pax_global_header 0000666 0000000 0000000 00000000064 14300662245 0014514 g ustar 00root root 0000000 0000000 52 comment=d499c582ae505c4cec53836a5cfef0e034b29f33 oauth2-2.0.7/ 0000775 0000000 0000000 00000000000 14300662245 0012724 5 ustar 00root root 0000000 0000000 oauth2-2.0.7/.github/ 0000775 0000000 0000000 00000000000 14300662245 0014264 5 ustar 00root root 0000000 0000000 oauth2-2.0.7/.github/FUNDING.yml 0000664 0000000 0000000 00000001534 14300662245 0016104 0 ustar 00root root 0000000 0000000 # These are supported funding model platforms github: [pboling] # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] patreon: galtzo # Replace with a single Patreon username open_collective: # Replace with a single Open Collective username ko_fi: pboling # Replace with a single Ko-fi username tidelift: rubygems/oauth2 # Replace with a single Tidelift platform-name/package-name e.g., npm/babel community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry liberapay: pboling # Replace with a single Liberapay username issuehunt: pboling # Replace with a single IssueHunt username otechie: # Replace with a single Otechie username lfx_crowdfunding: # Replace with a single LFX Crowdfunding project-name e.g., cloud-foundry custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2'] oauth2-2.0.7/.github/dependabot.yml 0000664 0000000 0000000 00000000322 14300662245 0017111 0 ustar 00root root 0000000 0000000 version: 2 updates: - package-ecosystem: bundler directory: "/" schedule: interval: daily time: "04:28" open-pull-requests-limit: 10 ignore: - dependency-name: "rubocop-lts" oauth2-2.0.7/.github/workflows/ 0000775 0000000 0000000 00000000000 14300662245 0016321 5 ustar 00root root 0000000 0000000 oauth2-2.0.7/.github/workflows/codeql-analysis.yml 0000664 0000000 0000000 00000004503 14300662245 0022136 0 ustar 00root root 0000000 0000000 # For most projects, this workflow file will not need changing; you simply need # to commit it to your repository. # # You may wish to alter this file to override the set of languages analyzed, # or to provide custom queries or build logic. # # ******** NOTE ******** # We have attempted to detect the languages in your repository. Please check # the `language` matrix defined below to confirm you have the correct set of # supported CodeQL languages. # name: "CodeQL" on: push: branches: [ master, main, "*-stable" ] pull_request: # The branches below must be a subset of the branches above branches: [ master, main, "*-stable" ] schedule: - cron: '35 1 * * 5' jobs: analyze: name: Analyze runs-on: ubuntu-latest permissions: actions: read contents: read security-events: write strategy: fail-fast: false matrix: language: [ 'ruby' ] # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] # Learn more about CodeQL language support at https://git.io/codeql-language-support steps: - name: Checkout repository uses: actions/checkout@v3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@v1 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. # By default, queries listed here will override any specified in a config file. # Prefix the list here with "+" to use these queries and those in the config file. # queries: ./path/to/local/query, your-org/your-repo/queries@main # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild uses: github/codeql-action/autobuild@v1 # ℹ️ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines # and modify them (or add more) to build your code if your project # uses a compiled language #- run: | # make bootstrap # make release - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v1 oauth2-2.0.7/.github/workflows/coverage.yml 0000664 0000000 0000000 00000007054 14300662245 0020645 0 ustar 00root root 0000000 0000000 name: Code Coverage env: CI_CODECOV: true COVER_ALL: true on: push: branches: - 'main' - 'master' - '*-maintenance' - '*-dev' - '*-stable' tags: - '!*' # Do not execute on tags pull_request: branches: - '*' # Allow manually triggering the workflow. workflow_dispatch: # Cancels all previous workflow runs for the same branch that have not yet completed. concurrency: # The concurrency group contains the workflow name and the branch name. group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: test: name: Specs with Coverage - Ruby ${{ matrix.ruby }} ${{ matrix.name_extra || '' }} if: "!contains(github.event.commits[0].message, '[ci skip]') && !contains(github.event.commits[0].message, '[skip ci]')" strategy: fail-fast: false matrix: experimental: [false] rubygems: - latest bundler: - latest ruby: - "2.7" runs-on: ubuntu-latest continue-on-error: ${{ matrix.experimental || endsWith(matrix.ruby, 'head') }} steps: - uses: amancevice/setup-code-climate@v0 name: CodeClimate Install if: matrix.ruby == '2.7' && github.event_name != 'pull_request' && always() with: cc_test_reporter_id: ${{ secrets.CC_TEST_REPORTER_ID }} - name: Checkout uses: actions/checkout@v3 - name: Setup Ruby & Bundle uses: ruby/setup-ruby@v1 with: ruby-version: ${{ matrix.ruby }} rubygems: ${{ matrix.rubygems }} bundler: ${{ matrix.bundler }} bundler-cache: true - name: CodeClimate Pre-build Notification run: cc-test-reporter before-build if: matrix.ruby == '2.7' && github.event_name != 'pull_request' && always() continue-on-error: ${{ matrix.experimental != 'false' }} - name: Run tests run: bundle exec rake test - name: CodeClimate Post-build Notification run: cc-test-reporter after-build if: matrix.ruby == '2.7' && github.event_name != 'pull_request' && always() continue-on-error: ${{ matrix.experimental != 'false' }} - name: Code Coverage Summary Report uses: irongut/CodeCoverageSummary@v1.2.0 with: filename: ./coverage/coverage.xml badge: true fail_below_min: true format: markdown hide_branch_rate: true hide_complexity: true indicators: true output: both thresholds: '100 95' continue-on-error: ${{ matrix.experimental != 'false' }} - name: Add Coverage PR Comment uses: marocchino/sticky-pull-request-comment@v2 if: matrix.ruby == '2.7' && always() with: recreate: true path: code-coverage-results.md continue-on-error: ${{ matrix.experimental != 'false' }} - name: Coveralls uses: coverallsapp/github-action@master if: matrix.ruby == '2.7' && github.event_name != 'pull_request' && always() with: github-token: ${{ secrets.GITHUB_TOKEN }} continue-on-error: ${{ matrix.experimental != 'false' }} # Using the codecov gem instead. # - name: CodeCov # uses: codecov/codecov-action@v2 # if: matrix.ruby == '2.7' && github.event_name != 'pull_request' && always() # with: # files: ./coverage/coverage.xml # flags: unittests # name: codecov-upload # fail_ci_if_error: true # continue-on-error: ${{ matrix.experimental != 'false' }} oauth2-2.0.7/.github/workflows/danger.yml 0000664 0000000 0000000 00000002303 14300662245 0020302 0 ustar 00root root 0000000 0000000 name: What's up Danger? on: pull_request: branches: - 'main' - 'master' - '*-stable' jobs: danger: runs-on: ubuntu-latest env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps BUNDLE_GEMFILE: ${{ github.workspace }}/gemfiles/${{ matrix.gemfile }}.gemfile if: false # if: github.event_name == 'pull_request' # if only run pull request when multiple trigger workflow strategy: fail-fast: false matrix: gemfile: - f2 rubygems: - latest bundler: - latest ruby: - "2.7" steps: - name: Checkout uses: actions/checkout@v3 - name: Setup Ruby & Bundle uses: ruby/setup-ruby@v1 with: ruby-version: ${{ matrix.ruby }} rubygems: ${{ matrix.rubygems }} bundler: ${{ matrix.bundler }} bundler-cache: true - uses: MeilCli/danger-action@v5 with: plugins_file: 'Gemfile' install_path: 'vendor/bundle' danger_file: 'Dangerfile' danger_id: 'danger-pr' env: DANGER_GITHUB_API_TOKEN: ${{ secrets.DANGER_GITHUB_API_TOKEN }} oauth2-2.0.7/.github/workflows/heads.yml 0000664 0000000 0000000 00000004320 14300662245 0020127 0 ustar 00root root 0000000 0000000 name: Heads on: push: branches: - 'main' - 'master' - '*-maintenance' - '*-dev' - '*-stable' tags: - '!*' # Do not execute on tags pull_request: branches: - '*' # Allow manually triggering the workflow. workflow_dispatch: # Cancels all previous workflow runs for the same branch that have not yet completed. concurrency: # The concurrency group contains the workflow name and the branch name. group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: test: name: Specs - Ruby ${{ matrix.ruby }} ${{matrix.gemfile}} ${{ matrix.name_extra || '' }} env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps BUNDLE_GEMFILE: ${{ github.workspace }}/gemfiles/${{ matrix.gemfile }}.gemfile if: "!contains(github.event.commits[0].message, '[ci skip]') && !contains(github.event.commits[0].message, '[skip ci]')" strategy: fail-fast: false matrix: experimental: [true] gemfile: - f0 - f1 - f2 rubygems: - latest bundler: - latest ruby: - truffleruby+graalvm-head - truffleruby-head - ruby-head include: # Includes a new variable experimental with a value of false # for the matrix legs matching rubygems: latest, which is all of them. # This is here for parity with the unsupported.yml # This is a hack. Combined with continue-on-error it should allow us # to have a workflow with allowed failure. # This is the "supported" build matrix, so only the "head" builds are experimental here. - rubygems: latest experimental: true runs-on: ubuntu-latest continue-on-error: ${{ matrix.experimental || endsWith(matrix.ruby, 'head') }} steps: - name: Checkout uses: actions/checkout@v3 - name: Setup Ruby & Bundle uses: ruby/setup-ruby@v1 with: ruby-version: ${{ matrix.ruby }} rubygems: ${{ matrix.rubygems }} bundler: ${{ matrix.bundler }} bundler-cache: true - name: Run tests run: bundle exec rake test oauth2-2.0.7/.github/workflows/jruby-head.yml 0000664 0000000 0000000 00000004246 14300662245 0021104 0 ustar 00root root 0000000 0000000 name: JRuby Head on: push: branches: - 'main' - 'master' - '*-maintenance' - '*-dev' - '*-stable' tags: - '!