diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
new file mode 100644
index 00000000..c5fee1cc
--- /dev/null
+++ b/.devcontainer/devcontainer.json
@@ -0,0 +1,26 @@
+// For format details, see https://aka.ms/devcontainer.json. For config options, see the
+// README at: https://github.com/devcontainers/templates/tree/main/src/ruby
+{
+ "name": "Ruby",
+ // Or use a Dockerfile or Docker Compose file. More info: https://containers.dev/guide/dockerfile
+ "image": "mcr.microsoft.com/devcontainers/ruby:1-3-bookworm",
+
+ // Features to add to the dev container. More info: https://containers.dev/features.
+ // "features": {},
+
+ // Use 'forwardPorts' to make a list of ports inside the container available locally.
+ // "forwardPorts": [],
+
+ // Use 'postCreateCommand' to run commands after the container is created.
+ // "postCreateCommand": "ruby --version",
+
+ // Configure tool-specific properties.
+ "customizations" : {
+ "jetbrains" : {
+ "backend" : "RubyMine"
+ }
+ },
+
+ // Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root.
+ // "remoteUser": "root"
+}
diff --git a/.envrc b/.envrc
index 83123050..e049643d 100644
--- a/.envrc
+++ b/.envrc
@@ -29,6 +29,9 @@ export MAX_ROWS=1 # Setting for simplecov-console gem for tty output, limits to
# Internal Debugging Controls
export DEBUG=false # do not allow byebug statements (override in .env.local)
+# Concurrently developing the rubocop-lts suite?
+export RUBOCOP_LTS_LOCAL=false
+
# .env would override anything in this file, if `dotenv` is uncommented below.
# .env is a DOCKER standard, and if we use it, it would be in deployed, or DOCKER, environments,
# and that is why we generally want to leave it commented out.
diff --git a/.github/workflows/danger.yml b/.github/disabled-workflows/danger.yml
similarity index 100%
rename from .github/workflows/danger.yml
rename to .github/disabled-workflows/danger.yml
diff --git a/.github/workflows/ancient.yml b/.github/workflows/ancient.yml
index 6fd1cd71..8771e589 100644
--- a/.github/workflows/ancient.yml
+++ b/.github/workflows/ancient.yml
@@ -1,5 +1,8 @@
name: MRI 2.3, 2.4, 2.5 (EOL)
+permissions:
+ contents: read
+
on:
push:
branches:
diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
index b01c457f..700c34e1 100644
--- a/.github/workflows/coverage.yml
+++ b/.github/workflows/coverage.yml
@@ -1,10 +1,14 @@
name: Test Coverage
+permissions:
+ contents: read
+ pull-requests: write
+
env:
K_SOUP_COV_MIN_BRANCH: 100
K_SOUP_COV_MIN_LINE: 100
K_SOUP_COV_MIN_HARD: true
- K_SOUP_COV_FORMATTERS: "html,rcov,lcov,json,tty"
+ K_SOUP_COV_FORMATTERS: "html,xml,rcov,lcov,json,tty"
K_SOUP_COV_DO: true
K_SOUP_COV_MULTI_FORMATTERS: true
K_SOUP_COV_COMMAND_NAME: "RSpec Coverage"
@@ -22,9 +26,6 @@ on:
# Allow manually triggering the workflow.
workflow_dispatch:
-permissions:
- contents: read
-
# Cancels all previous workflow runs for the same branch that have not yet completed.
concurrency:
# The concurrency group contains the workflow name and the branch name.
@@ -73,6 +74,30 @@ jobs:
- name: Tests for ${{ matrix.ruby }}@current via ${{ matrix.exec_cmd }}
run: bundle exec appraisal ${{ matrix.appraisal }} bundle exec ${{ matrix.exec_cmd }}
+ # Do SaaS coverage uploads first
+ - name: Upload coverage to Coveralls
+ uses: coverallsapp/github-action@master
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ continue-on-error: ${{ matrix.experimental != 'false' }}
+
+ - name: Upload coverage to QLTY
+ uses: qltysh/qlty-action/coverage@main
+ with:
+ token: ${{secrets.QLTY_COVERAGE_TOKEN}}
+ files: coverage/.resultset.json
+ continue-on-error: ${{ matrix.experimental != 'false' }}
+
+ # Build will fail here if coverage upload fails
+ # which will hopefully be noticed for the lack of code coverage comments
+ - name: Upload coverage to CodeCov
+ uses: codecov/codecov-action@v5
+ with:
+ fail_ci_if_error: true # optional (default = false)
+ token: ${{ secrets.CODECOV_TOKEN }}
+ verbose: true # optional (default = false)
+
+ # Then PR comments
- name: Code Coverage Summary Report
uses: irongut/CodeCoverageSummary@v1.3.0
if: ${{ github.event_name == 'pull_request' }}
@@ -95,23 +120,3 @@ jobs:
recreate: true
path: code-coverage-results.md
continue-on-error: ${{ matrix.experimental != 'false' }}
-
- - name: Upload coverage to Coveralls
- uses: coverallsapp/github-action@master
- with:
- github-token: ${{ secrets.GITHUB_TOKEN }}
- continue-on-error: ${{ matrix.experimental != 'false' }}
-
- - name: Upload coverage to QLTY
- uses: qltysh/qlty-action/coverage@main
- with:
- coverage-token: ${{secrets.QLTY_COVERAGE_TOKEN}}
- files: coverage/.resultset.json
- continue-on-error: ${{ matrix.experimental != 'false' }}
-
- - name: Upload coverage to CodeCov
- uses: codecov/codecov-action@v5
- with:
- fail_ci_if_error: true # optional (default = false)
- token: ${{ secrets.CODECOV_TOKEN }}
- verbose: true # optional (default = false)
diff --git a/.github/workflows/current-runtime-heads.yml b/.github/workflows/current-runtime-heads.yml
new file mode 100644
index 00000000..8d59fd24
--- /dev/null
+++ b/.github/workflows/current-runtime-heads.yml
@@ -0,0 +1,87 @@
+# Targets the evergreen latest release of ruby, truffleruby, and jruby
+# and tests against the HEAD of runtime dependencies
+name: Runtime Deps @ HEAD
+
+permissions:
+ contents: read
+
+env:
+ K_SOUP_COV_DO: false
+
+on:
+ push:
+ branches:
+ - 'main'
+ - '*-stable'
+ tags:
+ - '!*' # Do not execute on tags
+ pull_request:
+ branches:
+ - '*'
+ # Allow manually triggering the workflow.
+ workflow_dispatch:
+
+# Cancels all previous workflow runs for the same branch that have not yet completed.
+concurrency:
+ # The concurrency group contains the workflow name and the branch name.
+ group: "${{ github.workflow }}-${{ github.ref }}"
+ cancel-in-progress: true
+
+jobs:
+ test:
+ name: Specs ${{ matrix.ruby }}@${{ matrix.appraisal }}
+ if: "!contains(github.event.commits[0].message, '[ci skip]') && !contains(github.event.commits[0].message, '[skip ci]')"
+ runs-on: ubuntu-latest
+ continue-on-error: ${{ matrix.experimental || endsWith(matrix.ruby, 'head') }}
+ env: # $BUNDLE_GEMFILE must be set at job level, so it is set for all steps
+ BUNDLE_GEMFILE: ${{ github.workspace }}/${{ matrix.gemfile }}.gemfile
+ strategy:
+ matrix:
+ include:
+ # Ruby 3.4
+ - ruby: "ruby"
+ appraisal: "current-runtime-heads"
+ exec_cmd: "rake test"
+ gemfile: "Appraisal.root"
+ rubygems: latest
+ bundler: latest
+
+ # truffleruby-24.1
+ # (according to documentation: targets Ruby 3.3 compatibility)
+ # (according to runtime: targets Ruby 3.2 compatibility)
+ - ruby: "truffleruby"
+ appraisal: "current-runtime-heads"
+ exec_cmd: "rake test"
+ gemfile: "Appraisal.root"
+ rubygems: default
+ bundler: default
+
+ # jruby-10.0 (targets Ruby 3.4 compatibility)
+ - ruby: "jruby"
+ appraisal: "current-runtime-heads"
+ exec_cmd: "rake test"
+ gemfile: "Appraisal.root"
+ rubygems: default
+ bundler: default
+
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+
+ - name: Setup Ruby & RubyGems
+ uses: ruby/setup-ruby@v1
+ with:
+ ruby-version: ${{ matrix.ruby }}
+ rubygems: ${{ matrix.rubygems }}
+ bundler: ${{ matrix.bundler }}
+ bundler-cache: false
+
+ # Raw `bundle` will use the BUNDLE_GEMFILE set to matrix.gemfile (i.e. Appraisal.root)
+ # We need to do this first to get appraisal installed.
+ # NOTE: This does not use the primary Gemfile at all.
+ - name: Install Root Appraisal
+ run: bundle
+ - name: Appraisal for ${{ matrix.ruby }}@${{ matrix.appraisal }}
+ run: bundle exec appraisal ${{ matrix.appraisal }} bundle
+ - name: Tests for ${{ matrix.ruby }}@${{ matrix.appraisal }} via ${{ matrix.exec_cmd }}
+ run: bundle exec appraisal ${{ matrix.appraisal }} bundle exec ${{ matrix.exec_cmd }}
diff --git a/.github/workflows/current.yml b/.github/workflows/current.yml
index 8c9df56f..fa978124 100644
--- a/.github/workflows/current.yml
+++ b/.github/workflows/current.yml
@@ -1,6 +1,9 @@
# Targets the evergreen latest release of ruby, truffleruby, and jruby
name: Current
+permissions:
+ contents: read
+
env:
K_SOUP_COV_DO: false
@@ -17,9 +20,6 @@ on:
# Allow manually triggering the workflow.
workflow_dispatch:
-permissions:
- contents: read
-
# Cancels all previous workflow runs for the same branch that have not yet completed.
concurrency:
# The concurrency group contains the workflow name and the branch name.
diff --git a/.github/workflows/heads.yml b/.github/workflows/heads.yml
index e47356ae..2223e702 100644
--- a/.github/workflows/heads.yml
+++ b/.github/workflows/heads.yml
@@ -1,5 +1,8 @@
name: Heads
+permissions:
+ contents: read
+
env:
K_SOUP_COV_DO: false
@@ -16,9 +19,6 @@ on:
# Allow manually triggering the workflow.
workflow_dispatch:
-permissions:
- contents: read
-
# Cancels all previous workflow runs for the same branch that have not yet completed.
concurrency:
# The concurrency group contains the workflow name and the branch name.
@@ -77,9 +77,21 @@ jobs:
# Raw `bundle` will use the BUNDLE_GEMFILE set to matrix.gemfile (i.e. Appraisal.root)
# We need to do this first to get appraisal installed.
# NOTE: This does not use the primary Gemfile at all.
- - name: Install Root Appraisal
+ - name: "Install Root Appraisal"
run: bundle
- - name: Appraisal for ${{ matrix.ruby }}@${{ matrix.appraisal }}
+
+ - name: "[Attempt 1] Appraisal for ${{ matrix.ruby }}@${{ matrix.appraisal }}"
+ id: bundleAttempt1
run: bundle exec appraisal ${{ matrix.appraisal }} bundle
+ # Continue to the next step on failure
+ continue-on-error: true
+
+ # Effectively an automatic retry of the previous step.
+ - name: "[Attempt 2] Appraisal for ${{ matrix.ruby }}@${{ matrix.appraisal }}"
+ id: bundleAttempt2
+ # If bundleAttempt1 failed, try again here; Otherwise skip.
+ if: steps.bundleAttempt1.outcome == 'failure'
+ run: bundle exec appraisal ${{ matrix.appraisal }} bundle
+
- name: Tests for ${{ matrix.ruby }}@${{ matrix.appraisal }} via ${{ matrix.exec_cmd }}
run: bundle exec appraisal ${{ matrix.appraisal }} bundle exec ${{ matrix.exec_cmd }}
diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml
index 29032084..697ec5fc 100644
--- a/.github/workflows/jruby.yml
+++ b/.github/workflows/jruby.yml
@@ -1,5 +1,8 @@
name: JRuby
+permissions:
+ contents: read
+
env:
K_SOUP_COV_DO: false
@@ -16,9 +19,6 @@ on:
# Allow manually triggering the workflow.
workflow_dispatch:
-permissions:
- contents: read
-
# Cancels all previous workflow runs for the same branch that have not yet completed.
concurrency:
# The concurrency group contains the workflow name and the branch name.
diff --git a/.github/workflows/legacy.yml b/.github/workflows/legacy.yml
index a76b6493..4b60e371 100644
--- a/.github/workflows/legacy.yml
+++ b/.github/workflows/legacy.yml
@@ -1,4 +1,7 @@
-name: MRI 3.0 (EOL)
+name: MRI 3.0, 3.1 (EOL)
+
+permissions:
+ contents: read
env:
K_SOUP_COV_DO: false
@@ -16,9 +19,6 @@ on:
# Allow manually triggering the workflow.
workflow_dispatch:
-permissions:
- contents: read
-
# Cancels all previous workflow runs for the same branch that have not yet completed.
concurrency:
# The concurrency group contains the workflow name and the branch name.
@@ -37,6 +37,14 @@ jobs:
fail-fast: false
matrix:
include:
+ # Ruby 3.1
+ - ruby: "ruby-3.1"
+ appraisal: "ruby-3-1"
+ exec_cmd: "rake test"
+ gemfile: "Appraisal.root"
+ rubygems: latest
+ bundler: latest
+
# Ruby 3.0
- ruby: "ruby-3.0"
appraisal: "ruby-3-0"
diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml
index 2961b7c2..3e65abb0 100644
--- a/.github/workflows/macos.yml
+++ b/.github/workflows/macos.yml
@@ -1,6 +1,9 @@
# Targets the evergreen latest release of ruby, truffleruby, and jruby
name: MacOS
+permissions:
+ contents: read
+
env:
K_SOUP_COV_DO: false
@@ -17,9 +20,6 @@ on:
# Allow manually triggering the workflow.
workflow_dispatch:
-permissions:
- contents: read
-
# Cancels all previous workflow runs for the same branch that have not yet completed.
concurrency:
# The concurrency group contains the workflow name and the branch name.
diff --git a/.github/workflows/style.yml b/.github/workflows/style.yml
index aeaf0cc8..be162a96 100644
--- a/.github/workflows/style.yml
+++ b/.github/workflows/style.yml
@@ -1,5 +1,8 @@
name: Style
+permissions:
+ contents: read
+
on:
push:
branches:
@@ -13,9 +16,6 @@ on:
# Allow manually triggering the workflow.
workflow_dispatch:
-permissions:
- contents: read
-
# Cancels all previous workflow runs for the same branch that have not yet completed.
concurrency:
# The concurrency group contains the workflow name and the branch name.
diff --git a/.github/workflows/supported.yml b/.github/workflows/supported.yml
index 832b2d1a..ddf1ce55 100644
--- a/.github/workflows/supported.yml
+++ b/.github/workflows/supported.yml
@@ -1,5 +1,8 @@
name: MRI Non-EOL
+permissions:
+ contents: read
+
env:
K_SOUP_COV_DO: false
@@ -16,9 +19,6 @@ on:
# Allow manually triggering the workflow.
workflow_dispatch:
-permissions:
- contents: read
-
# Cancels all previous workflow runs for the same branch that have not yet completed.
concurrency:
# The concurrency group contains the workflow name and the branch name.
@@ -36,14 +36,6 @@ jobs:
strategy:
matrix:
include:
- # Ruby 3.1
- - ruby: "ruby-3.1"
- appraisal: "ruby-3-1"
- exec_cmd: "rake test"
- gemfile: "Appraisal.root"
- rubygems: latest
- bundler: latest
-
# Ruby 3.2
- ruby: "ruby-3.2"
appraisal: "ruby-3-2"
diff --git a/.github/workflows/truffle.yml b/.github/workflows/truffle.yml
index 611cfb84..dafc1c36 100644
--- a/.github/workflows/truffle.yml
+++ b/.github/workflows/truffle.yml
@@ -1,5 +1,8 @@
name: Truffle
+permissions:
+ contents: read
+
env:
K_SOUP_COV_DO: false
@@ -16,9 +19,6 @@ on:
# Allow manually triggering the workflow.
workflow_dispatch:
-permissions:
- contents: read
-
# Cancels all previous workflow runs for the same branch that have not yet completed.
concurrency:
# The concurrency group contains the workflow name and the branch name.
diff --git a/.github/workflows/unsupported.yml b/.github/workflows/unsupported.yml
index 6b54dc53..5768bb03 100644
--- a/.github/workflows/unsupported.yml
+++ b/.github/workflows/unsupported.yml
@@ -1,5 +1,8 @@
name: MRI 2.6 & 2.7 (EOL)
+permissions:
+ contents: read
+
env:
K_SOUP_COV_DO: false
@@ -16,9 +19,6 @@ on:
# Allow manually triggering the workflow.
workflow_dispatch:
-permissions:
- contents: read
-
# Cancels all previous workflow runs for the same branch that have not yet completed.
concurrency:
# The concurrency group contains the workflow name and the branch name.
diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml
index 2d82972a..8966b601 100644
--- a/.github/workflows/windows.yml
+++ b/.github/workflows/windows.yml
@@ -1,6 +1,9 @@
# Targets the evergreen latest release of ruby, truffleruby, and jruby
name: Windows
+permissions:
+ contents: read
+
env:
K_SOUP_COV_DO: false
@@ -17,9 +20,6 @@ on:
# Allow manually triggering the workflow.
workflow_dispatch:
-permissions:
- contents: read
-
# Cancels all previous workflow runs for the same branch that have not yet completed.
concurrency:
# The concurrency group contains the workflow name and the branch name.
diff --git a/.rubocop.yml b/.rubocop.yml
index 32a249f3..6653c82a 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -78,3 +78,6 @@ Style/TrailingCommaInArrayLiteral:
Style/TrailingCommaInHashLiteral:
EnforcedStyleForMultiline: comma
+
+Gemspec/DependencyVersion:
+ Enabled: false
\ No newline at end of file
diff --git a/.rubocop_gradual.lock b/.rubocop_gradual.lock
index 1e975eef..19938afb 100644
--- a/.rubocop_gradual.lock
+++ b/.rubocop_gradual.lock
@@ -21,15 +21,8 @@
"lib/oauth2/response.rb:4048171841": [
[35, 5, 204, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 996912427]
],
- "oauth2.gemspec:290828046": [
- [5, 23, 12, "Gemspec/RubyVersionGlobalsUsage: Do not use `RUBY_VERSION` in gemspec file.", 31296028],
- [115, 3, 54, "Gemspec/DependencyVersion: Dependency version specification is required.", 3677216839],
- [116, 3, 47, "Gemspec/DependencyVersion: Dependency version specification is required.", 2440116108],
- [118, 3, 46, "Gemspec/DependencyVersion: Dependency version specification is required.", 1075698341],
- [128, 3, 58, "Gemspec/DependencyVersion: Dependency version specification is required.", 2795510341],
- [129, 3, 52, "Gemspec/DependencyVersion: Dependency version specification is required.", 804182931],
- [130, 3, 52, "Gemspec/DependencyVersion: Dependency version specification is required.", 3163430777],
- [131, 3, 48, "Gemspec/DependencyVersion: Dependency version specification is required.", 425065368]
+ "oauth2.gemspec:3193137965": [
+ [5, 23, 12, "Gemspec/RubyVersionGlobalsUsage: Do not use `RUBY_VERSION` in gemspec file.", 31296028]
],
"spec/oauth2/access_token_spec.rb:443932125": [
[3, 1, 34, "RSpec/SpecFilePathFormat: Spec path should end with `o_auth2/access_token*_spec.rb`.", 1972107547],
@@ -80,7 +73,7 @@
[3, 1, 31, "RSpec/SpecFilePathFormat: Spec path should end with `o_auth2/response*_spec.rb`.", 3190869319],
[317, 33, 2, "RSpec/BeEq: Prefer `be` over `eq`.", 5860785]
],
- "spec/oauth2/strategy/assertion_spec.rb:3215095897": [
+ "spec/oauth2/strategy/assertion_spec.rb:793170256": [
[6, 1, 42, "RSpec/SpecFilePathFormat: Spec path should end with `o_auth2/strategy/assertion*_spec.rb`.", 3665690869]
],
"spec/oauth2/strategy/auth_code_spec.rb:142083698": [
diff --git a/Appraisals b/Appraisals
index 366123bb..e047d4fb 100644
--- a/Appraisals
+++ b/Appraisals
@@ -9,78 +9,121 @@
appraise "head" do
gem "mutex_m", ">= 0.2"
gem "stringio", ">= 3.0"
- eval_gemfile "modular/f2.gemfile"
+ eval_gemfile "modular/runtime_heads.gemfile"
remove_gem "appraisal" # only present because it must be in the gemfile because we target a git branch
end
-# Used for current releases of ruby, truffleruby, and jruby.
