added CHANGELOG.md
 
@@ -0,0 +1,269 @@
1
+ # Changelog
2
+
3
+ ## v2.0.1 (2022-06-20)
4
+
5
+ ### Bug fixes
6
+
7
+ - Fix incorrect Accept header when requesting token
8
+
9
+ ## v2.0.0 (2019-07-15)
10
+
11
+ ### Bug fixes (possibly backwards incompatible)
12
+
13
+ - Ensure that the OAuth client is authenticated via Authorization header as
14
+ described in the spec (#131).
15
+
16
+ ## v1.0.1 (2019-04-12)
17
+
18
+ ### Bug fixes
19
+
20
+ - Always use the provided serializer if one is registered (#132)
21
+
22
+ ## v1.0.0 (2019-03-13)
23
+
24
+ ### Backward Incompatible Changes
25
+
26
+ - There is no longer a default serializer for `application/json`. Please make
27
+ sure to register a serializer with `OAuth2.Client.put_serializer/3`.
28
+ - Serializers are now registered via `OAuth2.Client.put_serializer/3`.
29
+ This change allows applications wrapping `oauth2` a way to provide default
30
+ serializers without requiring the user to manually configure a serializer.
31
+
32
+ ## v0.9.4 (2018-10-18)
33
+
34
+ ### Improvements
35
+
36
+ - Relaxed `hackney` version requirements
37
+
38
+ ## v0.9.3 (2018-08-13)
39
+
40
+ ### Bug fixes
41
+
42
+ - Various type specs fixed
43
+
44
+ ## v0.9.2 (2017-11-17)
45
+
46
+ ### Bug fixes
47
+
48
+ - Updates the `OAuth2.Client.get_token!` function to handle error `OAuth2.Response` structs.
49
+
50
+ ## v0.9.1 (2017-03-10)
51
+
52
+ ### Improvements
53
+
54
+ - Fix dialyzer warnings.
55
+ - Update `hackney` to `1.7`
56
+
57
+ ### Bug fixes
58
+
59
+ - De-dupe headers.
60
+
61
+ ## v0.9.0 (2017-02-02)
62
+
63
+ ### Improvements
64
+
65
+ - Remove deprecated usage of `Behaviour` and `defcallback`
66
+ - Provides better support for configuring `request_opts` that will be used on
67
+ every request. This is useful for configuring SSL options, etc.
68
+ - Provides support for `hackney`s streaming of responses.
69
+ - Better warnings when a serializer isn't properly configured.
70
+
71
+ ### Backward Incompatible Changes
72
+
73
+ - Responses with status codes between `400..599` will now return `{:error, %OAuth2.Response{}}` instead of `{:ok, %OAuth2.Response{}}`
74
+ - When using the `!` versions of functions, `{:error, %OAuth2.Response{}}` will
75
+ be converted to an `%OAuth2.Error{}` and raised.
76
+
77
+ ## v0.8.3 (2017-01-26)
78
+
79
+ - Fix compile-time warnings for Elixir 1.4
80
+ - Fix dialyzer warnings on `@type params`
81
+ - Fix `content-type` resolving when there are multiple params
82
+ - Return the same refresh token unless a new one is provided
83
+ - Raise an exception when missing serializer configuration
84
+
85
+ ## v0.8.2 (2016-11-22)
86
+
87
+ ### Bug Fixes
88
+
89
+ - Fixed an issue in handling non-standard `expires` key in access token
90
+ requests.
91
+
92
+ ## v0.8.1 (2016-11-18)
93
+
94
+ ### Improvements
95
+
96
+ - Added the ability to debug responses from the provider.
97
+
98
+ ### Bug Fixes
99
+
100
+ - Fixed regression in handling `text/plain` content-type for tokens in #74
101
+
102
+ ## v0.8.0 (2016-10-05)
103
+
104
+ ### Improvements
105
+
106
+ - Added `OAuth2.Client.basic_auth/1` convenience function.
107
+
108
+ ### Bug Fixes
109
+
110
+ - Fixed broken `RefreshToken` strategy reported in #66
111
+ - Fixed an issue where checking the `content-type` was defaulting to
112
+ `application/json` causing Poison to explode.
113
+
114
+ ## v0.7.0 (2016-08-16)
115
+
116
+ ### Improvements
117
+
118
+ - Add support for custom serializers based on MIME types.
119
+ - Remove dependency on `HTTPoison` in favor of using `hackney` directly.
120
+ - Remove dependency on `mimetype_parser`.
121
+ - `Poison` is now only a `test` dependency.
122
+
123
+ ### Bug Fixes
124
+
125
+ - `expires_in` values that are returned as strings are now properly parsed into integers for `expires_at`.
126
+
127
+ ### Backward Incompatible Changes
128
+
129
+ Prior to version `v0.7.0` `OAuth2.Client` was primarily used for the purpose
130
+ of interfacing with the OAuth server to retrieve a token. `OAuth2.Token` was
131
+ then responsible for using that token to make authenticated requests.
132
+
133
+ In `v0.7.0` this interface has been refactored so that an `OAuth2.Client` struct
134
+ now references an `OAuth2.Token` directly and many of the action methods have
135
+ been moved so that they are called on `OAuth2.Client`, with an instance of the
136
+ client struct as their first argument.
137
+
138
+ Please consult the [README](https://github.com/scrogson/oauth2/blob/v0.7.0/README.md) for an example of general usage to retrieve a token and make a request.
139
+
140
+ The following methods have been moved and adjusted so that they take a `OAuth2.Client.t` which contains a token, rather than a token directly:
141
+
142
+ - `OAuth2.AccessToken.get` -> `OAuth2.Client.get`
143
+ - `OAuth2.AccessToken.get!` -> `OAuth2.Client.get!`