*' # Do not execute on tags pull_request: branches: - '*' # Allow manually triggering the workflow. workflow_dispatch: # Cancels all previous workflow runs for the same branch that have not yet completed. concurrency: # The concurrency group contains the workflow name and the branch name. group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: test: name: Specs - Ruby ${{ matrix.ruby }} ${{matrix.gemfile}} ${{ matrix.name_extra || '' }} env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps BUNDLE_GEMFILE: ${{ github.workspace }}/gemfiles/${{ matrix.gemfile }}.gemfile if: "false" # if: "!contains(github.event.commits[0].message, '[ci skip]') && !contains(github.event.commits[0].message, '[skip ci]')" strategy: fail-fast: false matrix: experimental: [true] gemfile: - f0 - f1 - f2 rubygems: - latest bundler: - latest ruby: - jruby-head include: # Includes a new variable experimental with a value of false # for the matrix legs matching rubygems: latest, which is all of them. # This is here for parity with the unsupported.yml # This is a hack. Combined with continue-on-error it should allow us # to have a workflow with allowed failure. # This is the "supported" build matrix, so only the "head" builds are experimental here. - rubygems: latest experimental: true runs-on: ubuntu-latest continue-on-error: ${{ matrix.experimental || endsWith(matrix.ruby, 'head') }} steps: - name: Checkout uses: actions/checkout@v3 - name: Setup Ruby & Bundle uses: ruby/setup-ruby@v1 with: ruby-version: ${{ matrix.ruby }} rubygems: ${{ matrix.rubygems }} bundler: ${{ matrix.bundler }} bundler-cache: true - name: Run tests run: bundle exec rake test oauth2-2.0.7/.github/workflows/macos-ancient.yml 0000664 0000000 0000000 00000003136 14300662245 0021570 0 ustar 00root root 0000000 0000000 name: Old MacOS on: push: branches: - 'main' - 'master' - '*-maintenance' - '*-dev' - '*-stable' tags: - '!*' # Do not execute on tags pull_request: branches: - '*' # Allow manually triggering the workflow. workflow_dispatch: # Cancels all previous workflow runs for the same branch that have not yet completed. concurrency: # The concurrency group contains the workflow name and the branch name. group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: test: name: Specs - Ruby ${{ matrix.ruby }} ${{matrix.gemfile}} ${{ matrix.name_extra || '' }} env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps BUNDLE_GEMFILE: ${{ github.workspace }}/gemfiles/${{ matrix.gemfile }}.gemfile if: "false" # if: "!contains(github.event.commits[0].message, '[ci skip]') && !contains(github.event.commits[0].message, '[skip ci]')" strategy: fail-fast: false matrix: experimental: [true] gemfile: - f0 rubygems: - "2.7.11" ruby: - "1.9" - "2.0" - "2.1" - "2.2" runs-on: macos-10.15 continue-on-error: ${{ matrix.experimental || endsWith(matrix.ruby, 'head') }} steps: - name: Checkout uses: actions/checkout@v3 - name: Setup Ruby & Bundle uses: ruby/setup-ruby@v1 with: ruby-version: ${{ matrix.ruby }} rubygems: ${{ matrix.rubygems }} bundler-cache: true - name: Run tests run: bundle exec rake test oauth2-2.0.7/.github/workflows/macos.yml 0000664 0000000 0000000 00000003254 14300662245 0020152 0 ustar 00root root 0000000 0000000 name: MacOS on: push: branches: - 'main' - 'master' - '*-maintenance' - '*-dev' - '*-stable' tags: - '!*' # Do not execute on tags pull_request: branches: - '*' # Allow manually triggering the workflow. workflow_dispatch: # Cancels all previous workflow runs for the same branch that have not yet completed. concurrency: # The concurrency group contains the workflow name and the branch name. group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: test: name: Specs - Ruby ${{ matrix.ruby }} ${{matrix.gemfile}} ${{ matrix.name_extra || '' }} env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps BUNDLE_GEMFILE: ${{ github.workspace }}/gemfiles/${{ matrix.gemfile }}.gemfile if: "!contains(github.event.commits[0].message, '[ci skip]') && !contains(github.event.commits[0].message, '[skip ci]')" strategy: fail-fast: false matrix: experimental: [true] gemfile: - f2 rubygems: - latest bundler: - latest ruby: - "2.7" - "3.0" - "3.1" - truffleruby - jruby runs-on: macos-latest continue-on-error: ${{ matrix.experimental || endsWith(matrix.ruby, 'head') }} steps: - name: Checkout uses: actions/checkout@v3 - name: Setup Ruby & Bundle uses: ruby/setup-ruby@v1 with: ruby-version: ${{ matrix.ruby }} rubygems: ${{ matrix.rubygems }} bundler: ${{ matrix.bundler }} bundler-cache: true - name: Run tests run: bundle exec rake test oauth2-2.0.7/.github/workflows/style.yml 0000664 0000000 0000000 00000001721 14300662245 0020205 0 ustar 00root root 0000000 0000000 name: Code Style Checks on: push: branches: - 'main' - 'master' - '*-maintenance' - '*-dev' - '*-stable' tags: - '!