-# Split into discrete appraisals if one of them needs a dependency locked discretely.
-appraise "current" do
+# Test current Rubies against head versions of runtime dependencies
+appraise "current-runtime-heads" do
gem "mutex_m", ">= 0.2"
gem "stringio", ">= 3.0"
- eval_gemfile "modular/f2.gemfile"
+ eval_gemfile "modular/runtime_heads.gemfile"
remove_gem "appraisal" # only present because it must be in the gemfile because we target a git branch
end
-appraise "ruby-2-2" do
- eval_gemfile "modular/f0.gemfile"
+# Used for current releases of ruby, truffleruby, and jruby.
+# Split into discrete appraisals if one of them needs a dependency locked discretely.
+appraise "current" do
+ gem "mutex_m", ">= 0.2"
+ gem "stringio", ">= 3.0"
+ eval_gemfile "modular/faraday_v2.gemfile"
+ eval_gemfile "modular/jwt_v3.gemfile"
+ eval_gemfile "modular/logger_v1_7.gemfile"
+ eval_gemfile "modular/multi_xml_v0_7.gemfile"
+ eval_gemfile "modular/rack_v3.gemfile"
remove_gem "appraisal" # only present because it must be in the gemfile because we target a git branch
end
appraise "ruby-2-3" do
- eval_gemfile "modular/f0.gemfile"
+ eval_gemfile "modular/faraday_v0.gemfile"
+ eval_gemfile "modular/jwt_v1.gemfile"
+ eval_gemfile "modular/logger_v1_2.gemfile"
+ eval_gemfile "modular/multi_xml_v0_5.gemfile"
+ eval_gemfile "modular/rack_v1_2.gemfile"
remove_gem "appraisal" # only present because it must be in the gemfile because we target a git branch
end
appraise "ruby-2-4" do
- eval_gemfile "modular/f1.gemfile"
+ eval_gemfile "modular/faraday_v1.gemfile"
+ eval_gemfile "modular/jwt_v1.gemfile"
+ eval_gemfile "modular/logger_v1_2.gemfile"
+ eval_gemfile "modular/multi_xml_v0_5.gemfile"
+ eval_gemfile "modular/rack_v1_6.gemfile"
remove_gem "appraisal" # only present because it must be in the gemfile because we target a git branch
end
appraise "ruby-2-5" do
- eval_gemfile "modular/f1.gemfile"
+ eval_gemfile "modular/faraday_v1.gemfile"
+ eval_gemfile "modular/jwt_v2.gemfile"
+ eval_gemfile "modular/logger_v1_5.gemfile"
+ eval_gemfile "modular/multi_xml_v0_6.gemfile"
+ eval_gemfile "modular/rack_v2.gemfile"
remove_gem "appraisal" # only present because it must be in the gemfile because we target a git branch
end
appraise "ruby-2-6" do
gem "mutex_m", "~> 0.2"
gem "stringio", "~> 3.0"
- eval_gemfile "modular/f2.gemfile"
+ eval_gemfile "modular/faraday_v2.gemfile"
+ eval_gemfile "modular/jwt_v2.gemfile"
+ eval_gemfile "modular/logger_v1_5.gemfile"
+ eval_gemfile "modular/multi_xml_v0_6.gemfile"
+ eval_gemfile "modular/rack_v3.gemfile"
remove_gem "appraisal" # only present because it must be in the gemfile because we target a git branch
end
appraise "ruby-2-7" do
gem "mutex_m", "~> 0.2"
gem "stringio", "~> 3.0"
- eval_gemfile "modular/f2.gemfile"
+ eval_gemfile "modular/faraday_v2.gemfile"
+ eval_gemfile "modular/jwt_v2.gemfile"
+ eval_gemfile "modular/logger_v1_7.gemfile"
+ eval_gemfile "modular/multi_xml_v0_6.gemfile"
+ eval_gemfile "modular/rack_v3.gemfile"
remove_gem "appraisal" # only present because it must be in the gemfile because we target a git branch
end
appraise "ruby-3-0" do
gem "mutex_m", "~> 0.2"
gem "stringio", "~> 3.0"
- eval_gemfile "modular/f2.gemfile"
+ eval_gemfile "modular/faraday_v2.gemfile"
+ eval_gemfile "modular/jwt_v2.gemfile"
+ eval_gemfile "modular/logger_v1_7.gemfile"
+ eval_gemfile "modular/multi_xml_v0_6.gemfile"
+ eval_gemfile "modular/rack_v3.gemfile"
remove_gem "appraisal" # only present because it must be in the gemfile because we target a git branch
end
appraise "ruby-3-1" do
gem "mutex_m", "~> 0.2"
gem "stringio", "~> 3.0"
- eval_gemfile "modular/f2.gemfile"
+ eval_gemfile "modular/faraday_v2.gemfile"
+ eval_gemfile "modular/jwt_v2.gemfile"
+ eval_gemfile "modular/logger_v1_7.gemfile"
+ eval_gemfile "modular/multi_xml_v0_6.gemfile"
+ eval_gemfile "modular/rack_v3.gemfile"
remove_gem "appraisal" # only present because it must be in the gemfile because we target a git branch
end
appraise "ruby-3-2" do
gem "mutex_m", "~> 0.2"
gem "stringio", "~> 3.0"
- eval_gemfile "modular/f2.gemfile"
+ eval_gemfile "modular/faraday_v2.gemfile"
+ eval_gemfile "modular/jwt_v2.gemfile"
+ eval_gemfile "modular/logger_v1_7.gemfile"
+ eval_gemfile "modular/multi_xml_v0_7.gemfile"
+ eval_gemfile "modular/rack_v3.gemfile"
remove_gem "appraisal" # only present because it must be in the gemfile because we target a git branch
end
appraise "ruby-3-3" do
gem "mutex_m", "~> 0.2"
gem "stringio", "~> 3.0"
- eval_gemfile "modular/f2.gemfile"
+ eval_gemfile "modular/faraday_v2.gemfile"
+ eval_gemfile "modular/jwt_v2.gemfile"
+ eval_gemfile "modular/logger_v1_7.gemfile"
+ eval_gemfile "modular/multi_xml_v0_7.gemfile"
+ eval_gemfile "modular/rack_v3.gemfile"
remove_gem "appraisal" # only present because it must be in the gemfile because we target a git branch
end
@@ -88,8 +131,12 @@ end
appraise "audit" do
gem "mutex_m", "~> 0.2"
gem "stringio", "~> 3.0"
- eval_gemfile "modular/f2.gemfile"
eval_gemfile "modular/audit.gemfile"
+ eval_gemfile "modular/faraday_v2.gemfile"
+ eval_gemfile "modular/jwt_v2.gemfile"
+ eval_gemfile "modular/logger_v1_7.gemfile"
+ eval_gemfile "modular/multi_xml_v0_7.gemfile"
+ eval_gemfile "modular/rack_v3.gemfile"
remove_gem "appraisal" # only present because it must be in the gemfile because we target a git branch
end
@@ -97,8 +144,12 @@ end
appraise "coverage" do
gem "mutex_m", "~> 0.2"
gem "stringio", "~> 3.0"
- eval_gemfile "modular/f2.gemfile"
eval_gemfile "modular/coverage.gemfile"
+ eval_gemfile "modular/faraday_v2.gemfile"
+ eval_gemfile "modular/jwt_v2.gemfile"
+ eval_gemfile "modular/logger_v1_7.gemfile"
+ eval_gemfile "modular/multi_xml_v0_7.gemfile"
+ eval_gemfile "modular/rack_v3.gemfile"
remove_gem "appraisal" # only present because it must be in the gemfile because we target a git branch
end
@@ -106,7 +157,6 @@ end
appraise "style" do
gem "mutex_m", "~> 0.2"
gem "stringio", "~> 3.0"
- eval_gemfile "modular/f2.gemfile"
eval_gemfile "modular/style.gemfile"
remove_gem "appraisal" # only present because it must be in the gemfile because we target a git branch
end
@@ -115,7 +165,11 @@ appraise "omnibus" do
eval_gemfile "modular/audit.gemfile"
eval_gemfile "modular/coverage.gemfile"
eval_gemfile "modular/documentation.gemfile"
- eval_gemfile "modular/f2.gemfile"
+ eval_gemfile "modular/faraday_v2.gemfile"
+ eval_gemfile "modular/jwt_v2.gemfile"
+ eval_gemfile "modular/logger_v1_7.gemfile"
+ eval_gemfile "modular/multi_xml_v0_7.gemfile"
+ eval_gemfile "modular/rack_v3.gemfile"
eval_gemfile "modular/style.gemfile"
remove_gem "appraisal" # only present because it must be in the gemfile because we target a git branch
end
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9dfd6dc5..a0cdbe74 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,19 +7,26 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
## [Unreleased]
### Added
### Changed
-### Fixed
+### Deprecated
### Removed
+### Fixed
+### Security
-## [2.0.10] - 2025-05-XX ([tag][2.0.10t])
+## [2.0.10] - 2025-05-16
+- TAG: [v2.0.10][2.0.10t]
+- COVERAGE: 100.00% -- 518/518 lines in 14 files
+- BRANCH COVERAGE: 100.00% -- 170/170 branches in 14 files
+- 79.05% documented
### Added
-- [!635](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/635) - `.gitlab-ci.yml` file (@jessieay)
-- [#638](https://gitlab.com/oauth-xx/oauth2/-/issues/638) - Documentation of support for ILO Fundamental Principles of Rights at Work
-- [!642](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/642) - 20 year certificate for signing gem releases, expires 2045-04-29 (@pboling)
- - Gemspec metadata (@pboling)
+- [gh!632](https://github.com/oauth-xx/oauth2/pull/632) - Added `funding.yml` (@Aboling0)
+- [!635](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/635) - Added `.gitlab-ci.yml` (@jessieay)
+- [#638](https://gitlab.com/oauth-xx/oauth2/-/issues/638) - Documentation of support for **ILO Fundamental Principles of Rights at Work** (@pboling)
+- [!642](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/642) - 20-year certificate for signing gem releases, expires 2045-04-29 (@pboling)
+ - Gemspec metadata
- funding_uri
- news_uri
- mailing_list_uri
- - SHA256 and SHA512 Checksums for release (@pboling)
+ - SHA256 and SHA512 Checksums for release
- [!643](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/643) - Add `token_name` option (@pboling)
- Specify the parameter name that identifies the access token
- [!645](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/645) - Add `OAuth2::OAUTH_DEBUG` constant, based on `ENV["OAUTH_DEBUG"] (@pboling)
@@ -28,17 +35,19 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
- `OAuth2::Client#revoke_token`
- `OAuth2::AccessToken#revoke`
- See: https://datatracker.ietf.org/doc/html/rfc7009
+- [gh!644](https://github.com/oauth-xx/oauth2/pull/644), [gh!645](https://github.com/oauth-xx/oauth2/pull/645) - Added CITATION.cff (@Aboling0)
+- [!648](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/648) - Improved documentation (@pboling)
### Changed
-- Default value of `OAuth2.config.silence_extra_tokens_warning` was `false`, now `true`
+- Default value of `OAuth2.config.silence_extra_tokens_warning` was `false`, now `true` (@pboling)
- Gem releases are now cryptographically signed, with a 20-year cert (@pboling)
- - Allow linux distros to build release without signing, as their package managers sign independently
+ - Allow linux distros to build release without signing, as their package managers sign independently
- [!647](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/647) - `OAuth2::AccessToken#refresh` now supports block param pass through (@pboling)
- [!647](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/647) - `OAuth2.config` is no longer writable (@pboling)
-- [!647](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/647) - Errors raised by OAuth2::AccessToken are now always OAuth2::Error and have better metadata (@pboling)
+- [!647](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/647) - Errors raised by `OAuth2::AccessToken` are now always `OAuth2::Error` and have better metadata (@pboling)
### Fixed
- [#95](https://gitlab.com/oauth-xx/oauth2/-/issues/95) - restoring an access token via `AccessToken#from_hash` (@pboling)
- - This was a 13 year old bug report. 😘
-- [#619](https://gitlab.com/oauth-xx/oauth2/-/issues/619) - Internal options (like snaky, raise_errors, and parse) are no longer included in request (@pboling)
+ - This was a 13 year old bug report. 😘
+- [#619](https://gitlab.com/oauth-xx/oauth2/-/issues/619) - Internal options (like `snaky`, `raise_errors`, and `parse`) are no longer included in request (@pboling)
- [!633](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/633) - Spaces will now be encoded as `%20` instead of `+` (@nov.matake)
- [!634](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/634) - `CHANGELOG.md` documentation fix (@skuwa229)
- [!638](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/638) - fix `expired?` when `expires_in` is `0` (@disep)
@@ -48,144 +57,158 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
- [!641](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/641) - Do not include sensitive information in the `inspect` (@manuelvanrijn)
- [#641](https://gitlab.com/oauth-xx/oauth2/-/issues/641) - Made default JSON response parser more resilient (@pboling)
- [#645](https://gitlab.com/oauth-xx/oauth2/-/issues/645) - Response no longer becomes a snaky hash (@pboling)
+- [gh!646](https://github.com/oauth-xx/oauth2/pull/646) - Change `require` to `require_relative` (improve performance) (@Aboling0)
-## [2.0.9] - 2022-09-16 ([tag][2.0.9t])
+## [2.0.9] - 2022-09-16
+- TAG: [v2.0.9][2.0.9t]
### Added
- More specs (@pboling)
### Changed
- Complete migration to main branch as default (@pboling)
- Complete migration to Gitlab, updating all links, and references in VCS-managed files (@pboling)
-## [2.0.8] - 2022-09-01 ([tag][2.0.8t])
+## [2.0.8] - 2022-09-01
+- TAG: [v2.0.8][2.0.8t]
### Changed
- [!630](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/630) - Extract snaky_hash to external dependency (@pboling)
### Added
- [!631](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/631) - New global configuration option OAuth2.config.silence_extra_tokens_warning (default: false) fixes [#628](https://gitlab.com/oauth-xx/oauth2/-/issues/628)
-## [2.0.7] - 2022-08-22 ([tag][2.0.7t])
+## [2.0.7] - 2022-08-22
+- TAG: [v2.0.7][2.0.7t]
### Added
-[!629](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/629) - Allow POST of JSON to get token (@pboling, @terracatta)
+- [!629](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/629) - Allow POST of JSON to get token (@pboling, @terracatta)
### Fixed
-[!626](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/626) - Fixes a regression in 2.0.6. Will now prefer the key order from the lookup, not the hash keys (@rickselby)
+- [!626](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/626) - Fixes a regression in 2.0.6. Will now prefer the key order from the lookup, not the hash keys (@rickselby)
- Note: This fixes compatibility with `omniauth-oauth2` and AWS
-[!625](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/625) - Fixes the printed version in the post install message (@hasghari)
+- [!625](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/625) - Fixes the printed version in the post install message (@hasghari)
-## [2.0.6] - 2022-07-13 ([tag][2.0.6t])
+## [2.0.6] - 2022-07-13
+- TAG: [v2.0.6][2.0.6t]
### Fixed
-[!624](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/624) - Fixes a [regression](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/623) in v2.0.5, where an error would be raised in refresh_token flows due to (legitimate) lack of access_token (@pboling)
+- [!624](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/624) - Fixes a [regression](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/623) in v2.0.5, where an error would be raised in refresh_token flows due to (legitimate) lack of access_token (@pboling)
-## [2.0.5] - 2022-07-07 ([tag][2.0.5t])
+## [2.0.5] - 2022-07-07
+- TAG: [v2.0.5][2.0.5t]
### Fixed
-[!620](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/620) - Documentation improvements, to help with upgrading (@swanson)
-[!621](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/621) - Fixed [#528](https://gitlab.com/oauth-xx/oauth2/-/issues/528) and [#619](https://gitlab.com/oauth-xx/oauth2/-/issues/619) (@pboling)
+- [!620](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/620) - Documentation improvements, to help with upgrading (@swanson)
+- [!621](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/621) - Fixed [#528](https://gitlab.com/oauth-xx/oauth2/-/issues/528) and [#619](https://gitlab.com/oauth-xx/oauth2/-/issues/619) (@pboling)
- All data in responses is now returned, with the access token removed and set as `token`
- `refresh_token` is no longer dropped
- **BREAKING**: Microsoft's `id_token` is no longer left as `access_token['id_token']`, but moved to the standard `access_token.token` that all other strategies use
- Remove `parse` and `snaky` from options so they don't get included in response
- There is now 100% test coverage, for lines _and_ branches, and it will stay that way.
