Changes

• Percent encode special characters in HMAC-SHA1 secrets (#72)
• Strip whitespace from request token body (#56)
• Update Go module dependencies

Contributions

• Use a centrally managed GitHub Workflow for go tests by @dghubble in #68
• Allow Go test Workflow to run on PRs by @dghubble in #69
• Fix HMAC-SHA1 key creation. by @jerryryle in #72
• Fix oauth_callback_confirmed comparison when server returns extra whitespace by @pscohn in #56
• Add changelog for new release by @dghubble in https://github.com/dghubble/oauth1/pull/73A

Dependencies

• Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 by @dependabot in #67
• Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 by @dependabot in #70
• Bump github.com/stretchr/testify from 1.8.3 to 1.8.4 by @dependabot in #71

New Contributors

• @jerryryle made their first contribution in #72
• @pscohn made their first contribution in #56

Full Changelog: v0.7.2...v0.7.3

• Update minimum Go version from v1.17 to v1.18 (#66)

• Show body when RequestToken or AccessToken requests return an invalid status code (#54)

• Add an HMAC256Signer (#40)
• Add discogs Endpoint (#39)
• Allow custom Noncer for unusual OAuth1 providers (#45
• Change tumblr Endpoint URLs to https (#37)

• Add Go module support (#32)

• Use standard library context (c0a405)
  • Requires Go 1.7+
• Add xing package with a provider Endpoint (#10)
• Add status code checks so server errors are clearer (09fded)
• Move confirmed check after token check so errors are clearer (#8)

• Add a Signer field to the Config to allow custom Signer implementations.
• Use the HMACSigner by default. This provides the same signing behavior as in previous versions (HMAC-SHA1).
• Add an RSASigner for "RSA-SHA1" OAuth1 Providers.
• Add missing Authorization Header quotes around OAuth parameter values. Many providers allowed these quotes to be missing.
• Change Signer to be a signer interface.
• Remove the old Signer methods SetAccessTokenAuthHeader, SetRequestAuthHeader, and SetRequestTokenAuthHeader.

• Added NoContext which may be used in most cases.
• Allowed Transport Base http.RoundTripper to be set through a ctx.
• Changed NewClient to require a context.Context.
• Changed Config.Client to require a context.Context.

• Improved OAuth 1 spec compliance and test coverage.
• Added func StaticTokenSource(*Token) TokenSource
• Added ParseAuthorizationCallback function. Removed Config.HandleAuthorizationCallback method.
• Changed Config method signatures to allow an interface to be defined for the OAuth1 authorization flow. Gives users of this package (and downstream packages) the freedom to use other implementations if they wish.
• Removed RequestToken in favor of passing token and secret value strings.
• Removed ReuseTokenSource struct, it was effectively a static source. Replaced by StaticTokenSource.

• Initial OAuth1 support for obtaining authorization and making authorized requests.