*' # Do not execute on tags pull_request: branches: - '*' jobs: rubocop: name: Rubocop if: "!contains(github.event.commits[0].message, '[ci skip]') && !contains(github.event.commits[0].message, '[skip ci]')" strategy: fail-fast: false matrix: experimental: [false] rubygems: - latest bundler: - latest ruby: - "2.7" runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v3 - name: Setup Ruby & Bundle uses: ruby/setup-ruby@v1 with: ruby-version: ${{ matrix.ruby }} rubygems: ${{ matrix.rubygems }} bundler: ${{ matrix.bundler }} bundler-cache: true - name: Run Rubocop run: bundle exec rubocop -DESP oauth2-2.0.7/.github/workflows/supported.yml 0000664 0000000 0000000 00000003327 14300662245 0021076 0 ustar 00root root 0000000 0000000 name: Official Support on: push: branches: - 'main' - 'master' - '*-maintenance' - '*-dev' - '*-stable' tags: - '!*' # Do not execute on tags pull_request: branches: - '*' # Allow manually triggering the workflow. workflow_dispatch: # Cancels all previous workflow runs for the same branch that have not yet completed. concurrency: # The concurrency group contains the workflow name and the branch name. group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: test: name: Specs - Ruby ${{ matrix.ruby }} ${{matrix.gemfile}} ${{ matrix.name_extra || '' }} env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps BUNDLE_GEMFILE: ${{ github.workspace }}/gemfiles/${{ matrix.gemfile }}.gemfile if: "!contains(github.event.commits[0].message, '[ci skip]') && !contains(github.event.commits[0].message, '[skip ci]')" strategy: fail-fast: false matrix: experimental: [false] gemfile: - f0 - f1 - f2 rubygems: - latest bundler: - latest ruby: - "2.7" - "3.0" - "3.1" - truffleruby - jruby runs-on: ubuntu-latest continue-on-error: ${{ matrix.experimental || endsWith(matrix.ruby, 'head') }} steps: - name: Checkout uses: actions/checkout@v3 - name: Setup Ruby & Bundle uses: ruby/setup-ruby@v1 with: ruby-version: ${{ matrix.ruby }} rubygems: ${{ matrix.rubygems }} bundler: ${{ matrix.bundler }} bundler-cache: true - name: Run tests run: bundle exec rake test oauth2-2.0.7/.github/workflows/unsupported.yml 0000664 0000000 0000000 00000003631 14300662245 0021437 0 ustar 00root root 0000000 0000000 name: Unofficial Support on: push: branches: - 'main' - 'master' - '*-maintenance' - '*-dev' - '*-stable' tags: - '!*' # Do not execute on tags pull_request: branches: - '*' # Allow manually triggering the workflow. workflow_dispatch: # Cancels all previous workflow runs for the same branch that have not yet completed. concurrency: # The concurrency group contains the workflow name and the branch name. group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: test: name: Specs - Ruby ${{ matrix.ruby }} ${{matrix.gemfile}} ${{ matrix.name_extra || '' }} env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps BUNDLE_GEMFILE: ${{ github.workspace }}/gemfiles/${{ matrix.gemfile }}.gemfile if: "!contains(github.event.commits[0].message, '[ci skip]') && !contains(github.event.commits[0].message, '[skip ci]')" strategy: fail-fast: false matrix: experimental: [false] gemfile: - f0 - f1 - f2 rubygems: - latest bundler: - latest ruby: - "2.3" - "2.4" - "2.5" - "2.6" exclude: - ruby: "2.3" gemfile: "f1" - ruby: "2.3" gemfile: "f2" - ruby: "2.4" gemfile: "f2" - ruby: "2.5" gemfile: "f2" runs-on: ubuntu-20.04 continue-on-error: ${{ matrix.experimental || endsWith(matrix.ruby, 'head') }} steps: - name: Checkout uses: actions/checkout@v3 - name: Setup Ruby & Bundle uses: ruby/setup-ruby@v1 with: ruby-version: ${{ matrix.ruby }} rubygems: ${{ matrix.rubygems }} bundler: ${{ matrix.bundler }} bundler-cache: true - name: Run tests run: bundle exec rake test oauth2-2.0.7/.github/workflows/windows-jruby.yml 0000664 0000000 0000000 00000003123 14300662245 0021666 0 ustar 00root root 0000000 0000000 name: Windows JRuby on: push: branches: - 'main' - 'master' - '*-maintenance' - '*-dev' - '*-stable' tags: - '!*' # Do not execute on tags pull_request: branches: - '*' # Allow manually triggering the workflow. workflow_dispatch: # Cancels all previous workflow runs for the same branch that have not yet completed. concurrency: # The concurrency group contains the workflow name and the branch name. group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: test: name: Specs - Ruby ${{ matrix.ruby }} ${{matrix.gemfile}} ${{ matrix.name_extra || '' }} env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps BUNDLE_GEMFILE: ${{ github.workspace }}/gemfiles/${{ matrix.gemfile }}.gemfile if: "false" # if: "!contains(github.event.commits[0].message, '[ci skip]') && !contains(github.event.commits[0].message, '[skip ci]')" strategy: fail-fast: false matrix: experimental: [true] gemfile: - f2 bundler: - none ruby: - jruby runs-on: windows-latest continue-on-error: ${{ matrix.experimental || endsWith(matrix.ruby, 'head') }} steps: - name: Checkout uses: actions/checkout@v3 - name: Setup Ruby & Bundle uses: ruby/setup-ruby@v1 with: ruby-version: ${{ matrix.ruby }} rubygems: ${{ matrix.rubygems }} bundler: ${{ matrix.bundler }} bundler-cache: true - name: Run tests run: bundle exec rake test oauth2-2.0.7/.github/workflows/windows.yml 0000664 0000000 0000000 00000003207 14300662245 0020540 0 ustar 00root root 0000000 0000000 name: Windows on: push: branches: - 'main' - 'master' - '*-maintenance' - '*-dev' - '*-stable' tags: - '!