144
+ - `OAuth2.AccessToken.put` -> `OAuth2.Client.put`
145
+ - `OAuth2.AccessToken.put!` -> `OAuth2.Client.put!`
146
+ - `OAuth2.AccessToken.patch` -> `OAuth2.Client.patch`
147
+ - `OAuth2.AccessToken.patch!` -> `OAuth2.Client.patch!`
148
+ - `OAuth2.AccessToken.post` -> `OAuth2.Client.post`
149
+ - `OAuth2.AccessToken.post!` -> `OAuth2.Client.post!`
150
+ - `OAuth2.AccessToken.delete` -> `OAuth2.Client.delete`
151
+ - `OAuth2.AccessToken.delete!` -> `OAuth2.Client.delete!`
152
+ - `OAuth2.AccessToken.refresh` -> `OAuth2.Client.refresh_token`
153
+ - `OAuth2.AccessToken.refresh!` -> `OAuth2.Client.refresh_token!`
154
+
155
+ Additionally, the following methods have been moved to `OAuth2.Request`
156
+
157
+ - `OAuth2.AccessToken.request` -> `OAuth2.Request.request`
158
+ - `OAuth2.AccessToken.request!` -> `OAuth2.Request.request!`
159
+
160
+ Diff: https://github.com/scrogson/oauth2/compare/v0.6.0...v0.7.0
161
+
162
+ ## v0.6.0 (2016-06-24)
163
+
164
+ ### Improvements
165
+
166
+ - Use Poison ~> 2.0
167
+ - Reset client headers after fetching the token
168
+
169
+ ### Bug Fixes
170
+
171
+ - Fix up auth code flow to match the RFC
172
+
173
+ Diff: https://github.com/scrogson/oauth2/compare/v0.5.0...v0.6.0
174
+
175
+ ## v0.5.0 (2015-11-03)
176
+
177
+ ### Improvements
178
+
179
+ - You can now request a refresh token with `OAuth2.AccessToken.refresh`. The `!` alternative is also available.
180
+ - Added `Bypass` for improved testability.
181
+ - `Plug` is no longer a direct dependency. It is only included as a test dependency through the `Bypass` library.
182
+ - `OAuth2.AccessToken` now supports `DELETE` requests with `delete` and `delete!`
183
+ - More tests!
184
+
185
+ ### Bug Fixes
186
+
187
+ - Params are no longer sent in both the body and as a query string for `POST` requests with `OAuth2.Client.get_token`
188
+ - Responses will no longer be parsed automatically if the `content-type` is not supported by this lib. Registering custom parsers is a future goal for this library.
189
+ - Errors are now properly raised when they occur.
190
+
191
+ ### Backwards Incompatible Changes
192
+
193
+ - `OAuth2.new/1` has been removed. Use `OAuth2.Client.new/1` instead.
194
+
195
+ Diff: https://github.com/scrogson/oauth2/compare/v0.4.0...v0.5.0
196
+
197
+ ## v0.4.0 (2015-10-27)
198
+
199
+ ### Additions/Improvements
200
+
201
+ - `OAuth2.AccessToken` now supports: `post`, `post!`, `put`, `put!`, `patch`, and `patch!`.
202
+ - Better documentation
203
+ - Test coverage improved
204
+
205
+ ### Bug fixes
206
+
207
+ - Empty response bodies are no longer decoded
208
+
209
+ ### Breaking changes
210
+
211
+ - `OAuth2.AccessToken.get!/4` now returns `OAuth2.Response{}` instead of just the parsed body.
212
+
213
+ ### Acknowledgments
214
+
215
+ Thanks to @meatherly, @dejanstrbac, and @optikfluffel for their contributions!
216
+
217
+ Diff: https://github.com/scrogson/oauth2/compare/v0.3.0...v0.4.0
218
+
219
+ ## v0.3.0 (2015-08-19)
220
+
221
+ Bump `Plug` dependency to `1.0`.
222
+
223
+ Diff: https://github.com/scrogson/oauth2/compare/v0.2.0...v0.3.0
224
+
225
+ ## v0.2.0 (2015-07-13)
226
+
227
+ - `:erlang.now` was replaced with `:os.timestamp` for compatibility with Erlang 18
228
+ - You can now pass options to the `HTTPoison` library with `OAuth2.Client.get_token/4` and `OAuth2.Client.get_token!/4`
229
+
230
+ Diff: https://github.com/scrogson/oauth2/compare/v0.1.1...v0.2.0
231
+
232
+ ## v0.1.1 (2015-04-18)
233
+
234
+ - Remove compilation warnings.
235
+ - Fix `request_body` function for `ClientCredentials`
236
+
237
+ Diff: https://github.com/scrogson/oauth2/compare/v0.1.0...v0.1.1
238
+
239
+ ## v0.1.0 (2015-04-14)
240
+
241
+ This release bring breaking changes and more documentation.
242
+
243
+ Please see the [README](https://github.com/scrogson/oauth2/blob/v0.1.0/README.md) or [Hex Docs](https://hexdocs.pm/oauth2/0.1.0) for more details.
244
+
245
+ Diff: https://github.com/scrogson/oauth2/compare/v0.0.5...v0.1.0
246
+
247
+ ## v0.0.5 (2015-04-11)
248
+
249
+ - Handles Facebook `expires` key for Access Tokens.
250
+ - Ensure the token type defaults to 'Bearer' when it is not present.
251
+
252
+ Diff: https://github.com/scrogson/oauth2/compare/0.0.3...v0.0.5
253
+
254
+ ## v0.0.3 (2015-01-12)
255
+
256
+ - Relax version requirements for Poison.
257
+
258
+ ## v0.0.2 (2015-01-10)
259
+
260
+ This release brings Password and Client Credentials strategies.
261
+
262
+ https://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.3
263
+ https://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.4
264
+
265
+ ## v0.0.1 (2014-12-07)
266
+
267
+ Initial release.
268
+
269
+ This initial release includes a functional authorization code strategy: https://tools.ietf.org/html/draft-ietf-oauth-v2-15#section-4.1
changed README.md
 