-## [2.0.4] - 2022-07-01 ([tag][2.0.4t])
+## [2.0.4] - 2022-07-01
+- TAG: [v2.0.4][2.0.4t]
### Fixed
-[!618](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/618) - In some scenarios the `snaky` option default value was not applied (@pboling)
+- [!618](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/618) - In some scenarios the `snaky` option default value was not applied (@pboling)
-## [2.0.3] - 2022-06-28 ([tag][2.0.3t])
+## [2.0.3] - 2022-06-28
+- TAG: [v2.0.3][2.0.3t]
### Added
-[!611](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/611) - Proper deprecation warnings for `extract_access_token` argument (@pboling)
-[!612](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/612) - Add `snaky: false` option to skip conversion to `OAuth2::SnakyHash` (default: true) (@pboling)
+- [!611](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/611) - Proper deprecation warnings for `extract_access_token` argument (@pboling)
+- [!612](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/612) - Add `snaky: false` option to skip conversion to `OAuth2::SnakyHash` (default: true) (@pboling)
### Fixed
-[!608](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/608) - Wrap `Faraday::TimeoutError` in `OAuth2::TimeoutError` (@nbibler)
-[!615](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/615) - Fix support for requests with blocks, see `Faraday::Connection#run_request` (@pboling)
+- [!608](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/608) - Wrap `Faraday::TimeoutError` in `OAuth2::TimeoutError` (@nbibler)
+- [!615](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/615) - Fix support for requests with blocks, see `Faraday::Connection#run_request` (@pboling)
-## [2.0.2] - 2022-06-24 ([tag][2.0.2t])
+## [2.0.2] - 2022-06-24
+- TAG: [v2.0.2][2.0.2t]
### Fixed
-[!604](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/604) - Wrap `Faraday::TimeoutError` in `OAuth2::TimeoutError` (@stanhu)
-[!606](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/606) - Ruby 2.7 deprecation warning fix: Move `access_token_class` parameter into `Client` constructor (@stanhu)
-[!607](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/607) - CHANGELOG correction, reference to `OAuth2::ConnectionError` (@zavan)
+- [!604](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/604) - Wrap `Faraday::TimeoutError` in `OAuth2::TimeoutError` (@stanhu)
+- [!606](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/606) - Ruby 2.7 deprecation warning fix: Move `access_token_class` parameter into `Client` constructor (@stanhu)
+- [!607](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/607) - CHANGELOG correction, reference to `OAuth2::ConnectionError` (@zavan)
-## [2.0.1] - 2022-06-22 ([tag][2.0.1t])
+## [2.0.1] - 2022-06-22
+- TAG: [v2.0.1][2.0.1t]
### Added
- Documentation improvements (@pboling)
- Increased test coverage to 99% (@pboling)
-## [2.0.0] - 2022-06-21 ([tag][2.0.0t])
+## [2.0.0] - 2022-06-21
+- TAG: [v2.0.0][2.0.0t]
### Added
-[!158](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/158), [!344](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/344) - Optionally pass raw response to parsers (@niels)
-[!190](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/190), [!332](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/332), [!334](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/334), [!335](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/335), [!360](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/360), [!426](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/426), [!427](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/427), [!461](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/461) - Documentation (@josephpage, @pboling, @meganemura, @joshRpowell, @elliotcm)
-[!220](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/220) - Support IETF rfc7523 JWT Bearer Tokens Draft 04+ (@jhmoore)
-[!298](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/298) - Set the response object on the access token on Client#get_token for debugging (@cpetschnig)
-[!305](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/305) - Option: `OAuth2::Client#get_token` - `:access_token_class` (`AccessToken`); user specified class to use for all calls to `get_token` (@styd)
-[!346](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/571) - Modern gem structure (@pboling)
-[!351](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/351) - Support Jruby 9k (@pboling)
-[!362](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/362) - Support SemVer release version scheme (@pboling)
-[!363](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/363) - New method `OAuth2::AccessToken#refresh!` same as old `refresh`, with backwards compatibility alias (@pboling)
-[!364](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/364) - Support `application/hal+json` format (@pboling)
-[!365](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/365) - Support `application/vnd.collection+json` format (@pboling)
-[!376](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/376) - _Documentation_: Example / Test for Google 2-legged JWT (@jhmoore)
-[!381](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/381) - Spec for extra header params on client credentials (@nikz)
-[!394](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/394) - Option: `OAuth2::AccessToken#initialize` - `:expires_latency` (`nil`); number of seconds by which AccessToken validity will be reduced to offset latency (@klippx)
-[!412](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/412) - Support `application/vdn.api+json` format (from jsonapi.org) (@david-christensen)
-[!413](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/413) - _Documentation_: License scan and report (@meganemura)
-[!442](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/442) - Option: `OAuth2::Client#initialize` - `:logger` (`::Logger.new($stdout)`) logger to use when OAUTH_DEBUG is enabled (for parity with `1-4-stable` branch) (@rthbound)
-[!494](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/494) - Support [OIDC 1.0 Private Key JWT](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication); based on the OAuth JWT assertion specification [(RFC 7523)](https://tools.ietf.org/html/rfc7523) (@SteveyblamWork)
-[!549](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/549) - Wrap `Faraday::ConnectionFailed` in `OAuth2::ConnectionError` (@nikkypx)
-[!550](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/550) - Raise error if location header not present when redirecting (@stanhu)
-[!552](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/552) - Add missing `version.rb` require (@ahorek)
-[!553](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/553) - Support `application/problem+json` format (@janz93)
-[!560](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/560) - Support IETF rfc6749, section 2.3.1 - don't set auth params when `nil` (@bouk)
-[!571](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/571) - Support Ruby 3.1 (@pboling)
-[!575](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/575) - Support IETF rfc7231, section 7.1.2 - relative location in redirect (@pboling)
-[!581](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/581) - _Documentation_: of breaking changes (@pboling)
+- [!158](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/158), [!344](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/344) - Optionally pass raw response to parsers (@niels)
+- [!190](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/190), [!332](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/332), [!334](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/334), [!335](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/335), [!360](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/360), [!426](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/426), [!427](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/427), [!461](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/461) - Documentation (@josephpage, @pboling, @meganemura, @joshRpowell, @elliotcm)
+- [!220](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/220) - Support IETF rfc7523 JWT Bearer Tokens Draft 04+ (@jhmoore)
+- [!298](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/298) - Set the response object on the access token on Client#get_token for debugging (@cpetschnig)
+- [!305](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/305) - Option: `OAuth2::Client#get_token` - `:access_token_class` (`AccessToken`); user specified class to use for all calls to `get_token` (@styd)
+- [!346](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/571) - Modern gem structure (@pboling)
+- [!351](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/351) - Support Jruby 9k (@pboling)
+- [!362](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/362) - Support SemVer release version scheme (@pboling)
+- [!363](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/363) - New method `OAuth2::AccessToken#refresh!` same as old `refresh`, with backwards compatibility alias (@pboling)
+- [!364](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/364) - Support `application/hal+json` format (@pboling)
+- [!365](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/365) - Support `application/vnd.collection+json` format (@pboling)
+- [!376](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/376) - _Documentation_: Example / Test for Google 2-legged JWT (@jhmoore)
+- [!381](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/381) - Spec for extra header params on client credentials (@nikz)
+- [!394](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/394) - Option: `OAuth2::AccessToken#initialize` - `:expires_latency` (`nil`); number of seconds by which AccessToken validity will be reduced to offset latency (@klippx)
+- [!412](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/412) - Support `application/vdn.api+json` format (from jsonapi.org) (@david-christensen)
+- [!413](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/413) - _Documentation_: License scan and report (@meganemura)
+- [!442](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/442) - Option: `OAuth2::Client#initialize` - `:logger` (`::Logger.new($stdout)`) logger to use when OAUTH_DEBUG is enabled (for parity with `1-4-stable` branch) (@rthbound)
+- [!494](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/494) - Support [OIDC 1.0 Private Key JWT](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication); based on the OAuth JWT assertion specification [(RFC 7523)](https://tools.ietf.org/html/rfc7523) (@SteveyblamWork)
+- [!549](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/549) - Wrap `Faraday::ConnectionFailed` in `OAuth2::ConnectionError` (@nikkypx)
+- [!550](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/550) - Raise error if location header not present when redirecting (@stanhu)
+- [!552](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/552) - Add missing `version.rb` require (@ahorek)
+- [!553](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/553) - Support `application/problem+json` format (@janz93)
+- [!560](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/560) - Support IETF rfc6749, section 2.3.1 - don't set auth params when `nil` (@bouk)
+- [!571](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/571) - Support Ruby 3.1 (@pboling)
+- [!575](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/575) - Support IETF rfc7231, section 7.1.2 - relative location in redirect (@pboling)
+- [!581](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/581) - _Documentation_: of breaking changes (@pboling)
### Changed
-[!191](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/191) - **BREAKING**: Token is expired if `expired_at` time is `now` (@davestevens)
-[!312](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/312) - **BREAKING**: Set `:basic_auth` as default for `:auth_scheme` instead of `:request_body`. This was default behavior before 1.3.0. (@tetsuya, @wy193777)
-[!317](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/317) - _Dependency_: Upgrade `jwt` to 2.x.x (@travisofthenorth)
-[!338](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/338) - _Dependency_: Switch from `Rack::Utils.escape` to `CGI.escape` (@josephpage)
-[!339](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/339), [!368](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/368), [!424](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/424), [!479](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/479), [!493](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/493), [!539](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/539), [!542](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/542), [!553](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/553) - CI Updates, code coverage, linting, spelling, type fixes, New VERSION constant (@pboling, @josephpage, @ahorek)
-[!410](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/410) - **BREAKING**: Removed the ability to call .error from an OAuth2::Response object (@jhmoore)
-[!414](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/414) - Use Base64.strict_encode64 instead of custom internal logic (@meganemura)
-[!469](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/469) - **BREAKING**: Default value for option `OAuth2::Client` - `:authorize_url` removed leading slash to work with relative paths by default (`'oauth/authorize'`) (@ghost)
-[!469](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/469) - **BREAKING**: Default value for option `OAuth2::Client` - `:token_url` removed leading slash to work with relative paths by default (`'oauth/token'`) (@ghost)
-[!507](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/507), [!575](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/575) - **BREAKING**: Transform keys to snake case, always, by default (ultimately via `rash_alt` gem)
+- [!191](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/191) - **BREAKING**: Token is expired if `expired_at` time is `now` (@davestevens)
+- [!312](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/312) - **BREAKING**: Set `:basic_auth` as default for `:auth_scheme` instead of `:request_body`. This was default behavior before 1.3.0. (@tetsuya, @wy193777)
+- [!317](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/317) - _Dependency_: Upgrade `jwt` to 2.x.x (@travisofthenorth)
+- [!338](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/338) - _Dependency_: Switch from `Rack::Utils.escape` to `CGI.escape` (@josephpage)
+- [!339](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/339), [!368](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/368), [!424](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/424), [!479](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/479), [!493](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/493), [!539](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/539), [!542](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/542), [!553](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/553) - CI Updates, code coverage, linting, spelling, type fixes, New VERSION constant (@pboling, @josephpage, @ahorek)
+- [!410](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/410) - **BREAKING**: Removed the ability to call .error from an OAuth2::Response object (@jhmoore)
+- [!414](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/414) - Use Base64.strict_encode64 instead of custom internal logic (@meganemura)
+- [!469](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/469) - **BREAKING**: Default value for option `OAuth2::Client` - `:authorize_url` removed leading slash to work with relative paths by default (`'oauth/authorize'`) (@ghost)
+- [!469](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/469) - **BREAKING**: Default value for option `OAuth2::Client` - `:token_url` removed leading slash to work with relative paths by default (`'oauth/token'`) (@ghost)
+- [!507](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/507), [!575](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/575) - **BREAKING**: Transform keys to snake case, always, by default (ultimately via `rash_alt` gem)
- Original keys will still work as previously, in most scenarios, thanks to `rash_alt` gem.
- However, this is a _breaking_ change if you rely on `response.parsed.to_h`, as the keys in the result will be snake case.
- As of version 2.0.4 you can turn key transformation off with the `snaky: false` option.
-[!576](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/576) - **BREAKING**: Stop rescuing parsing errors (@pboling)
-[!591](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/576) - _DEPRECATION_: `OAuth2::Client` - `:extract_access_token` option is deprecated
+- [!576](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/576) - **BREAKING**: Stop rescuing parsing errors (@pboling)
+- [!591](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/576) - _DEPRECATION_: `OAuth2::Client` - `:extract_access_token` option is deprecated
### Fixed
-[!158](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/158), [!344](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/344) - Handling of errors when using `omniauth-facebook` (@niels)
-[!294](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/294) - Fix: "Unexpected middleware set" issue with Faraday when `OAUTH_DEBUG=true` (@spectator, @gafrom)
-[!300](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/300) - _Documentation_: `Oauth2::Error` - Error codes are strings, not symbols (@NobodysNightmare)
-[!318](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/318), [!326](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/326), [!343](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/343), [!347](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/347), [!397](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/397), [!464](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/464), [!561](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/561), [!565](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/565) - _Dependency_: Support all versions of `faraday` (see [gemfiles/README.md][gemfiles/readme] for compatibility matrix with Ruby engines & versions) (@pboling, @raimondasv, @zacharywelch, @Fudoshiki, @ryogift, @sj26, @jdelStrother)
-[!322](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/322), [!331](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/331), [!337](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/337), [!361](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/361), [!371](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/371), [!377](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/377), [!383](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/383), [!392](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/392), [!395](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/395), [!400](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/400), [!401](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/401), [!403](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/403), [!415](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/415), [!567](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/567) - Updated Rubocop, Rubocop plugins and improved code style (@pboling, @bquorning, @lautis, @spectator)
-[!328](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/328) - _Documentation_: Homepage URL is SSL (@amatsuda)
-[!339](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/339), [!479](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/479) - Update testing infrastructure for all supported Rubies (@pboling and @josephpage)
-[!366](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/366) - **Security**: Fix logging to `$stdout` of request and response bodies via Faraday's logger and `ENV["OAUTH_DEBUG"] == 'true'` (@pboling)
-[!380](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/380) - Fix: Stop attempting to encode non-encodable objects in `Oauth2::Error` (@jhmoore)
-[!399](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/399) - Fix: Stop duplicating `redirect_uri` in `get_token` (@markus)
-[!410](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/410) - Fix: `SystemStackError` caused by circular reference between Error and Response classes (@jhmoore)
-[!460](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/460) - Fix: Stop throwing errors when `raise_errors` is set to `false`; analog of [!524](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/524) for `1-4-stable` branch (@joaolrpaulo)
-[!472](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/472) - **Security**: Add checks to enforce `client_secret` is *never* passed in authorize_url query params for `implicit` and `auth_code` grant types (@dfockler)
-[!482](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/482) - _Documentation_: Update last of `intridea` links to `oauth-xx` (@pboling)
-[!536](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/536) - **Security**: Compatibility with more (and recent) Ruby OpenSSL versions, Github Actions, Rubocop updated, analogous to [!535](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/535) on `1-4-stable` branch (@pboling)
-[!595](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/595) - Graceful handling of empty responses from `Client#get_token`, respecting `:raise_errors` config (@stanhu)
-[!596](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/596) - Consistency between `AccessToken#refresh` and `Client#get_token` named arguments (@stanhu)
-[!598](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/598) - Fix unparseable data not raised as error in `Client#get_token`, respecting `:raise_errors` config (@stanhu)