*' # Do not execute on tags pull_request: branches: - '*' # Allow manually triggering the workflow. workflow_dispatch: # Cancels all previous workflow runs for the same branch that have not yet completed. concurrency: # The concurrency group contains the workflow name and the branch name. group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: test: name: Specs - Ruby ${{ matrix.ruby }} ${{matrix.gemfile}} ${{ matrix.name_extra || '' }} env: # $BUNDLE_GEMFILE must be set at the job level, so it is set for all steps BUNDLE_GEMFILE: ${{ github.workspace }}/gemfiles/${{ matrix.gemfile }}.gemfile if: "!contains(github.event.commits[0].message, '[ci skip]') && !contains(github.event.commits[0].message, '[skip ci]')" strategy: fail-fast: false matrix: experimental: [false] gemfile: - f2 rubygems: - latest bundler: - latest ruby: - "2.7" - "3.0" - "3.1" runs-on: windows-latest continue-on-error: ${{ matrix.experimental || endsWith(matrix.ruby, 'head') }} steps: - name: Checkout uses: actions/checkout@v3 - name: Setup Ruby & Bundle uses: ruby/setup-ruby@v1 with: ruby-version: ${{ matrix.ruby }} rubygems: ${{ matrix.rubygems }} bundler: ${{ matrix.bundler }} bundler-cache: true - name: Run tests run: bundle exec rake test oauth2-2.0.7/.gitignore 0000664 0000000 0000000 00000000621 14300662245 0014713 0 ustar 00root root 0000000 0000000 # Build Artifacts /pkg/ /tmp/ # rspec failure tracking .rspec_status # Bundler Gemfile.lock /.bundle/ /gemfiles/.bundle/ /gemfiles/.bundle/config /gemfiles/vendor/ /gemfiles/*.lock # Specs /coverage/ /spec/reports/ # Documentation /.yardoc /_yardoc/ /doc/ /rdoc/ # RVM .rvmrc # Editors .idea *~ # Other /measurement/ /.byebug_history .DS_Store # Version Managers .ruby-version .tool-versions oauth2-2.0.7/.jrubyrc 0000664 0000000 0000000 00000000025 14300662245 0014402 0 ustar 00root root 0000000 0000000 debug.fullTrace=true oauth2-2.0.7/.overcommit.yml 0000664 0000000 0000000 00000002252 14300662245 0015712 0 ustar 00root root 0000000 0000000 # Use this file to configure the Overcommit hooks you wish to use. This will # extend the default configuration defined in: # https://github.com/sds/overcommit/blob/master/config/default.yml # # At the topmost level of this YAML file is a key representing type of hook # being run (e.g. pre-commit, commit-msg, etc.). Within each type you can # customize each hook, such as whether to only run it on certain files (via # `include`), whether to only display output if it fails (via `quiet`), etc. # # For a complete list of hooks, see: # https://github.com/sds/overcommit/tree/master/lib/overcommit/hook # # For a complete list of options that you can use to customize hooks, see: # https://github.com/sds/overcommit#configuration # # Uncomment the following lines to make the configuration take effect. PreCommit: RuboCop: enabled: true on_warn: fail # Treat all warnings as failures TrailingWhitespace: enabled: true PostCheckout: ALL: # Special hook name that customizes all hooks of this type quiet: true # Change all post-checkout hooks to only display output on failure # # IndexTags: # enabled: true # Generate a tags file with `ctags` each time HEAD changes oauth2-2.0.7/.rspec 0000664 0000000 0000000 00000000104 14300662245 0014034 0 ustar 00root root 0000000 0000000 --format documentation --require spec_helper --color --order random oauth2-2.0.7/.rubocop.yml 0000664 0000000 0000000 00000003340 14300662245 0015176 0 ustar 00root root 0000000 0000000 inherit_from: - .rubocop_todo.yml - .rubocop_rspec.yml inherit_gem: rubocop-lts: rubocop-lts.yml require: - 'rubocop-md' # Can be added once we reach rubocop-ruby2_3 # - 'rubocop-packaging' - 'rubocop-performance' - 'rubocop-rake' - 'rubocop-rspec' AllCops: DisplayCopNames: true # Display the name of the failing cops Exclude: - 'gemfiles/vendor/**/*' - 'vendor/**/*' - '**/.irbrc' Metrics/BlockLength: ExcludedMethods: - context - describe - it - shared_context - shared_examples - shared_examples_for - namespace - draw Gemspec/RequiredRubyVersion: Enabled: false Metrics/BlockNesting: Max: 2 Metrics/LineLength: Enabled: false Metrics/ParameterLists: Max: 4 Layout/AccessModifierIndentation: EnforcedStyle: outdent Layout/DotPosition: EnforcedStyle: trailing Layout/SpaceInsideHashLiteralBraces: EnforcedStyle: no_space Lint/UnusedBlockArgument: Exclude: - 'spec/**/*.rb' - 'gemfiles/vendor/**/*' - 'vendor/**/*' - '**/.irbrc' RSpec/DescribeClass: Exclude: - 