http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.4

v0.0.1 (2014-12-07)

Initial release.

This initial release includes a functional authorization code strategy: http://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.1