+- [!158](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/158), [!344](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/344) - Handling of errors when using `omniauth-facebook` (@niels)
+- [!294](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/294) - Fix: "Unexpected middleware set" issue with Faraday when `OAUTH_DEBUG=true` (@spectator, @gafrom)
+- [!300](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/300) - _Documentation_: `Oauth2::Error` - Error codes are strings, not symbols (@NobodysNightmare)
+- [!318](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/318), [!326](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/326), [!343](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/343), [!347](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/347), [!397](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/397), [!464](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/464), [!561](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/561), [!565](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/565) - _Dependency_: Support all versions of `faraday` (see [gemfiles/README.md][gemfiles/readme] for compatibility matrix with Ruby engines & versions) (@pboling, @raimondasv, @zacharywelch, @Fudoshiki, @ryogift, @sj26, @jdelStrother)
+- [!322](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/322), [!331](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/331), [!337](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/337), [!361](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/361), [!371](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/371), [!377](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/377), [!383](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/383), [!392](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/392), [!395](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/395), [!400](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/400), [!401](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/401), [!403](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/403), [!415](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/415), [!567](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/567) - Updated Rubocop, Rubocop plugins and improved code style (@pboling, @bquorning, @lautis, @spectator)
+- [!328](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/328) - _Documentation_: Homepage URL is SSL (@amatsuda)
+- [!339](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/339), [!479](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/479) - Update testing infrastructure for all supported Rubies (@pboling and @josephpage)
+- [!366](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/366) - **Security**: Fix logging to `$stdout` of request and response bodies via Faraday's logger and `ENV["OAUTH_DEBUG"] == 'true'` (@pboling)
+- [!380](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/380) - Fix: Stop attempting to encode non-encodable objects in `Oauth2::Error` (@jhmoore)
+- [!399](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/399) - Fix: Stop duplicating `redirect_uri` in `get_token` (@markus)
+- [!410](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/410) - Fix: `SystemStackError` caused by circular reference between Error and Response classes (@jhmoore)
+- [!460](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/460) - Fix: Stop throwing errors when `raise_errors` is set to `false`; analog of [!524](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/524) for `1-4-stable` branch (@joaolrpaulo)
+- [!472](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/472) - **Security**: Add checks to enforce `client_secret` is *never* passed in authorize_url query params for `implicit` and `auth_code` grant types (@dfockler)
+- [!482](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/482) - _Documentation_: Update last of `intridea` links to `oauth-xx` (@pboling)
+- [!536](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/536) - **Security**: Compatibility with more (and recent) Ruby OpenSSL versions, Github Actions, Rubocop updated, analogous to [!535](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/535) on `1-4-stable` branch (@pboling)
+- [!595](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/595) - Graceful handling of empty responses from `Client#get_token`, respecting `:raise_errors` config (@stanhu)
+- [!596](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/596) - Consistency between `AccessToken#refresh` and `Client#get_token` named arguments (@stanhu)
+- [!598](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/598) - Fix unparseable data not raised as error in `Client#get_token`, respecting `:raise_errors` config (@stanhu)
### Removed
-[!341](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/341) - Remove Rdoc & Jeweler related files (@josephpage)
-[!342](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/342) - **BREAKING**: Dropped support for Ruby 1.8 (@josephpage)
-[!539](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/539) - Remove reliance on globally included OAuth2 in tests, analog of [!538](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/538) for 1-4-stable (@anderscarling)
-[!566](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/566) - _Dependency_: Removed `wwtd` (@bquorning)
-[!589](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/589), [!593](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/593) - Remove support for expired MAC token draft spec (@stanhu)
-[!590](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/590) - _Dependency_: Removed `multi_json` (@stanhu)
-
-## [1.4.11] - 2022-09-16 ([tag][1.4.11t])
+- [!341](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/341) - Remove Rdoc & Jeweler related files (@josephpage)
+- [!342](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/342) - **BREAKING**: Dropped support for Ruby 1.8 (@josephpage)
+- [!539](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/539) - Remove reliance on globally included OAuth2 in tests, analog of [!538](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/538) for 1-4-stable (@anderscarling)
+- [!566](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/566) - _Dependency_: Removed `wwtd` (@bquorning)
+- [!589](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/589), [!593](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/593) - Remove support for expired MAC token draft spec (@stanhu)
+- [!590](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/590) - _Dependency_: Removed `multi_json` (@stanhu)
+
+## [1.4.11] - 2022-09-16
+- TAG: [v1.4.11][1.4.11t]
- Complete migration to main branch as default (@pboling)
- Complete migration to Gitlab, updating all links, and references in VCS-managed files (@pboling)
-## [1.4.10] - 2022-07-01 ([tag][1.4.10t])
+## [1.4.10] - 2022-07-01
+- TAG: [v1.4.10][1.4.10t]
- FIPS Compatibility [!587](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/587) (@akostadinov)
-## [1.4.9] - 2022-02-20 ([tag][1.4.9t])
+## [1.4.9] - 2022-02-20
+- TAG: [v1.4.9][1.4.9t]
- Fixes compatibility with Faraday v2 [572](https://gitlab.com/oauth-xx/oauth2/-/issues/572)
- Includes supported versions of Faraday in test matrix:
- Faraday ~> 2.2.0 with Ruby >= 2.6
@@ -193,50 +216,58 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
- Faraday ~> 0.17.3 with Ruby >= 1.9
- Add Windows and MacOS to test matrix
-## [1.4.8] - 2022-02-18 ([tag][1.4.8t])
+## [1.4.8] - 2022-02-18
+- TAG: [v1.4.8][1.4.8t]
- MFA is now required to push new gem versions (@pboling)
- README overhaul w/ new Ruby Version and Engine compatibility policies (@pboling)
-[!569](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/569) Backport fixes ([!561](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/561) by @ryogift), and add more fixes, to allow faraday 1.x and 2.x (@jrochkind)
+- [!569](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/569) Backport fixes ([!561](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/561) by @ryogift), and add more fixes, to allow faraday 1.x and 2.x (@jrochkind)
- Improve Code Coverage tracking (Coveralls, CodeCov, CodeClimate), and enable branch coverage (@pboling)
- Add CodeQL, Security Policy, Funding info (@pboling)
- Added Ruby 3.1, jruby, jruby-head, truffleruby, truffleruby-head to build matrix (@pboling)
-[!543](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/543) - Support for more modern Open SSL libraries (@pboling)
-
-## [1.4.7] - 2021-03-19 ([tag][1.4.7t])
-[!541](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/541) - Backport fix to expires_at handling [!533](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/533) to 1-4-stable branch. (@dobon)
-
-## [1.4.6] - 2021-03-19 ([tag][1.4.6t])
-[!540](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/540) - Add VERSION constant (@pboling)
-[!537](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/537) - Fix crash in OAuth2::Client#get_token (@anderscarling)
-[!538](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/538) - Remove reliance on globally included OAuth2 in tests, analogous to [!539](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/539) on main branch (@anderscarling)
-
-## [1.4.5] - 2021-03-18 ([tag][1.4.5t])
-[!535](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/535) - Compatibility with range of supported Ruby OpenSSL versions, Rubocop updates, Github Actions, analogous to [!536](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/536) on main branch (@pboling)
-[!518](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/518) - Add extract_access_token option to OAuth2::Client (@jonspalmer)
-[!507](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/507) - Fix camel case content type, response keys (@anvox)
-[!500](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/500) - Fix YARD documentation formatting (@olleolleolle)
-
-## [1.4.4] - 2020-02-12 ([tag][1.4.4t])
-[!408](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/408) - Fixed expires_at for formatted time (@Lomey)
-
-## [1.4.3] - 2020-01-29 ([tag][1.4.3t])
-[!483](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/483) - add project metadata to gemspec (@orien)
-[!495](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/495) - support additional types of access token requests (@SteveyblamFreeagent, @thomcorley, @dgholz)
+- [!543](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/543) - Support for more modern Open SSL libraries (@pboling)
+
+## [1.4.7] - 2021-03-19
+- TAG: [v1.4.7][1.4.7t]
+- [!541](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/541) - Backport fix to expires_at handling [!533](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/533) to 1-4-stable branch. (@dobon)
+
+## [1.4.6] - 2021-03-19
+- TAG: [v1.4.6][1.4.6t]
+- [!540](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/540) - Add VERSION constant (@pboling)
+- [!537](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/537) - Fix crash in OAuth2::Client#get_token (@anderscarling)
+- [!538](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/538) - Remove reliance on globally included OAuth2 in tests, analogous to [!539](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/539) on main branch (@anderscarling)
+
+## [1.4.5] - 2021-03-18
+- TAG: [v1.4.5][1.4.5t]
+- [!535](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/535) - Compatibility with range of supported Ruby OpenSSL versions, Rubocop updates, Github Actions, analogous to [!536](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/536) on main branch (@pboling)
+- [!518](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/518) - Add extract_access_token option to OAuth2::Client (@jonspalmer)
+- [!507](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/507) - Fix camel case content type, response keys (@anvox)
+- [!500](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/500) - Fix YARD documentation formatting (@olleolleolle)
+
+## [1.4.4] - 2020-02-12
+- TAG: [v1.4.4][1.4.4t]
+- [!408](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/408) - Fixed expires_at for formatted time (@Lomey)
+
+## [1.4.3] - 2020-01-29
+- TAG: [v1.4.3][1.4.3t]
+- [!483](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/483) - add project metadata to gemspec (@orien)
+- [!495](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/495) - support additional types of access token requests (@SteveyblamFreeagent, @thomcorley, @dgholz)
- Adds support for private_key_jwt and tls_client_auth
-[!433](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/433) - allow field names with square brackets and numbers in params (@asm256)
+- [!433](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/433) - allow field names with square brackets and numbers in params (@asm256)
-## [1.4.2] - 2019-10-01 ([tag][1.4.2t])
-[!478](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/478) - support latest version of faraday & fix build (@pboling)
+## [1.4.2] - 2019-10-01
+- TAG: [v1.4.2][1.4.2t]
+- [!478](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/478) - support latest version of faraday & fix build (@pboling)
- Officially support Ruby 2.6 and truffleruby
-## [1.4.1] - 2018-10-13 ([tag][1.4.1t])
-[!417](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/417) - update jwt dependency (@thewoolleyman)
-[!419](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/419) - remove rubocop dependency (temporary, added back in [!423](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/423)) (@pboling)
-[!418](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/418) - update faraday dependency (@pboling)
-[!420](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/420) - update [oauth2.gemspec](https://gitlab.com/oauth-xx/oauth2/-/blob/1-4-stable/oauth2.gemspec) (@pboling)
-[!421](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/421) - fix [CHANGELOG.md](https://gitlab.com/oauth-xx/oauth2/-/blob/1-4-stable/CHANGELOG.md) for previous releases (@pboling)
-[!422](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/422) - update [LICENSE](https://gitlab.com/oauth-xx/oauth2/-/blob/1-4-stable/LICENSE) and [README.md](https://gitlab.com/oauth-xx/oauth2/-/blob/1-4-stable/README.md) (@pboling)
-[!423](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/423) - update [builds](https://travis-ci.org/oauth-xx/oauth2/builds), [Rakefile](https://gitlab.com/oauth-xx/oauth2/-/blob/1-4-stable/Rakefile) (@pboling)
+## [1.4.1] - 2018-10-13
+- TAG: [v1.4.1][1.4.1t]
+- [!417](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/417) - update jwt dependency (@thewoolleyman)
+- [!419](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/419) - remove rubocop dependency (temporary, added back in [!423](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/423)) (@pboling)
+- [!418](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/418) - update faraday dependency (@pboling)
+- [!420](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/420) - update [oauth2.gemspec](https://gitlab.com/oauth-xx/oauth2/-/blob/1-4-stable/oauth2.gemspec) (@pboling)
+- [!421](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/421) - fix [CHANGELOG.md](https://gitlab.com/oauth-xx/oauth2/-/blob/1-4-stable/CHANGELOG.md) for previous releases (@pboling)
+- [!422](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/422) - update [LICENSE](https://gitlab.com/oauth-xx/oauth2/-/blob/1-4-stable/LICENSE) and [README.md](https://gitlab.com/oauth-xx/oauth2/-/blob/1-4-stable/README.md) (@pboling)
+- [!423](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/423) - update [builds](https://travis-ci.org/oauth-xx/oauth2/builds), [Rakefile](https://gitlab.com/oauth-xx/oauth2/-/blob/1-4-stable/Rakefile) (@pboling)
- officially document supported Rubies
* Ruby 1.9.3
* Ruby 2.0.0
@@ -255,7 +286,8 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
[jruby-9.1]: https://www.jruby.org/2017/05/16/jruby-9-1-9-0.html
[jruby-9.2]: https://www.jruby.org/2018/05/24/jruby-9-2-0-0.html
-## [1.4.0] - 2017-06-09 ([tag][1.4.0t])
+## [1.4.0] - 2017-06-09
+- TAG: [v1.4.0][1.4.0t]
- Drop Ruby 1.8.7 support (@sferik)
- Fix some RuboCop offenses (@sferik)
- _Dependency_: Remove Yardstick (@sferik)
diff --git a/Gemfile.lock b/Gemfile.lock
index f8762a9b..15e8a76c 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -24,8 +24,9 @@ PATH
remote: .
specs:
oauth2 (2.0.10)
- faraday (>= 0.17.3, < 3.0)
- jwt (>= 1.0, < 3.0)
+ faraday (>= 0.17.3, < 4.0)
+ jwt (>= 1.0, < 4.0)
+ logger (~> 1.2)
multi_xml (~> 0.5)
rack (>= 1.2, < 4)
snaky_hash (~> 2.0)
@@ -98,7 +99,7 @@ GEM
rdoc (>= 4.0.0)
reline (>= 0.4.2)
json (2.12.0)
- jwt (2.10.1)
+ jwt (3.0.0.beta1)
base64
kettle-soup-cover (1.0.6)
simplecov (~> 0.22)
@@ -166,7 +167,7 @@ GEM
ruby_version (~> 1.0)
rspec-stubbed_env (1.0.2)
rspec-support (3.13.3)
- rubocop (1.75.5)
+ rubocop (1.75.6)
json (~> 2.3)
language_server-protocol (~> 3.17.0.2)
lint_roller (~> 1.1.0)
@@ -221,9 +222,9 @@ GEM
ruby-progressbar (1.13.0)
ruby_engine (2.0.3)
ruby_version (1.0.3)
- silent_stream (1.0.10)
- logger (>= 1.4.4)
- version_gem (~> 1.1, >= 1.1.7)
+ silent_stream (1.0.11)
+ logger (~> 1.2)
+ version_gem (>= 1.1.8, < 3)
simplecov (0.22.0)
docile (~> 1.1)
simplecov-html (~> 0.11)
@@ -279,9 +280,9 @@ PLATFORMS
x86_64-linux
DEPENDENCIES
- addressable (>= 2)
+ addressable (~> 2.8, >= 2.8.7)
appraisal!
- backports (>= 3)
+ backports (~> 3.25, >= 3.25.1)
benchmark (~> 0.4)
bundler-audit (~> 0.9.2)
debug (>= 1.0.0)
@@ -289,19 +290,19 @@ DEPENDENCIES
kettle-soup-cover (~> 1.0, >= 1.0.6)
nkf (~> 0.2)
oauth2!
- rake (>= 12)
+ rake (~> 13.0)
rdoc (~> 6.11)
reek (~> 6.4)
- rexml (>= 3)
- rspec (>= 3)
- rspec-block_is_expected
- rspec-pending_for
- rspec-stubbed_env
+ rexml (~> 3.2, >= 3.2.5)
+ rspec (~> 3.13)
+ rspec-block_is_expected (~> 1.0, >= 1.0.6)
+ rspec-pending_for (~> 0.1, >= 0.1.17)
+ rspec-stubbed_env (~> 1.0, >= 1.0.2)
rubocop (~> 1.73, >= 1.73.2)
rubocop-lts (~> 8.1, >= 8.1.1)
rubocop-packaging (~> 0.5, >= 0.5.2)
rubocop-rspec (~> 3.2)
- silent_stream
+ silent_stream (~> 1.0, >= 1.0.11)
standard (~> 1.47)
yard (~> 0.9, >= 0.9.37)
yard-junk (~> 0.0, >= 0.0.10)!
diff --git a/LICENSE.txt b/LICENSE.txt
index 5fd4bd3c..4b47112d 100644
--- a/LICENSE.txt
+++ b/LICENSE.txt
@@ -1,7 +1,7 @@
MIT License
Copyright (c) 2011 - 2013 Michael Bleigh and Intridea, Inc.
-Copyright (c) 2017 - 2022 oauth-xx organization, https://gitlab.com/oauth-xx
+Copyright (c) 2017 - 2025 Peter H. Boling, of RailsBling.com, and OAuth2 contributors
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
diff --git a/README.md b/README.md
index c000f368..edb362d2 100644
--- a/README.md
+++ b/README.md
@@ -7,18 +7,18 @@
-## OAuth2
+## 🔐 OAuth2
[![Version][👽versioni]][👽version]
[![License: MIT][📄license-img]][📄license-ref]
[![Downloads Rank][👽dl-ranki]][👽dl-rank]
[![Open Source Helpers][👽oss-helpi]][👽oss-help]
[![Depfu][🔑depfui♻️]][🔑depfu]
-[![CodeCov Test Coverage][🔑codecovi♻️]][🔑codecov]
[![Coveralls Test Coverage][🔑coveralls-img]][🔑coveralls]
-[![CodeClimate Test Coverage][🔑cc-covi♻️]][🔑cc-cov]
+[![QLTY Test Coverage][🔑cc-covi♻️]][🔑cc-cov]
[![Maintainability][🔑cc-mnti♻️]][🔑cc-mnt]
[![CI Heads][🚎3-hd-wfi]][🚎3-hd-wf]
+[![CI Runtime Dependencies @ HEAD][🚎12-crh-wfi]][🚎12-crh-wf]
[![CI Current][🚎11-c-wfi]][🚎11-c-wf]
[![CI Truffle Ruby][🚎9-t-wfi]][🚎9-t-wf]
[![CI JRuby][🚎10-j-wfi]][🚎10-j-wf]
@@ -43,7 +43,81 @@ OAuth 2.0 focuses on client developer simplicity while providing specific author
desktop applications, mobile phones, and living room devices.
This is a RubyGem for implementing OAuth 2.0 clients (not servers) in Ruby applications.
-Quick example: Convert the following `curl` command into a token request using this gem...
+| Federated [DVCS][💎d-in-dvcs] Repository | Status | Issues | PRs | Wiki | CI | Discussions |
+|-----------------------------------------------|----------------|--------|-----|------|----------------|-------------|
+| 🧪 [oauth-xx/oauth2 on GitLab][📜src-gl] | The Truth | 💚 | 💚 | 💚 | 🏀 Tiny Matrix | ➖ |
+| 🐙 [oauth-xx/oauth2 on GitHub][📜src-gh] | A Dirty Mirror | 💚 | 💚 | ➖ | 💯 Full Matrix | ➖ |
+| 🤼 [OAuth Ruby Google Group][⛳gg-discussions] | "Active" | ➖ | ➖ | ➖ | ➖ | 💚 |
+
+### Upgrading Runtime Gem Dependencies
+
+This project sits underneath a large portion of the authentication systems on the internet.
+According to GitHub's project tracking, which I believe only reports on public projects,
+[100,000+ projects](https://github.com/oauth-xx/oauth2/network/dependents), and
+[500+ packages](https://github.com/oauth-xx/oauth2/network/dependents?dependent_type=PACKAGE) depend on this project.
+
+That means it is painful for the Ruby community when this gem forces updates to its runtime dependencies.
+
+As a result, great care, and a lot of time, have been invested to ensure this gem is working with all the
+leading versions per each minor version of Ruby of all the runtime dependencies it can install with.
+
+What does that mean specifically for the runtime dependencies?
+
+We have 100% test coverage of lines and branches, and this test suite runs across a large matrix
+covering the latest patch for each of the following minor versions:
+
+* MRI Ruby @ v2.3, v2.4, v2.5, v2.6, v2.7, v3.0, v3.1, v3.2, v3.3, v3.4, HEAD
+ * NOTE: This gem will still install on ruby v2.2, but vanilla GitHub Actions no longer supports testing against it, so YMMV.
+* JRuby @ v9.2, v9.3, v9.4, v10.0, HEAD
+* TruffleRuby @ v23.1, v23.2, HEAD
+* gem `faraday` @ v0, v1, v2, HEAD
+* gem `jwt` @ v1, v2, v3, HEAD
+* gem `logger` @ v1.2, v1.5, v1.7, HEAD
+* gem `multi_xml` @ v0.5, v0.6, v0.7, HEAD
+* gem `rack` @ v1.2, v1.6, v2, v3, HEAD
+
+- This gem follows a _strict & correct_ (according to the maintainer of SemVer; [more info][sv-pub-api]) interpretation of SemVer.
+ - Dropping support for **any** of the runtime dependency versions above will be a major version bump.
+ - If you aren't on one of the minor versions above, make getting there a priority.
+- You should upgrade this gem with confidence\*.