@@ -1,24 +1,25 @@
1
1
# OAuth2 (Client)
2
2
3
- > An Elixir OAuth2 Client
4
-
5
3
[![Build Status](https://travis-ci.org/scrogson/oauth2.svg?branch=master)](https://travis-ci.org/scrogson/oauth2)
6
4
[![Coverage Status](https://coveralls.io/repos/scrogson/oauth2/badge.svg?branch=master&service=github)](https://coveralls.io/github/scrogson/oauth2?branch=master)
5
+ [![Module Version](https://img.shields.io/hexpm/v/oauth2.svg)](https://hex.pm/packages/oauth2)
6
+ [![Hex Docs](https://img.shields.io/badge/hex-docs-lightgreen.svg)](https://hexdocs.pm/oauth2/)
7
+ [![Total Download](https://img.shields.io/hexpm/dt/oauth2.svg)](https://hex.pm/packages/oauth2)
8
+ [![License](https://img.shields.io/hexpm/l/oauth2.svg)](https://github.com/scrogson/oauth2/blob/master/LICENSE)
9
+ [![Last Updated](https://img.shields.io/github/last-commit/scrogson/oauth2.svg)](https://github.com/scrogson/oauth2/commits/master)
10
+
11
+ An Elixir [OAuth](https://en.wikipedia.org/wiki/OAuth) 2.0 Client Library.
7
12
8
13
## Install
9
14
10
15
```elixir
11
16
# mix.exs
12
17
13
- def application do
14
- # Add the application to your list of applications.
15
- # This will ensure that it will be included in a release.
16
- [applications: [:logger, :oauth2]]
17
- end
18
-
19
18
defp deps do
20
19
# Add the dependency
21
- [{:oauth2, "~> 2.0"}]
20
+ [
21
+ {:oauth2, "~> 2.0"}
22
+ ]
22
23
end
23
24
```
changed hex_metadata.config
 
