Release History

0.17.0 (2022-06-23)

  • Updated minimum Ruby version to 2.6

0.16.1 (2022-02-24)

Bug Fixes

  • Support Faraday 2

0.16.0 (2021-09-03)

Features

  • Support for fetching an access token with basic auth

Bug Fixes

  • Remove extraneous files from the gem
  • Require addressable 2.8 to remediate vulnerability

0.15.0 (2021-03-04)

  • Drop support for Ruby 2.4 and add support for Ruby 3.0

0.14.1 / 2021-01-27

  • Fix OAuth1 signature with duplicate query param names

0.14.0 / 2020-03-31

  • Support for fetching ID tokens from google oauth2 endpoint.

0.13.2 / 2020-03-25

Rerelease of 0.13.1.

0.13.1 / 2020-03-24

  • Update github url

0.13.0 / 2020-02-24

  • Support Faraday 1.x

0.12.0 / 2019-10-08

  • This version now requires Ruby 2.4.
  • Support array values of the "aud" field.
  • Normalize the version constant to match related gems.

0.11.0 / 2018-10-08

  • Add constant time comparison for oauth signatures.

0.10.0 / 2018-09-21

  • Add UnexpectedStatusError class for http status errors that are not handled.

0.9.2 / 2018-09-12

  • Update issued_at correctly when it is set simultaneously with expires_in.

0.9.1 / 2018-08-29

  • Warn on EOL ruby versions.
  • Fix DateTime normalization.

0.9.0 / 2018-08-20

  • Add RemoteServerError class for 5xx level errors.
  • Allow to_json to be called with arguments
  • Expires_in now sets and reflects current expires_at value
  • Expires_within(0) now returns false when expires_at is nil.

0.8.1 / 2017-10-13

  • Restore support for Ruby 1.9.3

0.8.0 / 2017-10-12

  • Ensure the "expires_at" attribute is recalculated on refresh (chutzimir)
  • Fix warnings on Ruby 2.4 (koic)
  • Allow DateTime objects to be passed into attributes (foxtacles)
  • Provide signature verification algorithm for compatibility with ruby-jwt 2.0 (jurriaan)
  • Signet::OAuth2::Client#decoded_id_token can take a keyfinder block (mvastola)

0.7.3 / 2016-06-20

  • Fix timestamp parsing on 32-bit systems
  • Fix expiration check when issue/expiry times are nil

0.7.2 / 2015-12-21

  • Don't assume Faraday form encoding middleware is present

0.7.1 / 2015-12-17

  • Fix an issue with date parsing

0.7 / 2015-12-06

  • No longer overwrite SSL environment variables.
  • Tighten up date & URL (de)serialization for OAuth2 client
  • Allow Hurley as a connection
  • Allow scope as an option in fetch_access_token! to request downscoped access tokens
  • Add expires_within(sec) method to oauth2 client to facilitate proactive refreshes

0.6.1 / 2015-06-08

  • Fix language warnings for unused & shadowed variables ((@blowmage)[])
  • Update SSL cert path for OSX ((@gambaroff)[])
  • Update JWT library and fix broken tests
  • Fix incorrect parameter name in OAuth2 client docs ((@samuelreh)[])
  • Fix symbolization of URL parameter keys ((@swifthand)[])

0.6.0 / 2014-12-05

  • Drop support for ruby versions < 1.9.3
  • Update gem dependencies and lock down versions tighter
  • Allow form encoded responses when exchanging OAuth 2 authorization codes
  • Normalize options keys for indifferent access

0.5.1 / 2014-06-08

  • Allow Hash objects to be used to initialize authorization URI
  • Added PLAINTEXT and RSA-SHA1 signature methods to OAuth 1 support
  • Added client object serialization
  • The approval_prompt option no longer defaults to :force
  • The approval_prompt and prompt are now mutually exclusive.

0.5.0 / 2013-05-31

  • Switched to faraday 0.9.0
  • Added expires_at option

0.4.5

  • Minor documentation fixes
  • Allow postmessage as a valid redirect_uri in OAuth 2

0.4.4

  • Add support for assertion profile

0.4.3

  • Added method to clear credentials

0.4.2

  • Backwards compatibility for MultiJson

0.4.1

  • Updated Launchy dependency

0.4.0

  • Added OAuth 1 server implementation
  • Updated Faraday dependency

0.3.4

  • Attempts to auto-detect CA cert location

0.3.3

  • Request objects no longer recreated during processing
  • Faraday middleware now supported
  • Streamed requests now supported
  • Fixed assertion profiles; client ID/secret omission no longer an error

0.3.2

  • Added audience security check for ID tokens

0.3.1

  • Fixed a warning while determining grant type
  • Removed requirement that a connection be supplied when authorizing requests
  • Updated addressable dependency to avoid minor bug
  • Fixed some documentation stuff around markdown formatting
  • Added support for Google Code wiki format output when generating docs

0.3.0

  • Replaced httpadapter gem dependency with faraday
  • Replaced json gem dependency with multi_json
  • Updated to OAuth 2.0 draft 22
  • Complete test coverage

0.2.4

  • Updated to incorporate changes to the Google OAuth endpoints

0.2.3

  • Added support for JWT-formatted ID tokens.
  • Added :issued_at option to #update_token! method.

0.2.2

  • Lowered requirements for json gem

0.2.1

  • Updated to keep in sync with the new httpadapter changes

0.2.0

  • Added support for OAuth 2.0 draft 10

0.1.4

  • Added support for a two-legged authorization flow

0.1.3

  • Fixed issue with headers passed in as a Hash
  • Fixed incompatibilities with Ruby 1.8.6

0.1.2

  • Fixed bug with overzealous normalization

0.1.1

  • Fixed bug with missing StringIO require
  • Fixed issue with dependency on unreleased features of addressable

0.1.0

  • Initial release