Bot releases are visible (Hide)
Published by ramosbugs over 3 years ago
add_scopes
convenience methods to request objects (https://github.com/ramosbugs/oauth2-rs/pull/138)set_redirect_uri
method to CodeTokenRequest
(https://github.com/ramosbugs/oauth2-rs/pull/144)Client::disable_openid_scope
method (#45)Published by ramosbugs over 3 years ago
AuthorizationRequest::url
when using the implicit or hybrid flowsPublished by ramosbugs over 3 years ago
Minor doc fixes
Published by ramosbugs over 3 years ago
oauth2
dependency to stable 4.0 release.reqwest
to 0.11 and rename feature flag to reqwest
. This upgrades tokio
to 1.0 and removes support for both the reqwest-010
and reqwest-09
feature flags.futures
0.1 and remove the futures-01
and futures-03
feature flags; only async/await and futures
0.3 are now supported (without requiring any feature flags).Async*
traits and move the request_async
methods to the underlying *Request
structsset_redirect_url
to set_redirect_uri
(see #39 for context).http
0.1 to 0.2.std::error::Error
instead of failure::Fail
.serde_path_to_error::Error<serde_json::Error>>
in several error types to make JSON deserialization errors easier to diagnose.#[non_exhaustive]
attribute to AuthType
to support non-breaking additions in the future.Client::user_info
fail fast with a new ConfigurationError
enum when the relevant OAuth2 endpoint hasn't been configured from the OpenID Connect Discovery metadata. Previously, an error would not be returned until a call to request
/request_async
.reqwest
client use rustls-tls
by default instead of native TLS. This behavior can be overridden using the native-tls
feature flag.Published by ramosbugs over 3 years ago
rustls-tls
(default) and native-tls
feature flags for use with reqwest
. Previously, enabling the reqwest
feature flag would always use rustls
. The default behavior is unchanged, but users that disable the default features and wish to continue using rustls
may wish to add the rustls-tls
feature flag to their Cargo.toml
.serde_path_to_error::Error<serde_json::Error>>
instead of a serde_json::Error
to improve the diagnosability of JSON deserialization errors in the following enum variants:
DiscoveryError::Parse
RequestTokenError::Parse
UserInfoError::Parse
registration::ClientRegistrationError::Parse
Published by ramosbugs over 3 years ago
set_redirect_url
to set_redirect_uri
(see #39 for context).reqwest
to 0.11 and rename feature flag from reqwest-010
to reqwest
. This upgrades tokio
to 1.0.#[non_exhaustive]
attribute to AuthType
to support non-breaking additions in the futureClient::user_info
fail fast with a new ConfigurationError
enum when the relevant OAuth2 endpoint hasn't been configured from the OpenID Connect Discovery metadata. Previously, an error would not be returned until a call to request
/request_async
.Add support for OAuth 2.0 Token Revocation (RFC 7009).
Special thanks to @ximon18 for contributing this feature.
Add support for OAuth 2.0 Token Introspection (RFC 7662).
Special thanks to @jeroenvervaeke for contributing this feature to the oauth2
crate and to @ximon18 for porting it to this crate.
extra_fields()
getter to StandardTokenIntrospectionResponsePublished by ramosbugs almost 4 years ago
matches!
macro that was not introduced until 1.42)Published by ramosbugs almost 4 years ago
ring
>= 0.16.16Published by ramosbugs almost 4 years ago
ring
>= 0.16.16Published by ramosbugs almost 4 years ago
reqwest
0.9 (previously enabled via the reqwest-09
feature flag); only the (default) reqwest-010
feature flag is now supportedhttp
0.1 to 0.2futures
0.1 and remove the futures-01
and futures-03
feature flags; only async/await is now supported (without requiring any feature flags)Async*
traits and move the request_async
methods to the underlying *Request
structsstd::error::Error
instead of failure::Fail
Send
and Sync
bounds to verification functions to enable sharing across threadsNOTE: These changes track the unstable 4.x release for the oauth2
crate.
Published by ramosbugs over 4 years ago
oauth2
version pin to 3.0master
branch with main
Published by ramosbugs over 4 years ago
untrusted
to 0.7Published by ramosbugs over 4 years ago
ring
to 0.16retry
crate only a dev dependencyhyper
dev dependencyapplication/jwk-set+json
Content-Type in JWKS responseClient::exchange_password
methodRc
to Arc
to improve async/thread supportrand
, itertools
, and base64
dependenciesAuthorizationRequest::set_redirect_url
methodPublished by ramosbugs over 4 years ago
oauth2::{http, url}
Published by ramosbugs over 4 years ago
RefreshTokenFields
and related type parameters (unnecessary since 9152d3f4d5859d224923943ae2ac6b7da7f8a850)Extension
variant or #[non_exhaustive]
to all exported enums; this raises the minimum supported Rust version to 1.40 but should reduce future breaking changes related to enumsoauth2
3.0.0-alpha.9, which includes reqwest
0.10 when the reqwest-010
feature flag is enabledCoreAuthErrorResponseType
enumPublished by ramosbugs almost 5 years ago
None
enum variant to CoreClientAuthMethod
. This variant is not mentioned in the token_endpoint_auth_methods_supported
definition, but it is mentioned in the Core spec cited by the former. At least one major OIDC provider uses this variant.3.0.0-alpha.8
of the oauth2
crate to avoid accidentally depending on request 0.10
, which the crate does not yet support.Published by ramosbugs almost 5 years ago
oauth2
3.0.0-alpha.7. Added new docs describing the various HTTP client interfaces. Special thanks to @Folyd for contributing this support.CoreAuthenticationFlow
by default since type_alias_enum_variants
is stable. Effectively sets the minimum supported Rust version to 1.37.0.IdTokenClaims
and UserInfoClaimsImpl
that caused standard claims to be exposed to the deserializer for AC
(additional claims). When using AC types that capture all of the remaining claims, this could lead to duplicate keys after re-serializing the claims.Published by ramosbugs almost 5 years ago
EndUserPictureUrl
, EndUserProfileUrl
, and EndUserWebsiteUrl
wrap a String
instead of a Url
Published by ramosbugs almost 5 years ago
IdTokenFields::id_token
and TokenResponse::id_token
return an Option
.RefreshIdTokenFields
now that it's identical to IdTokenFields
.NonceVerifier
.DateTime
arguments and return types owned values instead of references.enable_openid_scope
and disable_openid_scope
methods to Client
.require_audience_match
and require_issuer_match
methods to IdTokenVerifier
.aud
claim (defaults to empty Vec
). Note that ID token validation will still fail unless require_audience_match
is used to disable audience validation.IdToken::into_claims
method.UserInfoClaims::standard_claims
method.Published by ramosbugs almost 5 years ago
oauth2
dependency to 3.0.0-alpha.6
, which changes the constructors for the URL-based NewTypes (AuthUrl
, TokenUrl
, RedirectUrl
). See that crate's release notes for details. This update also renames reqwest::async_http_client
to reqwest::future_http_client
and each request_async
method to request_future
.