@@ -3,17 +3,19 @@
3
3
{<<"description">>,<<"An Elixir OAuth 2.0 Client Library">>}.
4
4
{<<"elixir">>,<<"~> 1.2">>}.
5
5
{<<"files">>,
6
- [<<"lib">>,<<"lib/oauth2">>,<<"lib/oauth2/serializer.ex">>,
7
- <<"lib/oauth2/client.ex">>,<<"lib/oauth2/access_token.ex">>,
8
- <<"lib/oauth2/strategy">>,<<"lib/oauth2/strategy/password.ex">>,
9
- <<"lib/oauth2/strategy/refresh.ex">>,
10
- <<"lib/oauth2/strategy/client_credentials.ex">>,
11
- <<"lib/oauth2/strategy/auth_code.ex">>,<<"lib/oauth2/strategy.ex">>,
12
- <<"lib/oauth2/error.ex">>,<<"lib/oauth2/request.ex">>,
13
- <<"lib/oauth2/response.ex">>,<<"lib/oauth2/util.ex">>,<<"lib/oauth2.ex">>,
14
- <<"mix.exs">>,<<"README.md">>,<<"LICENSE">>]}.
6
+ [<<"lib">>,<<"lib/oauth2">>,<<"lib/oauth2/access_token.ex">>,
7
+ <<"lib/oauth2/request.ex">>,<<"lib/oauth2/strategy.ex">>,
8
+ <<"lib/oauth2/client.ex">>,<<"lib/oauth2/error.ex">>,
9
+ <<"lib/oauth2/response.ex">>,<<"lib/oauth2/util.ex">>,
10
+ <<"lib/oauth2/strategy">>,<<"lib/oauth2/strategy/client_credentials.ex">>,
11
+ <<"lib/oauth2/strategy/password.ex">>,<<"lib/oauth2/strategy/refresh.ex">>,
12
+ <<"lib/oauth2/strategy/auth_code.ex">>,<<"lib/oauth2/serializer.ex">>,
13
+ <<"lib/oauth2.ex">>,<<"mix.exs">>,<<"CHANGELOG.md">>,<<"README.md">>,
14
+ <<"LICENSE">>]}.
15
15
{<<"licenses">>,[<<"MIT">>]}.
16
- {<<"links">>,[{<<"github">>,<<"https://github.com/scrogson/oauth2">>}]}.
16
+ {<<"links">>,
17
+ [{<<"Changelog">>,<<"https://hexdocs.pm/oauth2/changelog.html">>},
18
+ {<<"GitHub">>,<<"https://github.com/scrogson/oauth2">>}]}.
17
19
{<<"name">>,<<"oauth2">>}.
18
20
{<<"requirements">>,
19
21
[[{<<"app">>,<<"hackney">>},
 
@@ -21,4 +23,4 @@
21
23
{<<"optional">>,false},
22
24
{<<"repository">>,<<"hexpm">>},
23
25
{<<"requirement">>,<<"~> 1.13">>}]]}.
24
- {<<"version">>,<<"2.0.0">>}.
26
+ {<<"version">>,<<"2.0.1">>}.
changed lib/oauth2/client.ex
 
@@ -37,7 +37,7 @@ defmodule OAuth2.Client do
37
37
@type client_secret :: binary
38
38
@type headers :: [{binary, binary}]
39
39
@type param :: binary | %{binary => param} | [param]
40
- @type params :: %{binary => param} | Keyword.t()
40
+ @type params :: %{binary => param} | Keyword.t() | %{}
41
41
@type redirect_uri :: binary
42
42
@type ref :: reference | nil
43
43
@type request_opts :: Keyword.t()
 
@@ -258,7 +258,7 @@ defmodule OAuth2.Client do
258
258
* `client` - a `OAuth2.Client` struct with the strategy to use, defaults to
259
259
`OAuth2.Strategy.AuthCode`
260
260
* `params` - a keyword list of request parameters which will be encoded into
261
- a query string or request body dependening on the selected strategy
261
+ a query string or request body depending on the selected strategy
262
262
* `headers` - a list of request headers
263
263
* `opts` - a Keyword list of request options which will be merged with
264
264
`OAuth2.Client.request_opts`
 
@@ -478,8 +478,11 @@ defmodule OAuth2.Client do
478
478
|> to_url(:token_url)
479
479
end
480
480
481
- defp token_post_header(%Client{token_method: :post} = client),
482
- do: put_header(client, "content-type", "application/x-www-form-urlencoded")
481
+ defp token_post_header(%Client{token_method: :post} = client) do
482
+ client
483
+ |> put_header("content-type", "application/x-www-form-urlencoded")
484
+ |> put_header("accept", "application/json")
485
+ end
483
486
484
487
defp token_post_header(%Client{} = client), do: client
changed lib/oauth2/request.ex
 
