Changelog View Source

v2.1.0 (2022-11-29)

Improvements

Now you can have a lot more control over your http client, including selecting what client you are using from the adapters available for Tesla. You can also easily add logging and tracing with middleware.

Backward Incompatible Changes

No longer directly using hackney it's still possible to use it through a Tesla adapter. To keep all your tweaks working correctly you'll need to add these settings:

In mix.exs

  # mix.exs
  defp deps do
    # Add the dependency
    [
      {:oauth2, "~> 2.0"},
      {:hackney, "~> 1.18"} # This is the new line you need to add
    ]
  end

In config:

  config :oauth2, adapter: Tesla.Adapter.Hackney

v2.0.1 (2022-06-20)

Bug fixes

Fix incorrect Accept header when requesting token

v2.0.0 (2019-07-15)

Bug fixes (possibly backwards incompatible)

Ensure that the OAuth client is authenticated via Authorization header as described in the spec (#131).

v1.0.1 (2019-04-12)

Bug fixes

Always use the provided serializer if one is registered (#132)

v1.0.0 (2019-03-13)

Backward Incompatible Changes

There is no longer a default serializer for application/json. Please make sure to register a serializer with OAuth2.Client.put_serializer/3.
Serializers are now registered via OAuth2.Client.put_serializer/3. This change allows applications wrapping oauth2 a way to provide default serializers without requiring the user to manually configure a serializer.

v0.9.4 (2018-10-18)

Improvements

Relaxed hackney version requirements

v0.9.3 (2018-08-13)

Bug fixes

Various type specs fixed

v0.9.2 (2017-11-17)

Bug fixes

Updates the OAuth2.Client.get_token! function to handle error OAuth2.Response structs.

v0.9.1 (2017-03-10)

Improvements

Fix dialyzer warnings.
Update hackney to 1.7

Bug fixes

De-dupe headers.

v0.9.0 (2017-02-02)

Improvements

Remove deprecated usage of Behaviour and defcallback
Provides better support for configuring request_opts that will be used on every request. This is useful for configuring SSL options, etc.
Provides support for hackneys streaming of responses.
Better warnings when a serializer isn't properly configured.

Backward Incompatible Changes

Responses with status codes between 400..599 will now return {:error, %OAuth2.Response{}} instead of {:ok, %OAuth2.Response{}}
When using the ! versions of functions, {:error, %OAuth2.Response{}} will be converted to an %OAuth2.Error{} and raised.

v0.8.3 (2017-01-26)

Fix compile-time warnings for Elixir 1.4
Fix dialyzer warnings on @type params
Fix content-type resolving when there are multiple params
Return the same refresh token unless a new one is provided
Raise an exception when missing serializer configuration

v0.8.2 (2016-11-22)

Bug Fixes

Fixed an issue in handling non-standard expires key in access token requests.

v0.8.1 (2016-11-18)

Improvements

Added the ability to debug responses from the provider.

Bug Fixes

Fixed regression in handling text/plain content-type for tokens in #74

v0.8.0 (2016-10-05)

Improvements

Added OAuth2.Client.basic_auth/1 convenience function.

Bug Fixes

Fixed broken RefreshToken strategy reported in #66
Fixed an issue where checking the content-type was defaulting to application/json causing Poison to explode.

v0.7.0 (2016-08-16)

Improvements

Add support for custom serializers based on MIME types.
Remove dependency on HTTPoison in favor of using hackney directly.
Remove dependency on mimetype_parser.
Poison is now only a test dependency.

Bug Fixes

expires_in values that are returned as strings are now properly parsed into integers for expires_at.

Backward Incompatible Changes

Prior to version v0.7.0 OAuth2.Client was primarily used for the purpose of interfacing with the OAuth server to retrieve a token. OAuth2.Token was then responsible for using that token to make authenticated requests.

In v0.7.0 this interface has been refactored so that an OAuth2.Client struct now references an OAuth2.Token directly and many of the action methods have been moved so that they are called on OAuth2.Client, with an instance of the client struct as their first argument.

Please consult the README for an example of general usage to retrieve a token and make a request.

The following methods have been moved and adjusted so that they take a OAuth2.Client.t which contains a token, rather than a token directly:

OAuth2.AccessToken.get -> OAuth2.Client.get
OAuth2.AccessToken.get! -> OAuth2.Client.get!
OAuth2.AccessToken.put -> OAuth2.Client.put
OAuth2.AccessToken.put! -> OAuth2.Client.put!
OAuth2.AccessToken.patch -> OAuth2.Client.patch
OAuth2.AccessToken.patch! -> OAuth2.Client.patch!
OAuth2.AccessToken.post -> OAuth2.Client.post
OAuth2.AccessToken.post! -> OAuth2.Client.post!
OAuth2.AccessToken.delete -> OAuth2.Client.delete
OAuth2.AccessToken.delete! -> OAuth2.Client.delete!
OAuth2.AccessToken.refresh -> OAuth2.Client.refresh_token
OAuth2.AccessToken.refresh! -> OAuth2.Client.refresh_token!

Additionally, the following methods have been moved to OAuth2.Request

OAuth2.AccessToken.request -> OAuth2.Request.request
OAuth2.AccessToken.request! -> OAuth2.Request.request!

Diff: https://github.com/scrogson/oauth2/compare/v0.6.0...v0.7.0

v0.6.0 (2016-06-24)

Improvements

Use Poison ~> 2.0
Reset client headers after fetching the token

Bug Fixes

Fix up auth code flow to match the RFC

Diff: https://github.com/scrogson/oauth2/compare/v0.5.0...v0.6.0

v0.5.0 (2015-11-03)

Improvements

You can now request a refresh token with OAuth2.AccessToken.refresh. The ! alternative is also available.
Added Bypass for improved testability.
Plug is no longer a direct dependency. It is only included as a test dependency through the Bypass library.
OAuth2.AccessToken now supports DELETE requests with delete and delete!
More tests!

Bug Fixes

Params are no longer sent in both the body and as a query string for POST requests with OAuth2.Client.get_token
Responses will no longer be parsed automatically if the content-type is not supported by this lib. Registering custom parsers is a future goal for this library.
Errors are now properly raised when they occur.

Backwards Incompatible Changes

OAuth2.new/1 has been removed. Use OAuth2.Client.new/1 instead.

Diff: https://github.com/scrogson/oauth2/compare/v0.4.0...v0.5.0

v0.4.0 (2015-10-27)

Additions/Improvements

OAuth2.AccessToken now supports: post, post!, put, put!, patch, and patch!.
Better documentation
Test coverage improved

Bug fixes

Empty response bodies are no longer decoded

Breaking changes

OAuth2.AccessToken.get!/4 now returns OAuth2.Response{} instead of just the parsed body.

Acknowledgments

Thanks to @meatherly, @dejanstrbac, and @optikfluffel for their contributions!

Diff: https://github.com/scrogson/oauth2/compare/v0.3.0...v0.4.0

v0.3.0 (2015-08-19)

Bump Plug dependency to 1.0.

Diff: https://github.com/scrogson/oauth2/compare/v0.2.0...v0.3.0

v0.2.0 (2015-07-13)

:erlang.now was replaced with :os.timestamp for compatibility with Erlang 18
You can now pass options to the HTTPoison library with OAuth2.Client.get_token/4 and OAuth2.Client.get_token!/4

Diff: https://github.com/scrogson/oauth2/compare/v0.1.1...v0.2.0