+- You should upgrade the dependencies of this gem with confidence\*.
+- Please do upgrade, and then, when it goes smooth as butter [please sponsor me][🖇sponsor]. Thanks!
+
+If you are thinking, "that list is missing two runtime dependencies", you are correct!
+Both of them were extracted from this gem. They are part of the `oauth-xx` org,
+and are developed in tight collaboration with this gem, so not much more needs to be said about them.
+
+* gem `snaky_hash` - https://gitlab.com/oauth-xx/snaky_hash
+* gem `version_gem` - https://gitlab.com/oauth-xx/version_gem
+
+[sv-pub-api]: #-is-platform-support-part-of-the-public-api
+
+\* MIT license; I am unable to make guarantees.
+
+| 🚚 Test matrix brought to you by | 🔎 appraisal++ |
+|----------------------------------|-------------------------------------------------------------------------|
+| Adds back support for old Rubies | ✨ [appraisal PR #250](https://github.com/thoughtbot/appraisal/pull/250) |
+| Adds support for `eval_gemfile` | ✨ [appraisal PR #248](https://github.com/thoughtbot/appraisal/pull/248) |
+| Please review | my PRs! |
+
+
+ Standard Library Dependencies
+
+The various versions of each are tested via the Ruby test matrix, along with whatever Ruby includes them.
+
+* base64
+* cgi
+* json
+* time
+* logger (removed from stdlib in Ruby 3.5 so added as runtime dependency in v2.0.10)
+
+If you use a gem version it should work fine!
+
+
+
+### Quick Usage Example for AI and Copy / Pasting
+
+Convert the following `curl` command into a token request using this gem...
```shell
curl --request POST \
@@ -55,7 +129,7 @@ curl --request POST \
--data resource=REDMOND_RESOURCE_UUID
```
-NOTE: In the ruby version, certain params go in the get_token call, rather than in the client creation.
+NOTE: In the ruby version below, certain params are passed to the `get_token` call, instead of the client creation.
```ruby
OAuth2::Client.new(
@@ -71,7 +145,8 @@ OAuth2::Client.new(
NOTE: `header` - The content type specified in the `curl` is already the default!
-## 💡 Info you can shake a stick at
+If any of the above makes you uncomfortable, you may be in the wrong place.
+One of these might be what you are looking for:
* [OAuth 2.0 Spec][oauth2-spec]
* [doorkeeper gem][doorkeeper-gem] for OAuth 2.0 server/provider implementation.
@@ -81,10 +156,12 @@ NOTE: `header` - The content type specified in the `curl` is already the default
[sibling-gem]: https://gitlab.com/oauth-xx/oauth
[doorkeeper-gem]: https://github.com/doorkeeper-gem/doorkeeper
+## 💡 Info you can shake a stick at
+
| Tokens to Remember | [![Gem name][⛳️name-img]][⛳️gem-name] [![Gem namespace][⛳️namespace-img]][⛳️gem-namespace] |
|-------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Works with JRuby | [![JRuby 9.2 Compat][💎jruby-9.2i]][🚎10-j-wf] [![JRuby 9.3 Compat][💎jruby-9.3i]][🚎10-j-wf] [![JRuby 9.4 Compat][💎jruby-9.4i]][🚎10-j-wf] [![JRuby 10.0 Compat][💎jruby-c-i]][🚎11-c-wf] [![JRuby HEAD Compat][💎jruby-headi]][🚎3-hd-wf] |
-| Works with Truffle Ruby | [![Truffle Ruby 23.1 Compat][💎truby-23.1i]][🚎9-t-wf] [![Truffle Ruby 24.1 Compat][💎truby-c-i]][🚎11-c-wf] [![Truffle Ruby HEAD Compat][💎truby-headi]][🚎3-hd-wf] |
+| Works with JRuby | [![JRuby 9.2 Compat][💎jruby-9.2i]][🚎10-j-wf] [![JRuby 9.3 Compat][💎jruby-9.3i]][🚎10-j-wf] [![JRuby 9.4 Compat][💎jruby-9.4i]][🚎10-j-wf] [![JRuby 10.0 Compat][💎jruby-c-i]][🚎11-c-wf] [![JRuby HEAD Compat][💎jruby-headi]][🚎3-hd-wf] |
+| Works with Truffle Ruby | [![Truffle Ruby 23.1 Compat][💎truby-23.1i]][🚎9-t-wf] [![Truffle Ruby 24.1 Compat][💎truby-c-i]][🚎11-c-wf] [![Truffle Ruby HEAD Compat][💎truby-headi]][🚎3-hd-wf] |
| Works with MRI Ruby 3 | [![Ruby 3.0 Compat][💎ruby-3.0i]][🚎4-lg-wf] [![Ruby 3.1 Compat][💎ruby-3.1i]][🚎6-s-wf] [![Ruby 3.2 Compat][💎ruby-3.2i]][🚎6-s-wf] [![Ruby 3.3 Compat][💎ruby-3.3i]][🚎6-s-wf] [![Ruby 3.4 Compat][💎ruby-c-i]][🚎11-c-wf] [![Ruby HEAD Compat][💎ruby-headi]][🚎3-hd-wf] |
| Works with MRI Ruby 2 | [![Ruby 2.3 Compat][💎ruby-2.3i]][🚎1-an-wf] [![Ruby 2.4 Compat][💎ruby-2.4i]][🚎1-an-wf] [![Ruby 2.5 Compat][💎ruby-2.5i]][🚎1-an-wf] [![Ruby 2.6 Compat][💎ruby-2.6i]][🚎7-us-wf] [![Ruby 2.7 Compat][💎ruby-2.7i]][🚎7-us-wf] |
| Source | [![Source on GitLab.com][📜src-gl-img]][📜src-gl] [![Source on CodeBerg.org][📜src-cb-img]][📜src-cb] [![Source on Github.com][📜src-gh-img]][📜src-gh] [![The best SHA: dQw4w9WgXcQ!][🧮kloc-img]][🧮kloc] |
@@ -100,44 +177,94 @@ NOTE: `header` - The content type specified in the `curl` is already the default
### Version 2.0.x
- 2.0.x Readmes
-
-| Version | Release Date | Readme |
-|---------|--------------|-------------------------------------------------------------|
-| 2.0.10 | 2025-05-16 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.10/README.md |
-| 2.0.9 | 2022-09-16 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.9/README.md |
-| 2.0.8 | 2022-09-01 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.8/README.md |
-| 2.0.7 | 2022-08-22 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.7/README.md |
-| 2.0.6 | 2022-07-13 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.6/README.md |
-| 2.0.5 | 2022-07-07 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.5/README.md |
-| 2.0.4 | 2022-07-01 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.4/README.md |
-| 2.0.3 | 2022-06-28 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.3/README.md |
-| 2.0.2 | 2022-06-24 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.2/README.md |
-| 2.0.1 | 2022-06-22 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.1/README.md |
-| 2.0.0 | 2022-06-21 | https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.0/README.md |
+ 2.0.x CHANGELOGs and READMEs
+
+| Version | Release Date | CHANGELOG | README |
+|---------|--------------|---------------------------------------|---------------------------------|
+| 2.0.10 | 2025-05-16 | [v2.0.10 CHANGELOG][2.0.10-changelog] | [v2.0.10 README][2.0.10-readme] |
+| 2.0.9 | 2022-09-16 | [v2.0.9 CHANGELOG][2.0.9-changelog] | [v2.0.9 README][2.0.9-readme] |
+| 2.0.8 | 2022-09-01 | [v2.0.8 CHANGELOG][2.0.8-changelog] | [v2.0.8 README][2.0.8-readme] |
+| 2.0.7 | 2022-08-22 | [v2.0.7 CHANGELOG][2.0.7-changelog] | [v2.0.7 README][2.0.7-readme] |
+| 2.0.6 | 2022-07-13 | [v2.0.6 CHANGELOG][2.0.6-changelog] | [v2.0.6 README][2.0.6-readme] |
+| 2.0.5 | 2022-07-07 | [v2.0.5 CHANGELOG][2.0.5-changelog] | [v2.0.5 README][2.0.5-readme] |
+| 2.0.4 | 2022-07-01 | [v2.0.4 CHANGELOG][2.0.4-changelog] | [v2.0.4 README][2.0.4-readme] |
+| 2.0.3 | 2022-06-28 | [v2.0.3 CHANGELOG][2.0.3-changelog] | [v2.0.3 README][2.0.3-readme] |
+| 2.0.2 | 2022-06-24 | [v2.0.2 CHANGELOG][2.0.2-changelog] | [v2.0.2 README][2.0.2-readme] |
+| 2.0.1 | 2022-06-22 | [v2.0.1 CHANGELOG][2.0.1-changelog] | [v2.0.1 README][2.0.1-readme] |
+| 2.0.0 | 2022-06-21 | [v2.0.0 CHANGELOG][2.0.0-changelog] | [v2.0.0 README][2.0.0-readme] |
+[2.0.10-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#2010---2025-05-16
+[2.0.9-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#209---2022-09-16
+[2.0.8-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#208---2022-09-01
+[2.0.7-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#207---2022-08-22
+[2.0.6-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#206---2022-07-13
+[2.0.5-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#205---2022-07-07
+[2.0.4-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#204---2022-07-01
+[2.0.3-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#203---2022-06-28
+[2.0.2-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#202---2022-06-24
+[2.0.1-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#201---2022-06-22
+[2.0.0-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#200---2022-06-21
+
+[2.0.10-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.10/README.md
+[2.0.9-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.9/README.md
+[2.0.8-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.8/README.md
+[2.0.7-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.7/README.md
+[2.0.6-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.6/README.md
+[2.0.5-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.5/README.md
+[2.0.4-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.4/README.md
+[2.0.3-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.3/README.md
+[2.0.2-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.2/README.md
+[2.0.1-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.1/README.md
+[2.0.0-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v2.0.0/README.md
+
### Older Releases
- 1.4.x Readmes
-
-| Version | Release Date | Readme |
-|---------|--------------|-------------------------------------------------------------|
-| 1.4.11 | Sep 16, 2022 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.11/README.md |
-| 1.4.10 | Jul 1, 2022 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.10/README.md |
-| 1.4.9 | Feb 20, 2022 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.9/README.md |
-| 1.4.8 | Feb 18, 2022 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.8/README.md |
-| 1.4.7 | Mar 19, 2021 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.7/README.md |
-| 1.4.6 | Mar 19, 2021 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.6/README.md |
-| 1.4.5 | Mar 18, 2021 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.5/README.md |
-| 1.4.4 | Feb 12, 2020 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.4/README.md |
-| 1.4.3 | Jan 29, 2020 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.3/README.md |
-| 1.4.2 | Oct 1, 2019 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.2/README.md |
-| 1.4.1 | Oct 13, 2018 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.1/README.md |
-| 1.4.0 | Jun 9, 2017 | https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.0/README.md |
+ 1.4.x CHANGELOGs and READMEs
+
+| Version | Release Date | CHANGELOG | README |
+|---------|--------------|---------------------------------------|---------------------------------|
+| 1.4.11 | Sep 16, 2022 | [v1.4.11 CHANGELOG][1.4.11-changelog] | [v1.4.11 README][1.4.11-readme] |
+| 1.4.10 | Jul 1, 2022 | [v1.4.10 CHANGELOG][1.4.10-changelog] | [v1.4.10 README][1.4.10-readme] |
+| 1.4.9 | Feb 20, 2022 | [v1.4.9 CHANGELOG][1.4.9-changelog] | [v1.4.9 README][1.4.9-readme] |
+| 1.4.8 | Feb 18, 2022 | [v1.4.8 CHANGELOG][1.4.8-changelog] | [v1.4.8 README][1.4.8-readme] |
+| 1.4.7 | Mar 19, 2021 | [v1.4.7 CHANGELOG][1.4.7-changelog] | [v1.4.7 README][1.4.7-readme] |
+| 1.4.6 | Mar 19, 2021 | [v1.4.6 CHANGELOG][1.4.6-changelog] | [v1.4.6 README][1.4.6-readme] |
+| 1.4.5 | Mar 18, 2021 | [v1.4.5 CHANGELOG][1.4.5-changelog] | [v1.4.5 README][1.4.5-readme] |
+| 1.4.4 | Feb 12, 2020 | [v1.4.4 CHANGELOG][1.4.4-changelog] | [v1.4.4 README][1.4.4-readme] |
+| 1.4.3 | Jan 29, 2020 | [v1.4.3 CHANGELOG][1.4.3-changelog] | [v1.4.3 README][1.4.3-readme] |
+| 1.4.2 | Oct 1, 2019 | [v1.4.2 CHANGELOG][1.4.2-changelog] | [v1.4.2 README][1.4.2-readme] |
+| 1.4.1 | Oct 13, 2018 | [v1.4.1 CHANGELOG][1.4.1-changelog] | [v1.4.1 README][1.4.1-readme] |
+| 1.4.0 | Jun 9, 2017 | [v1.4.0 CHANGELOG][1.4.0-changelog] | [v1.4.0 README][1.4.0-readme] |
+[1.4.11-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#1411---2022-09-16
+[1.4.10-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#1410---2022-07-01
+[1.4.9-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#149---2022-02-20
+[1.4.8-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#148---2022-02-18
+[1.4.7-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#147---2021-03-19
+[1.4.6-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#146---2021-03-19
+[1.4.5-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#145---2021-03-18
+[1.4.4-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#144---2020-02-12
+[1.4.3-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#143---2020-01-29
+[1.4.2-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#142---2019-10-01
+[1.4.1-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#141---2018-10-13
+[1.4.0-changelog]: https://gitlab.com/oauth-xx/oauth2/-/blob/main/CHANGELOG.md?ref_type=heads#140---2017-06-09
+
+[1.4.11-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.11/README.md
+[1.4.10-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.10/README.md
+[1.4.9-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.9/README.md
+[1.4.8-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.8/README.md
+[1.4.7-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.7/README.md
+[1.4.6-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.6/README.md
+[1.4.5-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.5/README.md
+[1.4.4-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.4/README.md
+[1.4.3-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.3/README.md
+[1.4.2-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.2/README.md
+[1.4.1-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.1/README.md
+[1.4.0-readme]: https://gitlab.com/oauth-xx/oauth2/-/blob/v1.4.0/README.md
+
1.3.x Readmes
@@ -202,7 +329,7 @@ NOTE: Be prepared to track down certs for signed gems and add them the same way
Available as part of the Tidelift Subscription.
-The maintainers of OAuth2 and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. [Learn more.][tidelift-ref]
+The maintainers of this and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source packages you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact packages you use. [Learn more.][tidelift-ref]
[tidelift-ref]: https://tidelift.com/subscription/pkg/rubygems-oauth2?utm_source=rubygems-oauth2&utm_medium=referral&utm_campaign=enterprise
@@ -504,7 +631,8 @@ See [CONTRIBUTING.md][🤝contributing] for more detailed instructions.
### Code Coverage
-[![Coverage Graph][🔑codecov-g♻️]][🔑codecov]
+[![Coveralls Test Coverage][🔑coveralls-img]][🔑coveralls]
+[![QLTY Test Coverage][🔑cc-covi♻️]][🔑cc-cov]
### 🪇 Code of Conduct
@@ -561,7 +689,7 @@ the [Pessimistic Version Constraint][📌pvc] with two digits of precision.
For example:
```ruby
-spec.add_dependency("oauth2", "~> 1.0")
+spec.add_dependency("oauth2", "~> 2.0")
```
See [CHANGELOG.md][📌changelog] for list of releases.
@@ -572,7 +700,6 @@ The gem is available as open source under the terms of
the [MIT License][📄license] [![License: MIT][📄license-img]][📄license-ref].
See [LICENSE.txt][📄license] for the official [Copyright Notice][📄copyright-notice-explainer].
-
[![FOSSA Status][fossa2-img])][fossa2]
[fossa2]: https://app.fossa.io/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2?ref=badge_large
@@ -668,7 +795,7 @@ or one of the others at the head of this README.
[🔑cc-cov]: https://qlty.sh/gh/oauth-xx/projects/oauth2
[🔑cc-covi♻️]: https://qlty.sh/badges/d3370c2c-8791-4202-9759-76f527f76005/test_coverage.svg
[🔑codecov]: https://codecov.io/gh/oauth-xx/oauth2
-[🔑codecovi♻️]: https://codecov.io/gh/oauth-xx/oauth2/branch/main/graph/badge.svg?token=bNqSzNiuo2
+[🔑codecovi♻️]: https://codecov.io/gh/oauth-xx/oauth2/graph/badge.svg?token=bNqSzNiuo2
[🔑coveralls]: https://coveralls.io/github/oauth-xx/oauth2?branch=main
[🔑coveralls-img]: https://coveralls.io/repos/github/oauth-xx/oauth2/badge.svg?branch=main
[🔑depfu]: https://depfu.com/github/oauth-xx/oauth2?project_id=5884
@@ -697,6 +824,8 @@ or one of the others at the head of this README.
[🚎10-j-wfi]: https://github.com/oauth-xx/oauth2/actions/workflows/jruby.yml/badge.svg
[🚎11-c-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/current.yml
[🚎11-c-wfi]: https://github.com/oauth-xx/oauth2/actions/workflows/current.yml/badge.svg
+[🚎12-crh-wf]: https://github.com/oauth-xx/oauth2/actions/workflows/current-runtime-heads.yml
+[🚎12-crh-wfi]: https://github.com/oauth-xx/oauth2/actions/workflows/current-runtime-heads.yml/badge.svg
[⛳liberapay-img]: https://img.shields.io/liberapay/goal/pboling.svg?logo=liberapay
[⛳liberapay]: https://liberapay.com/pboling/donate
[🖇sponsor-img]: https://img.shields.io/badge/Sponsor_Me!-pboling.svg?style=social&logo=github
@@ -753,7 +882,7 @@ or one of the others at the head of this README.
[📌gitmoji]:https://gitmoji.dev
[📌gitmoji-img]:https://img.shields.io/badge/gitmoji-%20😜%20😍-FFDD67.svg?style=flat-square
[🧮kloc]: https://www.youtube.com/watch?v=dQw4w9WgXcQ
-[🧮kloc-img]: https://img.shields.io/badge/KLOC-0.073-FFDD67.svg?style=for-the-badge&logo=YouTube&logoColor=blue
+[🧮kloc-img]: https://img.shields.io/badge/KLOC-0.518-FFDD67.svg?style=for-the-badge&logo=YouTube&logoColor=blue
[🔐security]: SECURITY.md
[🔐security-img]: https://img.shields.io/badge/security-policy-brightgreen.svg?style=flat
[📄copyright-notice-explainer]: https://opensource.stackexchange.com/questions/5778/why-do-licenses-such-as-the-mit-license-specify-a-single-year
@@ -770,6 +899,7 @@ or one of the others at the head of this README.