@@ -15,7 +15,7 @@ defmodule OAuth2.Request do
15
15
{:ok, Response.t()} | {:ok, reference} | {:error, Response.t()} | {:error, Error.t()}
16
16
def request(method, %Client{} = client, url, body, headers, opts) do
17
17
url = client |> process_url(url) |> process_params(opts[:params])
18
- headers = req_headers(client, headers) |> Enum.uniq()
18
+ headers = req_headers(client, headers) |> normalize_headers() |> Enum.uniq()
19
19
content_type = content_type(headers)
20
20
serializer = Client.get_serializer(client, content_type)
21
21
body = encode_request_body(body, content_type, serializer)
 
@@ -125,6 +125,9 @@ defmodule OAuth2.Request do
125
125
defp authorization_header(token),
126
126
do: {"authorization", "#{token.token_type} #{token.access_token}"}
127
127
128
+ defp normalize_headers(headers),
129
+ do: Enum.map(headers, fn {key, val} -> {to_string(key) |> String.downcase(), val} end)
130
+
128
131
defp process_request_headers(headers, content_type) do
129
132
case List.keyfind(headers, "accept", 0) do
130
133
{"accept", _} ->
changed mix.exs
 
@@ -1,7 +1,8 @@
1
1
defmodule OAuth2.Mixfile do
2
2
use Mix.Project
3
3
4
- @version "2.0.0"
4
+ @source_url "https://github.com/scrogson/oauth2"
5
+ @version "2.0.1"
5
6
6
7
def project do
7
8
[
 
@@ -20,7 +21,8 @@ defmodule OAuth2.Mixfile do
20
21
"coveralls.detail": :test,
21
22
"coveralls.html": :test,
22
23
docs: :dev
23
- ]
24
+ ],
25
+ dialyzer: dialyzer()
24
26
]
25
27
end
26
28
 
@@ -28,6 +30,12 @@ defmodule OAuth2.Mixfile do
28
30
[applications: [:logger, :hackney]]
29
31
end
30
32
33
+ defp dialyzer do
34
+ [
35
+ plt_file: {:no_warn, "priv/plts/dialyzer.plt"}
36
+ ]
37
+ end
38
+
31
39
defp deps do
32
40
[
33
41
{:hackney, "~> 1.13"},
 
@@ -36,12 +44,12 @@ defmodule OAuth2.Mixfile do
36
44
{:jason, "~> 1.0", only: [:dev, :test]},
37
45
{:bypass, "~> 0.9", only: :test},
38
46
{:plug_cowboy, "~> 1.0", only: :test},
39
- {:excoveralls, "~> 0.9", only: :test},
40
- {:credo, "~> 1.1.0", only: [:dev, :test], runtime: false},
41
- {:dialyxir, "~> 1.0.0-rc.6", only: [:dev], runtime: false},
42
47
43
- # Docs dependencies
44
- {:ex_doc, "~> 0.19", only: :dev}
48
+ # Tools
49
+ {:credo, ">= 0.0.0", only: [:dev, :test], runtime: false},
50
+ {:dialyxir, ">= 0.0.0", only: [:dev], runtime: false},
51
+ {:ex_doc, ">= 0.0.0", only: [:dev], runtime: false},
52
+ {:excoveralls, ">= 0.0.0", only: [:test], runtime: false}
45
53
]
46
54
end
47
55
 
@@ -51,19 +59,24 @@ defmodule OAuth2.Mixfile do
51
59
52
60
defp docs do
53
61
[
54
- extras: ["README.md"],
62
+ extras: ["CHANGELOG.md", "README.md": [title: "Overview"]],
55
63
main: "readme",
56
64
source_ref: "v#{@version}",
57
- source_url: "https://github.com/scrogson/oauth2"
65
+ source_url: @source_url,
66
+ skip_undefined_reference_warnings_on: ["CHANGELOG.md"],
67
+ formatters: ["html"]
58
68
]
59
69
end
60
70
61
71
defp package do
62
72
[
63
- files: ["lib", "mix.exs", "README.md", "LICENSE"],
73
+ files: ["lib", "mix.exs", "CHANGELOG.md", "README.md", "LICENSE"],
64
74
maintainers: ["Sonny Scroggin"],
65
75
licenses: ["MIT"],
66
- links: %{github: "https://github.com/scrogson/oauth2"}
76
+ links: %{
77
+ Changelog: "https://hexdocs.pm/oauth2/changelog.html",
78
+ GitHub: @source_url
79
+ }
67
80
]
68
81
end