'spec/examples/*' RSpec/NestedGroups: Enabled: false Style/ClassVars: Enabled: false Style/CollectionMethods: PreferredMethods: map: 'collect' reduce: 'inject' find: 'detect' find_all: 'select' Style/Documentation: Enabled: false Style/DoubleNegation: Enabled: false Style/EmptyMethod: EnforcedStyle: expanded Style/Encoding: Enabled: false # Does not work with older rubies #Style/MapToHash: # Enabled: false # Does not work with older rubies #Style/RedundantBegin: # Enabled: false Style/TrailingCommaInArrayLiteral: EnforcedStyleForMultiline: comma Style/TrailingCommaInHashLiteral: EnforcedStyleForMultiline: comma oauth2-2.0.7/.rubocop_rspec.yml 0000664 0000000 0000000 00000000543 14300662245 0016374 0 ustar 00root root 0000000 0000000 RSpec/FilePath: Enabled: false RSpec/MultipleExpectations: Enabled: false RSpec/NamedSubject: Enabled: false RSpec/ExampleLength: Enabled: false RSpec/VerifiedDoubles: Enabled: false RSpec/MessageSpies: Enabled: false RSpec/InstanceVariable: Enabled: false RSpec/NestedGroups: Enabled: false RSpec/ExpectInHook: Enabled: false oauth2-2.0.7/.rubocop_todo.yml 0000664 0000000 0000000 00000002030 14300662245 0016216 0 ustar 00root root 0000000 0000000 # This configuration was generated by # `rubocop --auto-gen-config` # on 2022-07-13 09:52:51 +0700 using RuboCop version 0.68.1. # The point is for the user to remove these configuration records # one by one as the offenses are removed from the code base. # Note that changes in the inspected code, or installation of new # versions of RuboCop, may require this file to be generated again. # Offense count: 9 Metrics/AbcSize: Max: 35 # Offense count: 6 # Configuration parameters: CountComments, ExcludedMethods. # ExcludedMethods: refine Metrics/BlockLength: Max: 35 # Offense count: 5 Metrics/CyclomaticComplexity: Max: 12 # Offense count: 10 # Configuration parameters: CountComments, ExcludedMethods. Metrics/MethodLength: Max: 34 # Offense count: 3 Metrics/PerceivedComplexity: Max: 13 # Offense count: 10 # Configuration parameters: Prefixes. # Prefixes: when, with, without RSpec/ContextWording: Exclude: - 'spec/oauth2/access_token_spec.rb' - 'spec/oauth2/authenticator_spec.rb' - 'spec/oauth2/client_spec.rb' oauth2-2.0.7/.simplecov 0000664 0000000 0000000 00000001655 14300662245 0014735 0 ustar 00root root 0000000 0000000 # frozen_string_literal: true # To get coverage # On Local, default (HTML) output, it just works, coverage is turned on: # bundle exec rspec spec # On Local, all output formats: # COVER_ALL=true bundle exec rspec spec # # On CI, all output formats, the ENV variables CI is always set, # and COVER_ALL, and CI_CODECOV, are set in the coverage.yml workflow only, # so coverage only runs in that workflow, and outputs all formats. # if RUN_COVERAGE SimpleCov.start do enable_coverage :branch primary_coverage :branch add_filter 'spec' add_filter 'lib/oauth2/version.rb' track_files '**/*.rb' if ALL_FORMATTERS command_name "#{ENV['GITHUB_WORKFLOW']} Job #{ENV['GITHUB_RUN_ID']}:#{ENV['GITHUB_RUN_NUMBER']}" else formatter SimpleCov::Formatter::HTMLFormatter end minimum_coverage(line: 100, branch: 100) end else puts "Not running coverage on #{RUBY_ENGINE} #{RUBY_VERSION}" end oauth2-2.0.7/CHANGELOG.md 0000664 0000000 0000000 00000061336 14300662245 0014546 0 ustar 00root root 0000000 0000000 # Changelog All notable changes to this project will be documented in this file. The format (since v2) is based on [Keep a Changelog v1](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.0.0.html). ## [2.0.7] - 2022-08-22 ### Added - [#629](https://github.com/oauth-xx/oauth2/pull/629) - Allow POST of JSON to get token (@pboling, @terracatta) ### Fixed - [#626](https://github.com/oauth-xx/oauth2/pull/626) - Fixes a regression in 2.0.6. Will now prefer the key order from the lookup, not the hash keys (@rickselby) - Note: This fixes compatibility with `omniauth-oauth2` and AWS - [#625](https://github.com/oauth-xx/oauth2/pull/625) - Fixes the printed version in the post install message (@hasghari) ## [2.0.6] - 2022-07-13 ### Fixed - [#624](https://github.com/oauth-xx/oauth2/pull/624) - Fixes a [regression](https://github.com/oauth-xx/oauth2/pull/623) in v2.0.5, where an error would be raised in refresh_token flows due to (legitimate) lack of access_token (@pboling) ## [2.0.5] - 2022-07-07 ### Fixed - [#620](https://github.com/oauth-xx/oauth2/pull/620) - Documentation improvements, to help with upgrading (@swanson) - [#621](https://github.com/oauth-xx/oauth2/pull/621) - Fixed [#528](https://github.com/oauth-xx/oauth2/issues/528) and [#619](https://github.com/oauth-xx/oauth2/issues/619) (@pboling) - All data in responses is now returned, with the access token removed and set as `token` - `refresh_token` is no longer dropped - **BREAKING**: Microsoft's `id_token` is no longer left as `access_token['id_token']`, but moved to the standard `access_token.token` that