[💎rlts-img]: https://img.shields.io/badge/code_style-rubocop--lts-brightgreen.svg?plastic&logo=ruby&logoColor=white
[🏘fossa]: https://app.fossa.io/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2?ref=badge_shield
[🏘fossa-img]: https://app.fossa.io/api/projects/git%2Bgithub.com%2Foauth-xx%2Foauth2.svg?type=shield
+[💎d-in-dvcs]: https://railsbling.com/posts/dvcs/put_the_d_in_dvcs/
@@ -779,3 +909,14 @@ or one of the others at the head of this README.
+
+
+ Deprecated Badges
+
+CodeCov currently fails to parse the coverage upload.
+
+[![CodeCov Test Coverage][🔑codecovi♻️]][🔑codecov]
+
+[![Coverage Graph][🔑codecov-g♻️]][🔑codecov]
+
+
\ No newline at end of file
diff --git a/REEK b/REEK
new file mode 100644
index 00000000..c95a8e4b
--- /dev/null
+++ b/REEK
@@ -0,0 +1,128 @@
+spec/oauth2/access_token_spec.rb -- 1 warning:
+ [292, 293]:DuplicateMethodCall: assert_initialized_token calls 'target.params' 2 times [https://github.com/troessner/reek/blob/v6.5.0/docs/Duplicate-Method-Call.md]
+spec/oauth2/client_spec.rb -- 3 warnings:
+ [1075]:UnusedParameters: initialize has unused parameter 'client' [https://github.com/troessner/reek/blob/v6.5.0/docs/Unused-Parameters.md]
+ [1075]:UnusedParameters: initialize has unused parameter 'hash' [https://github.com/troessner/reek/blob/v6.5.0/docs/Unused-Parameters.md]
+ [1211]:UtilityFunction: stubbed_client doesn't depend on instance state (maybe move it to another class?) [https://github.com/troessner/reek/blob/v6.5.0/docs/Utility-Function.md]
+spec/oauth2/error_spec.rb -- 3 warnings:
+ [10]:IrresponsibleModule: XmledString has no descriptive comment [https://github.com/troessner/reek/blob/v6.5.0/docs/Irresponsible-Module.md]
+ [4]:SubclassedFromCoreClass: StirredHash inherits from core class 'Hash' [https://github.com/troessner/reek/blob/v6.5.0/docs/Subclassed-From-Core-Class.md]
+ [10]:SubclassedFromCoreClass: XmledString inherits from core class 'String' [https://github.com/troessner/reek/blob/v6.5.0/docs/Subclassed-From-Core-Class.md]
+lib/oauth2/access_token.rb -- 24 warnings:
+ [12]:Attribute: OAuth2::AccessToken#options is a writable attribute [https://github.com/troessner/reek/blob/v6.5.0/docs/Attribute.md]
+ [12]:Attribute: OAuth2::AccessToken#refresh_token is a writable attribute [https://github.com/troessner/reek/blob/v6.5.0/docs/Attribute.md]
+ [12]:Attribute: OAuth2::AccessToken#response is a writable attribute [https://github.com/troessner/reek/blob/v6.5.0/docs/Attribute.md]
+ [302, 310, 317, 324, 331, 338]:DataClump: OAuth2::AccessToken takes parameters ['opts', 'path'] to 6 methods [https://github.com/troessner/reek/blob/v6.5.0/docs/Data-Clump.md]
+ [350, 366]:DuplicateMethodCall: OAuth2::AccessToken#configure_authentication! calls 'options[:mode]' 2 times [https://github.com/troessner/reek/blob/v6.5.0/docs/Duplicate-Method-Call.md]
+ [356, 360, 362]:DuplicateMethodCall: OAuth2::AccessToken#configure_authentication! calls 'options[:param_name]' 3 times [https://github.com/troessner/reek/blob/v6.5.0/docs/Duplicate-Method-Call.md]
+ [358, 359, 360, 362]:DuplicateMethodCall: OAuth2::AccessToken#configure_authentication! calls 'opts[:body]' 4 times [https://github.com/troessner/reek/blob/v6.5.0/docs/Duplicate-Method-Call.md]
+ [352, 353]:DuplicateMethodCall: OAuth2::AccessToken#configure_authentication! calls 'opts[:headers]' 2 times [https://github.com/troessner/reek/blob/v6.5.0/docs/Duplicate-Method-Call.md]
+ [355, 356]:DuplicateMethodCall: OAuth2::AccessToken#configure_authentication! calls 'opts[:params]' 2 times [https://github.com/troessner/reek/blob/v6.5.0/docs/Duplicate-Method-Call.md]
+ [4]:InstanceVariableAssumption: OAuth2::AccessToken assumes too much for instance variable '@refresh_token' [https://github.com/troessner/reek/blob/v6.5.0/docs/Instance-Variable-Assumption.md]
+ [4]:IrresponsibleModule: OAuth2::AccessToken has no descriptive comment [https://github.com/troessner/reek/blob/v6.5.0/docs/Irresponsible-Module.md]
+ [349]:MissingSafeMethod: OAuth2::AccessToken has missing safe method 'configure_authentication!' [https://github.com/troessner/reek/blob/v6.5.0/docs/Missing-Safe-Method.md]
+ [125, 125]:NilCheck: OAuth2::AccessToken#initialize performs a nil-check [https://github.com/troessner/reek/blob/v6.5.0/docs/Nil-Check.md]
+ [244]:NilCheck: OAuth2::AccessToken#revoke performs a nil-check [https://github.com/troessner/reek/blob/v6.5.0/docs/Nil-Check.md]
+ [4]:TooManyInstanceVariables: OAuth2::AccessToken has at least 7 instance variables [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Instance-Variables.md]
+ [4]:TooManyMethods: OAuth2::AccessToken has at least 20 methods [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Methods.md]
+ [349]:TooManyStatements: OAuth2::AccessToken#configure_authentication! has approx 8 statements [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Statements.md]
+ [42]:TooManyStatements: OAuth2::AccessToken#from_hash has approx 10 statements [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Statements.md]
+ [185]:TooManyStatements: OAuth2::AccessToken#refresh has approx 7 statements [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Statements.md]
+ [234]:TooManyStatements: OAuth2::AccessToken#revoke has approx 13 statements [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Statements.md]
+ [3]:UncommunicativeModuleName: OAuth2 has the name 'OAuth2' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Module-Name.md]
+ [281]:UncommunicativeVariableName: OAuth2::AccessToken#to_hash has the variable name 'k' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Variable-Name.md]
+ [281]:UncommunicativeVariableName: OAuth2::AccessToken#to_hash has the variable name 'v' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Variable-Name.md]
+ [370]:UtilityFunction: OAuth2::AccessToken#convert_expires_at doesn't depend on instance state (maybe move it to another class?) [https://github.com/troessner/reek/blob/v6.5.0/docs/Utility-Function.md]
+lib/oauth2/authenticator.rb -- 5 warnings:
+ [68, 70]:FeatureEnvy: OAuth2::Authenticator#apply_basic_auth refers to 'params' more than self (maybe move it to another class?) [https://github.com/troessner/reek/blob/v6.5.0/docs/Feature-Envy.md]
+ [6]:IrresponsibleModule: OAuth2::Authenticator has no descriptive comment [https://github.com/troessner/reek/blob/v6.5.0/docs/Irresponsible-Module.md]
+ [61]:NilCheck: OAuth2::Authenticator#apply_client_id performs a nil-check [https://github.com/troessner/reek/blob/v6.5.0/docs/Nil-Check.md]
+ [52, 53]:NilCheck: OAuth2::Authenticator#apply_params_auth performs a nil-check [https://github.com/troessner/reek/blob/v6.5.0/docs/Nil-Check.md]
+ [5]:UncommunicativeModuleName: OAuth2 has the name 'OAuth2' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Module-Name.md]
+lib/oauth2/client.rb -- 28 warnings:
+ [28]:Attribute: OAuth2::Client#connection is a writable attribute [https://github.com/troessner/reek/blob/v6.5.0/docs/Attribute.md]
+ [27]:Attribute: OAuth2::Client#options is a writable attribute [https://github.com/troessner/reek/blob/v6.5.0/docs/Attribute.md]
+ [208, 469, 536]:DataClump: OAuth2::Client takes parameters ['access_token_opts', 'extract_access_token'] to 3 methods [https://github.com/troessner/reek/blob/v6.5.0/docs/Data-Clump.md]
+ [469, 492, 517, 536]:DataClump: OAuth2::Client takes parameters ['access_token_opts', 'response'] to 4 methods [https://github.com/troessner/reek/blob/v6.5.0/docs/Data-Clump.md]
+ [89, 90]:DuplicateMethodCall: OAuth2::Client#connection calls 'options[:connection_build]' 2 times [https://github.com/troessner/reek/blob/v6.5.0/docs/Duplicate-Method-Call.md]
+ [433, 433]:DuplicateMethodCall: OAuth2::Client#execute_request calls 'req_opts[:params]' 2 times [https://github.com/troessner/reek/blob/v6.5.0/docs/Duplicate-Method-Call.md]
+ [336, 337]:DuplicateMethodCall: OAuth2::Client#redirection_params calls 'options[:redirect_uri]' 2 times [https://github.com/troessner/reek/blob/v6.5.0/docs/Duplicate-Method-Call.md]
+ [152, 153, 154]:DuplicateMethodCall: OAuth2::Client#request calls 'req_opts[:redirect_count]' 3 times [https://github.com/troessner/reek/blob/v6.5.0/docs/Duplicate-Method-Call.md]
+ [260, 261, 262]:DuplicateMethodCall: OAuth2::Client#revoke_token calls 'req_opts[:params]' 3 times [https://github.com/troessner/reek/blob/v6.5.0/docs/Duplicate-Method-Call.md]
+ [519, 519]:FeatureEnvy: OAuth2::Client#build_access_token refers to 'access_token' more than self (maybe move it to another class?) [https://github.com/troessner/reek/blob/v6.5.0/docs/Feature-Envy.md]
+ [354, 357, 363, 365, 366, 368]:FeatureEnvy: OAuth2::Client#params_to_req_opts refers to 'req_opts' more than self (maybe move it to another class?) [https://github.com/troessner/reek/blob/v6.5.0/docs/Feature-Envy.md]
+ [388, 395, 395, 396, 396, 397, 397, 400]:FeatureEnvy: OAuth2::Client#parse_snaky_params_headers refers to 'params' more than self (maybe move it to another class?) [https://github.com/troessner/reek/blob/v6.5.0/docs/Feature-Envy.md]
+ [16]:IrresponsibleModule: OAuth2::ConnectionError has no descriptive comment [https://github.com/troessner/reek/blob/v6.5.0/docs/Irresponsible-Module.md]
+ [17]:IrresponsibleModule: OAuth2::TimeoutError has no descriptive comment [https://github.com/troessner/reek/blob/v6.5.0/docs/Irresponsible-Module.md]
+ [519]:ManualDispatch: OAuth2::Client#build_access_token manually dispatches method call [https://github.com/troessner/reek/blob/v6.5.0/docs/Manual-Dispatch.md]
+ [20]:TooManyInstanceVariables: OAuth2::Client has at least 5 instance variables [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Instance-Variables.md]
+ [20]:TooManyMethods: OAuth2::Client has at least 25 methods [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Methods.md]
+ [424]:TooManyStatements: OAuth2::Client#execute_request has approx 16 statements [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Statements.md]
+ [208]:TooManyStatements: OAuth2::Client#get_token has approx 6 statements [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Statements.md]
+ [346]:TooManyStatements: OAuth2::Client#params_to_req_opts has approx 9 statements [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Statements.md]
+ [492]:TooManyStatements: OAuth2::Client#parse_response has approx 6 statements [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Statements.md]
+ [387]:TooManyStatements: OAuth2::Client#parse_snaky_params_headers has approx 11 statements [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Statements.md]
+ [146]:TooManyStatements: OAuth2::Client#request has approx 18 statements [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Statements.md]
+ [257]:TooManyStatements: OAuth2::Client#revoke_token has approx 6 statements [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Statements.md]
+ [15]:UncommunicativeModuleName: OAuth2 has the name 'OAuth2' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Module-Name.md]
+ [436, 438]:UncommunicativeVariableName: OAuth2::Client#execute_request has the variable name 'e' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Variable-Name.md]
+ [428]:UncommunicativeVariableName: OAuth2::Client#execute_request has the variable name 'k' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Variable-Name.md]
+ [429]:UncommunicativeVariableName: OAuth2::Client#execute_request has the variable name 'p' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Variable-Name.md]
+lib/oauth2/error.rb -- 8 warnings:
+ [35, 35, 37, 38]:DuplicateMethodCall: OAuth2::Error#error_message calls 'opts[:error_description]' 4 times [https://github.com/troessner/reek/blob/v6.5.0/docs/Duplicate-Method-Call.md]
+ [13, 14, 15]:DuplicateMethodCall: OAuth2::Error#initialize calls 'response.parsed' 3 times [https://github.com/troessner/reek/blob/v6.5.0/docs/Duplicate-Method-Call.md]
+ [4]:IrresponsibleModule: OAuth2::Error has no descriptive comment [https://github.com/troessner/reek/blob/v6.5.0/docs/Irresponsible-Module.md]
+ [37, 37]:ManualDispatch: OAuth2::Error#error_message manually dispatches method call [https://github.com/troessner/reek/blob/v6.5.0/docs/Manual-Dispatch.md]
+ [12, 21]:ManualDispatch: OAuth2::Error#initialize manually dispatches method call [https://github.com/troessner/reek/blob/v6.5.0/docs/Manual-Dispatch.md]
+ [32]:TooManyStatements: OAuth2::Error#error_message has approx 7 statements [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Statements.md]
+ [3]:UncommunicativeModuleName: OAuth2 has the name 'OAuth2' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Module-Name.md]
+ [32]:UtilityFunction: OAuth2::Error#error_message doesn't depend on instance state (maybe move it to another class?) [https://github.com/troessner/reek/blob/v6.5.0/docs/Utility-Function.md]
+lib/oauth2/filtered_attributes.rb -- 6 warnings:
+ [18, 28]:DuplicateMethodCall: OAuth2::FilteredAttributes#inspect calls 'self.class' 2 times [https://github.com/troessner/reek/blob/v6.5.0/docs/Duplicate-Method-Call.md]
+ [2]:IrresponsibleModule: OAuth2::FilteredAttributes has no descriptive comment [https://github.com/troessner/reek/blob/v6.5.0/docs/Irresponsible-Module.md]
+ [7]:IrresponsibleModule: OAuth2::FilteredAttributes::ClassMethods has no descriptive comment [https://github.com/troessner/reek/blob/v6.5.0/docs/Irresponsible-Module.md]
+ [22]:NestedIterators: OAuth2::FilteredAttributes#inspect contains iterators nested 2 deep [https://github.com/troessner/reek/blob/v6.5.0/docs/Nested-Iterators.md]
+ [17]:TooManyStatements: OAuth2::FilteredAttributes#inspect has approx 7 statements [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Statements.md]
+ [1]:UncommunicativeModuleName: OAuth2 has the name 'OAuth2' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Module-Name.md]
+lib/oauth2/response.rb -- 12 warnings:
+ [15]:Attribute: OAuth2::Response#options is a writable attribute [https://github.com/troessner/reek/blob/v6.5.0/docs/Attribute.md]
+ [51]:BooleanParameter: OAuth2::Response#initialize has boolean parameter 'snaky' [https://github.com/troessner/reek/blob/v6.5.0/docs/Boolean-Parameter.md]
+ [25, 39, 134]:ClassVariable: OAuth2::Response declares the class variable '@@content_types' [https://github.com/troessner/reek/blob/v6.5.0/docs/Class-Variable.md]
+ [19, 37, 131, 134]:ClassVariable: OAuth2::Response declares the class variable '@@parsers' [https://github.com/troessner/reek/blob/v6.5.0/docs/Class-Variable.md]
+ [103, 105]:DuplicateMethodCall: OAuth2::Response#content_type calls 'response.headers' 2 times [https://github.com/troessner/reek/blob/v6.5.0/docs/Duplicate-Method-Call.md]
+ [128, 129, 130, 131]:DuplicateMethodCall: OAuth2::Response#parser calls 'options[:parse]' 4 times [https://github.com/troessner/reek/blob/v6.5.0/docs/Duplicate-Method-Call.md]
+ [9]:InstanceVariableAssumption: OAuth2::Response assumes too much for instance variable '@parsed' [https://github.com/troessner/reek/blob/v6.5.0/docs/Instance-Variable-Assumption.md]
+ [9]:InstanceVariableAssumption: OAuth2::Response assumes too much for instance variable '@parser' [https://github.com/troessner/reek/blob/v6.5.0/docs/Instance-Variable-Assumption.md]
+ [82]:ManualDispatch: OAuth2::Response#parsed manually dispatches method call [https://github.com/troessner/reek/blob/v6.5.0/docs/Manual-Dispatch.md]
+ [128]:ManualDispatch: OAuth2::Response#parser manually dispatches method call [https://github.com/troessner/reek/blob/v6.5.0/docs/Manual-Dispatch.md]
+ [78]:TooManyStatements: OAuth2::Response#parsed has approx 7 statements [https://github.com/troessner/reek/blob/v6.5.0/docs/Too-Many-Statements.md]
+ [7]:UncommunicativeModuleName: OAuth2 has the name 'OAuth2' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Module-Name.md]
+lib/oauth2/strategy/assertion.rb -- 5 warnings:
+ [96, 96, 98, 98]:FeatureEnvy: OAuth2::Strategy::Assertion#build_assertion refers to 'encoding_opts' more than self (maybe move it to another class?) [https://github.com/troessner/reek/blob/v6.5.0/docs/Feature-Envy.md]
+ [32]:InstanceVariableAssumption: OAuth2::Strategy::Assertion assumes too much for instance variable '@client' [https://github.com/troessner/reek/blob/v6.5.0/docs/Instance-Variable-Assumption.md]
+ [79]:LongParameterList: OAuth2::Strategy::Assertion#get_token has 4 parameters [https://github.com/troessner/reek/blob/v6.5.0/docs/Long-Parameter-List.md]
+ [5]:UncommunicativeModuleName: OAuth2 has the name 'OAuth2' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Module-Name.md]
+ [88]:UtilityFunction: OAuth2::Strategy::Assertion#build_request doesn't depend on instance state (maybe move it to another class?) [https://github.com/troessner/reek/blob/v6.5.0/docs/Utility-Function.md]
+lib/oauth2/strategy/auth_code.rb -- 3 warnings:
+ [43, 43]:FeatureEnvy: OAuth2::Strategy::AuthCode#assert_valid_params refers to 'params' more than self (maybe move it to another class?) [https://github.com/troessner/reek/blob/v6.5.0/docs/Feature-Envy.md]
+ [8]:InstanceVariableAssumption: OAuth2::Strategy::AuthCode assumes too much for instance variable '@client' [https://github.com/troessner/reek/blob/v6.5.0/docs/Instance-Variable-Assumption.md]
+ [3]:UncommunicativeModuleName: OAuth2 has the name 'OAuth2' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Module-Name.md]
+lib/oauth2/strategy/base.rb -- 2 warnings:
+ [5]:IrresponsibleModule: OAuth2::Strategy::Base has no descriptive comment [https://github.com/troessner/reek/blob/v6.5.0/docs/Irresponsible-Module.md]
+ [3]:UncommunicativeModuleName: OAuth2 has the name 'OAuth2' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Module-Name.md]
+lib/oauth2/strategy/client_credentials.rb -- 2 warnings:
+ [8]:InstanceVariableAssumption: OAuth2::Strategy::ClientCredentials assumes too much for instance variable '@client' [https://github.com/troessner/reek/blob/v6.5.0/docs/Instance-Variable-Assumption.md]
+ [3]:UncommunicativeModuleName: OAuth2 has the name 'OAuth2' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Module-Name.md]
+lib/oauth2/strategy/implicit.rb -- 3 warnings:
+ [34, 34]:FeatureEnvy: OAuth2::Strategy::Implicit#assert_valid_params refers to 'params' more than self (maybe move it to another class?) [https://github.com/troessner/reek/blob/v6.5.0/docs/Feature-Envy.md]
+ [8]:InstanceVariableAssumption: OAuth2::Strategy::Implicit assumes too much for instance variable '@client' [https://github.com/troessner/reek/blob/v6.5.0/docs/Instance-Variable-Assumption.md]
+ [3]:UncommunicativeModuleName: OAuth2 has the name 'OAuth2' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Module-Name.md]
+lib/oauth2/strategy/password.rb -- 3 warnings:
+ [8]:InstanceVariableAssumption: OAuth2::Strategy::Password assumes too much for instance variable '@client' [https://github.com/troessner/reek/blob/v6.5.0/docs/Instance-Variable-Assumption.md]
+ [21]:LongParameterList: OAuth2::Strategy::Password#get_token has 4 parameters [https://github.com/troessner/reek/blob/v6.5.0/docs/Long-Parameter-List.md]
+ [3]:UncommunicativeModuleName: OAuth2 has the name 'OAuth2' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Module-Name.md]
+lib/oauth2/version.rb -- 1 warning:
+ [3]:UncommunicativeModuleName: OAuth2 has the name 'OAuth2' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Module-Name.md]
+lib/oauth2.rb -- 1 warning:
+ [27]:UncommunicativeModuleName: OAuth2 has the name 'OAuth2' [https://github.com/troessner/reek/blob/v6.5.0/docs/Uncommunicative-Module-Name.md]
+110 total warnings
diff --git a/Rakefile b/Rakefile
index ac15c136..ddffe886 100644
--- a/Rakefile
+++ b/Rakefile
@@ -5,6 +5,22 @@ defaults = []
# See: https://docs.gitlab.com/ci/variables/predefined_variables/
is_gitlab = ENV.fetch("GITLAB_CI", "false").casecmp("true") == 0
+### DEVELOPMENT TASKS
+# Setup Kettle Soup Cover
+begin
+ require "kettle-soup-cover"
+
+ Kettle::Soup::Cover.install_tasks
+ # NOTE: Coverage on CI is configured independent of this task.
+ # This task is for local development, as it opens results in browser
+ defaults << "coverage" unless Kettle::Soup::Cover::IS_CI
+rescue LoadError
+ desc("(stub) coverage is unavailable")
+ task("coverage") do
+ warn("NOTE: kettle-soup-cover isn't installed, or is disabled for #{RUBY_VERSION} in the current environment")
+ end
+end
+
# Setup Bundle Audit
begin
require "bundler/audit/task"
@@ -86,4 +102,17 @@ rescue LoadError
end
end
+### RELEASE TASKS
+# Setup stone_checksums
+begin
+ require "stone_checksums"
+
+ GemChecksums.install_tasks
+rescue LoadError
+ desc("(stub) build:generate_checksums is unavailable")
+ task("build:generate_checksums") do
+ warn("NOTE: stone_checksums isn't installed, or is disabled for #{RUBY_VERSION} in the current environment")
+ end
+end
+
task default: defaults
diff --git a/bin/appraisal b/bin/appraisal
new file mode 100644
index 00000000..5038ce52
--- /dev/null
+++ b/bin/appraisal
@@ -0,0 +1,27 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'appraisal' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
+
+bundle_binstub = File.expand_path("bundle", __dir__)
+
+if File.file?(bundle_binstub)
+ if File.read(bundle_binstub, 300).include?("This file was generated by Bundler")
+ load(bundle_binstub)
+ else
+ abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+ end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("appraisal", "appraisal")
diff --git a/gemfiles/README.md b/gemfiles/README.md
index 2f08c8e0..cd99cdab 100644
--- a/gemfiles/README.md
+++ b/gemfiles/README.md
@@ -1,5 +1,8 @@
# History
+This document will become out-of-date quickly, but remains historically relevant until
+such time as this gem is released with support for non-EOL Ruby only.
+
`faraday` v0.17.3 is the first version that stops using `&Proc.new` for block forwarding,
and thus is the oldest version oauth2 is compatible with.
diff --git a/gemfiles/audit.gemfile b/gemfiles/audit.gemfile
index e8bead50..a0d24ab2 100644
--- a/gemfiles/audit.gemfile
+++ b/gemfiles/audit.gemfile
@@ -7,6 +7,14 @@ gem "stringio", "~> 3.0"
gemspec path: "../"
-eval_gemfile("modular/f2.gemfile")
-
eval_gemfile("modular/audit.gemfile")
+
+eval_gemfile("modular/faraday_v2.gemfile")
+
+eval_gemfile("modular/jwt_v2.gemfile")
+
+eval_gemfile("modular/logger_v1_7.gemfile")
+
+eval_gemfile("modular/multi_xml_v0_7.gemfile")
+
+eval_gemfile("modular/rack_v3.gemfile")
diff --git a/gemfiles/coverage.gemfile b/gemfiles/coverage.gemfile
index 938138a0..4f3d07b6 100644
--- a/gemfiles/coverage.gemfile
+++ b/gemfiles/coverage.gemfile
@@ -7,6 +7,14 @@ gem "stringio", "~> 3.0"
gemspec path: "../"
-eval_gemfile("modular/f2.gemfile")
-
eval_gemfile("modular/coverage.gemfile")
+
+eval_gemfile("modular/faraday_v2.gemfile")
+
+eval_gemfile("modular/jwt_v2.gemfile")
+
+eval_gemfile("modular/logger_v1_7.gemfile")
+
+eval_gemfile("modular/multi_xml_v0_7.gemfile")
+
+eval_gemfile("modular/rack_v3.gemfile")
diff --git a/gemfiles/current.gemfile b/gemfiles/current.gemfile
index 36b43d26..a8fc46a3 100644
--- a/gemfiles/current.gemfile
+++ b/gemfiles/current.gemfile
@@ -7,4 +7,12 @@ gem "stringio", ">= 3.0"
gemspec path: "../"
-eval_gemfile("modular/f2.gemfile")
+eval_gemfile("modular/faraday_v2.gemfile")
+
+eval_gemfile("modular/jwt_v3.gemfile")
+
+eval_gemfile("modular/logger_v1_7.gemfile")
+
+eval_gemfile("modular/multi_xml_v0_7.gemfile")
+
+eval_gemfile("modular/rack_v3.gemfile")
diff --git a/gemfiles/current_runtime_heads.gemfile b/gemfiles/current_runtime_heads.gemfile
new file mode 100644
index 00000000..fc9c120d
--- /dev/null
+++ b/gemfiles/current_runtime_heads.gemfile
@@ -0,0 +1,10 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "mutex_m", ">= 0.2"
+gem "stringio", ">= 3.0"
+
+gemspec path: "../"
+
+eval_gemfile("modular/runtime_heads.gemfile")
diff --git a/gemfiles/head.gemfile b/gemfiles/head.gemfile
index 36b43d26..fc9c120d 100644
--- a/gemfiles/head.gemfile
+++ b/gemfiles/head.gemfile
@@ -7,4 +7,4 @@ gem "stringio", ">= 3.0"
gemspec path: "../"
-eval_gemfile("modular/f2.gemfile")
+eval_gemfile("modular/runtime_heads.gemfile")
diff --git a/gemfiles/modular/f0.gemfile b/gemfiles/modular/f0.gemfile
deleted file mode 100644
index 913ac2b4..00000000
--- a/gemfiles/modular/f0.gemfile
+++ /dev/null
@@ -1,6 +0,0 @@
-# frozen_string_literal: true
-
-# 0.17.3 is the first version that stops using &Proc.new for block forwarding,
-# and thus is the oldest version oauth2 is compatible with.
-# Last version compatible with Ruby 1.9, 2.0, 2.1, 2.2, and 2.3
-gem "faraday", "~> 0.17.6"
diff --git a/gemfiles/modular/faraday_v0.gemfile b/gemfiles/modular/faraday_v0.gemfile
new file mode 100644
index 00000000..caa833b9
--- /dev/null
+++ b/gemfiles/modular/faraday_v0.gemfile
@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+# Ruby >= 1.9
+# 0.17.3 is the first version to not use &Proc.new when forwarding blocks.
+# Thus, it is the oldest version oauth2 is compatible with.
+# This version of faraday is the last compatible with Ruby 1.9, 2.0, 2.1, 2.2, and 2.3:
+gem "faraday", "~> 0.17.6"
diff --git a/gemfiles/modular/f1.gemfile b/gemfiles/modular/faraday_v1.gemfile
similarity index 100%
rename from gemfiles/modular/f1.gemfile
rename to gemfiles/modular/faraday_v1.gemfile
diff --git a/gemfiles/modular/f2.gemfile b/gemfiles/modular/faraday_v2.gemfile
similarity index 100%
rename from gemfiles/modular/f2.gemfile
rename to gemfiles/modular/faraday_v2.gemfile
diff --git a/gemfiles/modular/jwt_v1.gemfile b/gemfiles/modular/jwt_v1.gemfile
new file mode 100644
index 00000000..a48aa406
--- /dev/null
+++ b/gemfiles/modular/jwt_v1.gemfile
@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+# Ruby >= 0
+# This version of jwt is the last compatible with Ruby 1.9, 2.0, 2.1, 2.2, 2.3, 2.4:
+gem "jwt", "~> 1.5", ">= 1.5.6"
diff --git a/gemfiles/modular/jwt_v2.gemfile b/gemfiles/modular/jwt_v2.gemfile
new file mode 100644
index 00000000..589888ed
--- /dev/null
+++ b/gemfiles/modular/jwt_v2.gemfile
@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+# Ruby >= 2.5
+gem "jwt", "~> 2.10", ">= 2.10.1"
diff --git a/gemfiles/modular/jwt_v3.gemfile b/gemfiles/modular/jwt_v3.gemfile
new file mode 100644
index 00000000..0ff1d8b0
--- /dev/null
+++ b/gemfiles/modular/jwt_v3.gemfile
@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+# Ruby >= 2.5
+gem "jwt", ">= 3.0.0.beta1", "< 4"
diff --git a/gemfiles/modular/logger_v1_2.gemfile b/gemfiles/modular/logger_v1_2.gemfile
new file mode 100644
index 00000000..7c56847a
--- /dev/null
+++ b/gemfiles/modular/logger_v1_2.gemfile
@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+# Ruby >= 2.3
+# This version of logger is the last compatible with Ruby 1.8. 1.9, 2.0, 2.1, 2.2:
+# We will test it against 2.3, and 2.4.
+gem "logger", "~> 1.2.8", ">= 1.2.8.1"
diff --git a/gemfiles/modular/logger_v1_5.gemfile b/gemfiles/modular/logger_v1_5.gemfile
new file mode 100644
index 00000000..9986fcc9
--- /dev/null
+++ b/gemfiles/modular/logger_v1_5.gemfile
@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+# Ruby >= 2.3
+# This version of logger is the last compatible with Ruby 2.3, 2.4:
+# We will test it against 2.5, and 2.6.
+gem "logger", "~> 1.5.3"
diff --git a/gemfiles/modular/logger_v1_7.gemfile b/gemfiles/modular/logger_v1_7.gemfile
new file mode 100644
index 00000000..3ac3e049
--- /dev/null
+++ b/gemfiles/modular/logger_v1_7.gemfile
@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+# Ruby >= 2.5
+# We will test it against Ruby 2.7, 3.0, 3.1, 3.2, 3.3, 3.4.
+gem "logger", "~> 1.7", ">= 1.7.0"
diff --git a/gemfiles/modular/multi_xml_v0_5.gemfile b/gemfiles/modular/multi_xml_v0_5.gemfile
new file mode 100644
index 00000000..3f4c0eac
--- /dev/null
+++ b/gemfiles/modular/multi_xml_v0_5.gemfile
@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+# Ruby >= 0
+# We will test it against Ruby 2.3, 2.4
+# This minor version of multi_xml is the oldest compatible with this gem:
+gem "multi_xml", "~> 0.5", ">= 0.5.5"
diff --git a/gemfiles/modular/multi_xml_v0_6.gemfile b/gemfiles/modular/multi_xml_v0_6.gemfile
new file mode 100644
index 00000000..6db93997
--- /dev/null
+++ b/gemfiles/modular/multi_xml_v0_6.gemfile
@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+# Ruby >= 0
+# We will test it against Ruby 2.5, 2.6, 2.7, 3.0, 3.1.
+# This version of multi_xml is the last compatible with Ruby 1.8, 1.9, 2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 3.0:
+gem "multi_xml", "~> 0.6", ">= 0.6.0"
diff --git a/gemfiles/modular/multi_xml_v0_7.gemfile b/gemfiles/modular/multi_xml_v0_7.gemfile
new file mode 100644
index 00000000..87dac9b8
--- /dev/null
+++ b/gemfiles/modular/multi_xml_v0_7.gemfile
@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+# Ruby >= 2.5
+# We will test it against Ruby 2.5, 2.6, 2.7, 3.0, 3.1, 3.2, 3.3, 3.4.
+gem "multi_xml", "~> 0.7", ">= 0.7.2"
diff --git a/gemfiles/modular/rack_v1_2.gemfile b/gemfiles/modular/rack_v1_2.gemfile
new file mode 100644
index 00000000..3456b97f
--- /dev/null
+++ b/gemfiles/modular/rack_v1_2.gemfile
@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+# Ruby >= 0
+# We will test it against Ruby 2.3.
+# This minor version of rack is the oldest compatible with this gem:
+gem "rack", "~> 1.2", ">= 1.2.8"
diff --git a/gemfiles/modular/rack_v1_6.gemfile b/gemfiles/modular/rack_v1_6.gemfile
new file mode 100644
index 00000000..728aa09b
--- /dev/null
+++ b/gemfiles/modular/rack_v1_6.gemfile
@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+# Ruby >= 0
+# This is the newest version of rack that installs on Ruby < 2.2.2.
+# We will test it against Ruby 2.4.
+gem "rack", "~> 1.6", ">= 1.6.13"
diff --git a/gemfiles/modular/rack_v2.gemfile b/gemfiles/modular/rack_v2.gemfile
new file mode 100644
index 00000000..f93b415c
--- /dev/null
+++ b/gemfiles/modular/rack_v2.gemfile
@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+# Ruby >= 2.3
+# This version of rack is the last compatible with Ruby 2.3.
+# We will test it against Ruby 2.5.
+gem "rack", "~> 2.2", ">= 2.2.14"
diff --git a/gemfiles/modular/rack_v3.gemfile b/gemfiles/modular/rack_v3.gemfile
new file mode 100644
index 00000000..02678e3a
--- /dev/null
+++ b/gemfiles/modular/rack_v3.gemfile
@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+# Ruby >= 2.4
+# We will test it against Ruby 2.6+.
+gem "rack", "~> 3.1", ">= 3.1.14"
diff --git a/gemfiles/modular/runtime_heads.gemfile b/gemfiles/modular/runtime_heads.gemfile
new file mode 100644
index 00000000..375e47b6
--- /dev/null
+++ b/gemfiles/modular/runtime_heads.gemfile
@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+# Test against HEAD of runtime dependencies so we can proactively file bugs
+
+# Ruby >= 3.0
+gem "faraday", github: "lostisland/faraday", branch: "main"
+
+# Ruby >= 2.5
+gem "jwt", github: "jwt/ruby-jwt", branch: "main"
+
+# Ruby >= 2.5
+gem "logger", github: "ruby/logger", branch: "master"
+
+# Ruby >= 3.2
+gem "multi_xml", github: "sferik/multi_xml", branch: "master"
+
+# Ruby >= 2.4
+gem "rack", github: "rack/rack", branch: "main"
diff --git a/gemfiles/modular/style.gemfile b/gemfiles/modular/style.gemfile
index fff2231f..a74b676c 100644
--- a/gemfiles/modular/style.gemfile
+++ b/gemfiles/modular/style.gemfile
@@ -5,15 +5,19 @@
gem "reek", "~> 6.4"
gem "rubocop", "~> 1.73", ">= 1.73.2"
-gem "rubocop-lts", "~> 8.1", ">= 8.1.1" # Linting for Ruby >= 2.2
gem "rubocop-packaging", "~> 0.5", ">= 0.5.2"
-gem "rubocop-rspec", "~> 3.2"
gem "standard", "~> 1.47"
# Std Lib extractions
gem "benchmark", "~> 0.4" # Removed from Std Lib in Ruby 3.5
-# gem "rubocop-lts", :path => "/home/pboling/src/rubocop-lts/rubocop-lts"
-# gem "rubocop-lts-rspec", :path => "/home/pboling/src/rubocop-lts/rubocop-lts-rspec"
-# gem "rubocop-ruby1_8", :path => "/home/pboling/src/rubocop-lts/rubocop-ruby1_8"
-# gem "standard-rubocop-lts", :path => "/home/pboling/src/rubocop-lts/standard-rubocop-lts"
+if ENV.fetch("RUBOCOP_LTS_LOCAL", "false").casecmp("true").zero?
+ home = ENV["HOME"]
+ gem "rubocop-lts", path: "#{home}/src/rubocop-lts/rubocop-lts"
+ gem "rubocop-lts-rspec", path: "#{home}/src/rubocop-lts/rubocop-lts-rspec"
+ gem "rubocop-ruby2_2", path: "#{home}/src/rubocop-lts/rubocop-ruby2_2"
+ gem "standard-rubocop-lts", path: "#{home}/src/rubocop-lts/standard-rubocop-lts"
+else
+ gem "rubocop-lts", "~> 8.1", ">= 8.1.1" # Linting for Ruby >= 2.2
+ gem "rubocop-rspec", "~> 3.2"
+end
diff --git a/gemfiles/omnibus.gemfile b/gemfiles/omnibus.gemfile
index a7b63e97..10a5c530 100644
--- a/gemfiles/omnibus.gemfile
+++ b/gemfiles/omnibus.gemfile
@@ -10,6 +10,14 @@ eval_gemfile("modular/coverage.gemfile")
eval_gemfile("modular/documentation.gemfile")
-eval_gemfile("modular/f2.gemfile")
+eval_gemfile("modular/faraday_v2.gemfile")
+
+eval_gemfile("modular/jwt_v2.gemfile")
+
+eval_gemfile("modular/logger_v1_7.gemfile")
+
+eval_gemfile("modular/multi_xml_v0_7.gemfile")
+
+eval_gemfile("modular/rack_v3.gemfile")
eval_gemfile("modular/style.gemfile")
diff --git a/gemfiles/ruby_2_2.gemfile b/gemfiles/ruby_2_2.gemfile
deleted file mode 100644
index 38fde197..00000000
--- a/gemfiles/ruby_2_2.gemfile
+++ /dev/null
@@ -1,7 +0,0 @@
-# This file was generated by Appraisal
-
-source "https://rubygems.org"
-
-gemspec path: "../"
-
-eval_gemfile("modular/f0.gemfile")
diff --git a/gemfiles/ruby_2_3.gemfile b/gemfiles/ruby_2_3.gemfile
index 38fde197..c04bb1e8 100644
--- a/gemfiles/ruby_2_3.gemfile
+++ b/gemfiles/ruby_2_3.gemfile
@@ -4,4 +4,12 @@ source "https://rubygems.org"
gemspec path: "../"
-eval_gemfile("modular/f0.gemfile")
+eval_gemfile("modular/faraday_v0.gemfile")
+
+eval_gemfile("modular/jwt_v1.gemfile")
+
+eval_gemfile("modular/logger_v1_2.gemfile")
+
+eval_gemfile("modular/multi_xml_v0_5.gemfile")
+
+eval_gemfile("modular/rack_v1_2.gemfile")
diff --git a/gemfiles/ruby_2_4.gemfile b/gemfiles/ruby_2_4.gemfile
index 3ad1f7eb..9839ec20 100644
--- a/gemfiles/ruby_2_4.gemfile
+++ b/gemfiles/ruby_2_4.gemfile
@@ -4,4 +4,12 @@ source "https://rubygems.org"
gemspec path: "../"
-eval_gemfile("modular/f1.gemfile")
+eval_gemfile("modular/faraday_v1.gemfile")
+
+eval_gemfile("modular/jwt_v1.gemfile")
+
+eval_gemfile("modular/logger_v1_2.gemfile")
+
+eval_gemfile("modular/multi_xml_v0_5.gemfile")
+
+eval_gemfile("modular/rack_v1_6.gemfile")
diff --git a/gemfiles/ruby_2_5.gemfile b/gemfiles/ruby_2_5.gemfile
index 3ad1f7eb..078b001f 100644
--- a/gemfiles/ruby_2_5.gemfile
+++ b/gemfiles/ruby_2_5.gemfile
@@ -4,4 +4,12 @@ source "https://rubygems.org"
gemspec path: "../"
-eval_gemfile("modular/f1.gemfile")
+eval_gemfile("modular/faraday_v1.gemfile")
+
+eval_gemfile("modular/jwt_v2.gemfile")
+
+eval_gemfile("modular/logger_v1_5.gemfile")
+
+eval_gemfile("modular/multi_xml_v0_6.gemfile")
+
+eval_gemfile("modular/rack_v2.gemfile")
diff --git a/gemfiles/ruby_2_6.gemfile b/gemfiles/ruby_2_6.gemfile
index b9614aaa..3feef85e 100644
--- a/gemfiles/ruby_2_6.gemfile
+++ b/gemfiles/ruby_2_6.gemfile
@@ -7,4 +7,12 @@ gem "stringio", "~> 3.0"
gemspec path: "../"
-eval_gemfile("modular/f2.gemfile")
+eval_gemfile("modular/faraday_v2.gemfile")
+
+eval_gemfile("modular/jwt_v2.gemfile")
+
+eval_gemfile("modular/logger_v1_5.gemfile")
+
+eval_gemfile("modular/multi_xml_v0_6.gemfile")
+
+eval_gemfile("modular/rack_v3.gemfile")
diff --git a/gemfiles/ruby_2_7.gemfile b/gemfiles/ruby_2_7.gemfile
index b9614aaa..dba445fd 100644
--- a/gemfiles/ruby_2_7.gemfile
+++ b/gemfiles/ruby_2_7.gemfile
@@ -7,4 +7,12 @@ gem "stringio", "~> 3.0"
gemspec path: "../"
-eval_gemfile("modular/f2.gemfile")
+eval_gemfile("modular/faraday_v2.gemfile")
+
+eval_gemfile("modular/jwt_v2.gemfile")
+
+eval_gemfile("modular/logger_v1_7.gemfile")
+
+eval_gemfile("modular/multi_xml_v0_6.gemfile")
+
+eval_gemfile("modular/rack_v3.gemfile")
diff --git a/gemfiles/ruby_3_0.gemfile b/gemfiles/ruby_3_0.gemfile
index b9614aaa..dba445fd 100644
--- a/gemfiles/ruby_3_0.gemfile
+++ b/gemfiles/ruby_3_0.gemfile
@@ -7,4 +7,12 @@ gem "stringio", "~> 3.0"
gemspec path: "../"
-eval_gemfile("modular/f2.gemfile")
+eval_gemfile("modular/faraday_v2.gemfile")
+
+eval_gemfile("modular/jwt_v2.gemfile")
+
+eval_gemfile("modular/logger_v1_7.gemfile")
+
+eval_gemfile("modular/multi_xml_v0_6.gemfile")
+
+eval_gemfile("modular/rack_v3.gemfile")
diff --git a/gemfiles/ruby_3_1.gemfile b/gemfiles/ruby_3_1.gemfile
index b9614aaa..dba445fd 100644
--- a/gemfiles/ruby_3_1.gemfile
+++ b/gemfiles/ruby_3_1.gemfile
@@ -7,4 +7,12 @@ gem "stringio", "~> 3.0"
gemspec path: "../"
-eval_gemfile("modular/f2.gemfile")
+eval_gemfile("modular/faraday_v2.gemfile")
+
+eval_gemfile("modular/jwt_v2.gemfile")
+
+eval_gemfile("modular/logger_v1_7.gemfile")
+
+eval_gemfile("modular/multi_xml_v0_6.gemfile")
+
+eval_gemfile("modular/rack_v3.gemfile")
diff --git a/gemfiles/ruby_3_2.gemfile b/gemfiles/ruby_3_2.gemfile
index b9614aaa..616b2ece 100644
--- a/gemfiles/ruby_3_2.gemfile
+++ b/gemfiles/ruby_3_2.gemfile
@@ -7,4 +7,12 @@ gem "stringio", "~> 3.0"
gemspec path: "../"
-eval_gemfile("modular/f2.gemfile")
+eval_gemfile("modular/faraday_v2.gemfile")
+
+eval_gemfile("modular/jwt_v2.gemfile")
+
+eval_gemfile("modular/logger_v1_7.gemfile")
+
+eval_gemfile("modular/multi_xml_v0_7.gemfile")
+
+eval_gemfile("modular/rack_v3.gemfile")
diff --git a/gemfiles/ruby_3_3.gemfile b/gemfiles/ruby_3_3.gemfile
index b9614aaa..616b2ece 100644
--- a/gemfiles/ruby_3_3.gemfile
+++ b/gemfiles/ruby_3_3.gemfile
@@ -7,4 +7,12 @@ gem "stringio", "~> 3.0"
gemspec path: "../"
-eval_gemfile("modular/f2.gemfile")
+eval_gemfile("modular/faraday_v2.gemfile")
+
+eval_gemfile("modular/jwt_v2.gemfile")
+
+eval_gemfile("modular/logger_v1_7.gemfile")
+
+eval_gemfile("modular/multi_xml_v0_7.gemfile")
+
+eval_gemfile("modular/rack_v3.gemfile")
diff --git a/gemfiles/style.gemfile b/gemfiles/style.gemfile
index b8001616..f75762cf 100644
--- a/gemfiles/style.gemfile
+++ b/gemfiles/style.gemfile
@@ -7,6 +7,4 @@ gem "stringio", "~> 3.0"
gemspec path: "../"
-eval_gemfile("modular/f2.gemfile")
-
eval_gemfile("modular/style.gemfile")
diff --git a/lib/oauth2/client.rb b/lib/oauth2/client.rb
index c2ea5814..b1496195 100644
--- a/lib/oauth2/client.rb
+++ b/lib/oauth2/client.rb
@@ -129,7 +129,7 @@ def revoke_url(params = nil)
#
# @param [Symbol] verb one of [:get, :post, :put, :delete]
# @param [String] url URL path of request
- # @param [Hash] opts the options to make the request with
+ # @param [Hash] req_opts the options to make the request with
# @option req_opts [Hash] :params additional query parameters for the URL of the request
# @option req_opts [Hash, String] :body the body of the request
# @option req_opts [Hash] :headers http request headers
@@ -535,7 +535,10 @@ def build_access_token(response, access_token_opts, access_token_class)
# @api private
def build_access_token_legacy(response, access_token_opts, extract_access_token)
extract_access_token.call(self, response.parsed.merge(access_token_opts))
- rescue StandardError
+ rescue
+ # An error will be raised by the called if nil is returned and options[:raise_errors] is truthy, so this rescue is but temporary.
+ # Unfortunately, it does hide the real error, but this is deprecated legacy code,
+ # and this was effectively the long-standing pre-existing behavior, so there is little point in changing it.
nil
end
diff --git a/oauth2.gemspec b/oauth2.gemspec
index b58053e0..baf7f2e1 100644
--- a/oauth2.gemspec
+++ b/oauth2.gemspec
@@ -11,6 +11,9 @@ gem_version =
OAuth2::Version::VERSION
end
+gl_homepage = "https://gitlab.com/oauth-xx/oauth2"
+gh_mirror = "https://github.com/oauth-xx/oauth2"
+
Gem::Specification.new do |spec|
# Linux distros may package ruby gems differently,
# and securely certify them independently via alternate package management systems.
@@ -30,9 +33,9 @@ Gem::Specification.new do |spec|
spec.authors = ["Peter Boling", "Erik Michaels-Ober", "Michael Bleigh"]
spec.summary = "OAuth 2.0 Core Ruby implementation"
- spec.description = "A Ruby wrapper for the OAuth 2.0 protocol built with a similar style to the original OAuth spec."
+ spec.description = "Ruby wrapper for the OAuth 2.0 protocol"
spec.email = ["peter.boling@gmail.com", "oauth-ruby@googlegroups.com"]
- spec.homepage = "https://gitlab.com/oauth-xx/oauth2"
+ spec.homepage = gh_mirror # Yeah, it's gross, but stars have value :(
spec.licenses = "MIT"
spec.name = "oauth2"
spec.required_ruby_version = ">= 2.2.0"
@@ -42,11 +45,11 @@ You have installed oauth2 version #{gem_version}, congratulations!
There are BREAKING changes if you are upgrading from < v2, but most will not encounter them, and updating your code should be easy!
Please see:
-• #{spec.homepage}/-/blob/main/SECURITY.md
-• #{spec.homepage}/-/blob/v#{spec.version}/CHANGELOG.md#200-2022-06-21-tag
-• Summary of most important breaking changes: #{spec.homepage}#what-is-new-for-v20
+• #{gl_homepage}/-/blob/main/SECURITY.md
+• #{gl_homepage}/-/blob/v#{spec.version}/CHANGELOG.md#200-2022-06-21-tag
+• Summary of most important breaking changes: #{gl_homepage}#what-is-new-for-v20
-There are BUGFIXES in v2.0.10, which depending on how you relied on them instead of reporting and fixing them, may be BREAKING for you.
+There are BUGFIXES in v#{gem_version}, which depending on how you relied on them instead of reporting and fixing them, may be BREAKING for you.
For more information please see:
https://railsbling.com/tags/oauth2
@@ -73,12 +76,12 @@ Please report issues, and star the project!
Thanks, |7eter l-|. l3oling
}
- spec.metadata["homepage_uri"] = spec.homepage
- spec.metadata["source_code_uri"] = "#{spec.homepage}/-/tree/v#{spec.version}"
- spec.metadata["changelog_uri"] = "#{spec.homepage}/-/blob/v#{spec.version}/CHANGELOG.md"
- spec.metadata["bug_tracker_uri"] = "#{spec.homepage}/-/issues"
+ spec.metadata["homepage_uri"] = gl_homepage
+ spec.metadata["source_code_uri"] = "#{gl_homepage}/-/tree/v#{spec.version}"
+ spec.metadata["changelog_uri"] = "#{gl_homepage}/-/blob/v#{spec.version}/CHANGELOG.md"
+ spec.metadata["bug_tracker_uri"] = "#{gl_homepage}/-/issues"
spec.metadata["documentation_uri"] = "https://www.rubydoc.info/gems/#{spec.name}/#{spec.version}"
- spec.metadata["wiki_uri"] = "#{spec.homepage}/-/wiki"
+ spec.metadata["wiki_uri"] = "#{gl_homepage}/-/wiki"
spec.metadata["mailing_list_uri"] = "https://groups.google.com/g/oauth-ruby"
spec.metadata["news_uri"] = "https://www.railsbling.com/tags/#{spec.name}"
spec.metadata["funding_uri"] = "https://liberapay.com/pboling"
@@ -112,21 +115,22 @@ Thanks, |7eter l-|. l3oling
spec.bindir = "exe"
spec.executables = []
- spec.add_dependency("faraday", [">= 0.17.3", "< 3.0"])
- spec.add_dependency("jwt", [">= 1.0", "< 3.0"])
- spec.add_dependency("multi_xml", "~> 0.5")
- spec.add_dependency("rack", [">= 1.2", "< 4"])
- spec.add_dependency("snaky_hash", "~> 2.0")
- spec.add_dependency("version_gem", ">= 1.1.8", "< 3") # Ruby >= 2.2.0
+ spec.add_dependency("faraday", [">= 0.17.3", "< 4.0"]) # Ruby >= 1.9
+ spec.add_dependency("jwt", [">= 1.0", "< 4.0"]) # Ruby >= 0
+ spec.add_dependency("logger", "~> 1.2") # Ruby >= 0
+ spec.add_dependency("multi_xml", "~> 0.5") # Ruby >= 0
+ spec.add_dependency("rack", [">= 1.2", "< 4"]) # Ruby >= 0
+ spec.add_dependency("snaky_hash", "~> 2.0") # Ruby >= 2.2
+ spec.add_dependency("version_gem", ">= 1.1.8", "< 3") # Ruby >= 2.2
- spec.add_development_dependency("addressable", ">= 2")
- spec.add_development_dependency("backports", ">= 3")
- spec.add_development_dependency("nkf", "~> 0.2")
- spec.add_development_dependency("rake", ">= 12")
- spec.add_development_dependency("rexml", ">= 3")
- spec.add_development_dependency("rspec", ">= 3")
- spec.add_development_dependency("rspec-block_is_expected")
- spec.add_development_dependency("rspec-pending_for")
- spec.add_development_dependency("rspec-stubbed_env")
- spec.add_development_dependency("silent_stream")
+ spec.add_development_dependency("addressable", "~> 2.8", ">= 2.8.7") # ruby >= 2.2
+ spec.add_development_dependency("backports", "~> 3.25", ">= 3.25.1") # ruby >= 0
+ spec.add_development_dependency("nkf", "~> 0.2") # ruby >= 2.3
+ spec.add_development_dependency("rake", "~> 13.0") # ruby >= 2.2
+ spec.add_development_dependency("rexml", "~> 3.2", ">= 3.2.5") # ruby >= 0
+ spec.add_development_dependency("rspec", "~> 3.13") # ruby >= 0
+ spec.add_development_dependency("rspec-block_is_expected", "~> 1.0", ">= 1.0.6") # ruby >= 1.8.7
+ spec.add_development_dependency("rspec-pending_for", "~> 0.1", ">= 0.1.17") # ruby >= 1.8.7
+ spec.add_development_dependency("rspec-stubbed_env", "~> 1.0", ">= 1.0.2") # ruby >= 1.8.7
+ spec.add_development_dependency("silent_stream", "~> 1.0", ">= 1.0.11") # ruby >= 2.3
end
diff --git a/spec/examples/google_spec.rb b/spec/examples/google_spec.rb
index 425abb07..34a7287c 100644
--- a/spec/examples/google_spec.rb
+++ b/spec/examples/google_spec.rb
@@ -59,7 +59,7 @@
rescue OpenSSL::PKCS12::PKCS12Error
# JRuby CI builds are blowing up trying to extract a sample key for some reason. This simulates the end result
# of actually figuring out the problem.
- OpenSSL::PKey::RSA.new(1024)
+ OpenSSL::PKey::RSA.new(2048)
end
end
# Per Google:
diff --git a/spec/oauth2/strategy/assertion_spec.rb b/spec/oauth2/strategy/assertion_spec.rb
index 3cde2842..38a35dd0 100644
--- a/spec/oauth2/strategy/assertion_spec.rb
+++ b/spec/oauth2/strategy/assertion_spec.rb
@@ -100,7 +100,7 @@
context "when encoding as RS256" do
let(:algorithm) { "RS256" }
- let(:key) { OpenSSL::PKey::RSA.new(1024) }
+ let(:key) { OpenSSL::PKey::RSA.new(2048) }
before do
client_assertion.get_token(claims, algorithm: algorithm, key: key)