all other strategies use - Remove `parse` and `snaky` from options so they don't get included in response - There is now 100% test coverage, for lines _and_ branches, and it will stay that way. ## [2.0.4] - 2022-07-01 ### Fixed - [#618](https://github.com/oauth-xx/oauth2/pull/618) - In some scenarios the `snaky` option default value was not applied (@pboling) ## [2.0.3] - 2022-06-28 ### Added - [#611](https://github.com/oauth-xx/oauth2/pull/611) - Proper deprecation warnings for `extract_access_token` argument (@pboling) - [#612](https://github.com/oauth-xx/oauth2/pull/612) - Add `snaky: false` option to skip conversion to `OAuth2::SnakyHash` (default: true) (@pboling) ### Fixed - [#608](https://github.com/oauth-xx/oauth2/pull/608) - Wrap `Faraday::TimeoutError` in `OAuth2::TimeoutError` (@nbibler) - [#615](https://github.com/oauth-xx/oauth2/pull/615) - Fix support for requests with blocks, see `Faraday::Connection#run_request` (@pboling) ## [2.0.2] - 2022-06-24 ### Fixed - [#604](https://github.com/oauth-xx/oauth2/pull/604) - Wrap `Faraday::TimeoutError` in `OAuth2::TimeoutError` (@stanhu) - [#606](https://github.com/oauth-xx/oauth2/pull/606) - Ruby 2.7 deprecation warning fix: Move `access_token_class` parameter into `Client` constructor (@stanhu) - [#607](https://github.com/oauth-xx/oauth2/pull/607) - CHANGELOG correction, reference to `OAuth2::ConnectionError` (@zavan) ## [2.0.1] - 2022-06-22 ### Added - Documentation improvements (@pboling) - Increased test coverage to 99% (@pboling) ## [2.0.0] - 2022-06-21 ### Added - [#158](https://github.com/oauth-xx/oauth2/pull/158), [#344](https://github.com/oauth-xx/oauth2/pull/344) - Optionally pass raw response to parsers (@niels) - [#190](https://github.com/oauth-xx/oauth2/pull/190), [#332](https://github.com/oauth-xx/oauth2/pull/332), [#334](https://github.com/oauth-xx/oauth2/pull/334), [#335](https://github.com/oauth-xx/oauth2/pull/335), [#360](https://github.com/oauth-xx/oauth2/pull/360), [#426](https://github.com/oauth-xx/oauth2/pull/426), [#427](https://github.com/oauth-xx/oauth2/pull/427), [#461](https://github.com/oauth-xx/oauth2/pull/461) - Documentation (@josephpage, @pboling, @meganemura, @joshRpowell, @elliotcm) - [#220](https://github.com/oauth-xx/oauth2/pull/220) - Support IETF rfc7523 JWT Bearer Tokens Draft 04+ (@jhmoore) - [#298](https://github.com/oauth-xx/oauth2/pull/298) - Set the response object on the access token on Client#get_token for debugging (@cpetschnig) - [#305](https://github.com/oauth-xx/oauth2/pull/305) - Option: `OAuth2::Client#get_token` - `:access_token_class` (`AccessToken`); user specified class to use for all calls to `get_token` (@styd) - [#346](https://github.com/oauth-xx/oauth2/pull/571) - Modern gem structure (@pboling) - [#351](https://github.com/oauth-xx/oauth2/pull/351) - Support Jruby 9k (@pboling) - [#362](https://github.com/oauth-xx/oauth2/pull/362) - Support SemVer release version scheme (@pboling) - [#363](https://github.com/oauth-xx/oauth2/pull/363) - New method `OAuth2::AccessToken#refresh!` same as old `refresh`, with backwards compatibility alias (@pboling) - [#364](https://github.com/oauth-xx/oauth2/pull/364) - Support `application/hal+json` format (@pboling) - [#365](https://github.com/oauth-xx/oauth2/pull/365) - Support `application/vnd.collection+json` format (@pboling) - [#376](https://github.com/oauth-xx/oauth2/pull/376) - _Documentation_: Example / Test for Google 2-legged JWT (@jhmoore) - [#381](https://github.com/oauth-xx/oauth2/pull/381) - Spec for extra header params on client credentials (@nikz) - [#394](https://github.com/oauth-xx/oauth2/pull/394) - Option: `OAuth2::AccessToken#initialize` - `:expires_latency` (`nil`); number of seconds by which AccessToken validity will be reduced to offset latency (@klippx) - [#412](https://github.com/oauth-xx/oauth2/pull/412) - Support `application/vdn.api+json` format (from jsonapi.org) (@david-christensen) - [#413](https://github.com/oauth-xx/oauth2/pull/413) - _Documentation_: License scan and report (@meganemura) - [#442](https://github.com/oauth-xx/oauth2/pull/442) - Option: `OAuth2::Client#initialize` - `:logger` (`::Logger.new($stdout)`) logger to use when OAUTH_DEBUG is enabled (for parity with `1-4-stable` branch) (@rthbound) - [#494](https://github.com/oauth-xx/oauth2/pull/494) - Support [OIDC 1.0 Private Key JWT](https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication); based on the OAuth JWT assertion specification [(RFC 7523)](https://tools.ietf.org/html/rfc7523) (@SteveyblamWork) - [#549](https://github.com/oauth-xx/oauth2/pull/549) - Wrap `Faraday::ConnectionFailed` in `OAuth2::ConnectionError` (@nikkypx) - [#550](https://github.com/oauth-xx/oauth2/pull/550) - Raise error if location header not present when redirecting (@stanhu) - [#552](https://github.com/oauth-xx/oauth2/pull/552) - Add missing `version.rb` require (@ahorek) - [#553](https://github.com/oauth-xx/oauth2/pull/553) - Support `application/problem+json` format (@janz93) - [#560](https://github.com/oauth-xx/oauth2/pull/560) - Support IETF rfc6749, section 2.3.1 - don't set auth params when `nil` (@bouk) - [#571](https://github.com/oauth-xx/oauth2/pull/571) - Support Ruby 3.1 (@pboling) - [#575](https://github.com/oauth-xx/oauth2/pull/575) - Support IETF rfc7231, section 7.1.2 - relative location in redirect (@pboling) - [#581](https://github.com/oauth-xx/oauth2/pull/581) - _Documentation_: of breaking changes (@pboling) ### Changed - [#191](https://github.com/oauth-xx/oauth2/pull/191) - **BREAKING**: Token is expired if `expired_at` time is `now` (@davestevens) - [#312](https://github.com/oauth-xx/oauth2/pull/312) - **BREAKING**: Set `:basic_auth` as default for `:auth_scheme` instead of `:request_body`. This was default behavior before 1.3.0. (@tetsuya, @wy193777) - [#317](https://github.com/oauth-xx/oauth2/pull/317) - _Dependency_: Upgrade `jwt` to 2.x.x (@travisofthenorth) - [#338](https://github.com/oauth-xx/oauth2/pull/338) - _Dependency_: Switch from `Rack::Utils.escape` to `CGI.escape` (@josephpage) - [#339](https://github.com/oauth-xx/oauth2/pull/339), [#368](https://github.com/oauth-xx/oauth2/pull/368), [#424](https://github.com/oauth-xx/oauth2/pull/424), [#479](https://github.com/oauth-xx/oauth2/pull/479), [#493](https://github.com/oauth-xx/oauth2/pull/493), [#539](https://github.com/oauth-xx/oauth2/pull/539), [#542](https://github.com/oauth-xx/oauth2/pull/542), [#553](https://github.com/oauth-xx/oauth2/pull/553) - CI Updates, code coverage, linting, spelling, type fixes, New VERSION constant (@pboling, @josephpage, @ahorek) - [#410](https://github.com/oauth-xx/oauth2/pull/410) - **BREAKING**: Removed the ability to call .error from an OAuth2::Response object (@jhmoore) - [#414](https://github.com/oauth-xx/oauth2/pull/414) - Use Base64.strict_encode64 instead of custom internal logic (@meganemura) - [#489](https://github.com/oauth-xx/oauth2/pull/489) - **BREAKING**: Default value for option `OAuth2::Client` - `:authorize_url` removed leading slash to work with relative paths by default (`'oauth/authorize'`) (@ghost) - [#489](https://github.com/oauth-xx/oauth2/pull/489) - **BREAKING**: Default value for option `OAuth2::Client` - `:token_url` removed leading slash to work with relative paths by default (`'oauth/token'`) (@ghost) - [#507](https://github.com/oauth-xx/oauth2/pull/507), [#575](https://github.com/oauth-xx/oauth2/pull/575) - **BREAKING**: Transform keys to camel case, always, by default (ultimately via `rash_alt` gem) - Original keys will still work as previously, in most scenarios, thanks to `rash_alt` gem. - However, this is a _breaking_ change if you rely on `response.parsed.to_h`, as the keys in the result will be camel case. - As of version 2.0.4 you can turn key transformation off with the `snaky: false` option. - [#576](https://github.com/oauth-xx/oauth2/pull/576) - **BREAKING**: Stop rescuing parsing errors (@pboling) - [#591](https://github.com/oauth-xx/oauth2/pull/576) - _DEPRECATION_: `OAuth2::Client` - `:extract_access_token` option is deprecated ### Fixed - [#158](https://github.com/oauth-xx/oauth2/pull/158), [#344](https://github.com/oauth-xx/oauth2/pull/344) - Handling of errors when using `omniauth-facebook` (@niels) - [#294](https://github.com/oauth-xx/oauth2/pull/294) - Fix: "Unexpected middleware set" issue with Faraday when `OAUTH_DEBUG=true` (@spectator, @gafrom) - [#300](https://github.com/oauth-xx/oauth2/pull/300) - _Documentation_: `Oauth2::Error` - Error codes are strings, not symbols (@NobodysNightmare) - [#318](https://github.com/oauth-xx/oauth2/pull/318), [#326](https://github.com/oauth-xx/oauth2/pull/326), [#343](https://github.com/oauth-xx/oauth2/pull/343), [#347](https://github.com/oauth-xx/oauth2/pull/347), [#397](https://github.com/oauth-xx/oauth2/pull/397), [#464](https://github.com/oauth-xx/oauth2/pull/464), [#561](https://github.com/oauth-xx/oauth2/pull/561), [#565](https://github.com/oauth-xx/oauth2/pull/565) - _Dependency_: Support all versions of `faraday` (see [gemfiles/README.md][gemfiles/readme] for compatibility matrix with Ruby engines & versions) (@pboling, @raimondasv, @zacharywelch, @Fudoshiki, @ryogift, @sj26, @jdelStrother) - [#322](https://github.com/oauth-xx/oauth2/pull/322), [#331](https://github.com/oauth-xx/oauth2/pull/331), [#337](https://github.com/oauth-xx/oauth2/pull/337), [#361](https://github.com/oauth-xx/oauth2/pull/361), [#371](https://github.com/oauth-xx/oauth2/pull/371), [#377](https://github.com/oauth-xx/oauth2/pull/377), [#383](https://github.com/oauth-xx/oauth2/pull/383), [#392](https://github.com/oauth-xx/oauth2/pull/392), [#395](https://github.com/oauth-xx/oauth2/pull/395), [#400](https://github.com/oauth-xx/oauth2/pull/400), [#401](https://github.com/oauth-xx/oauth2/pull/401), [#403](https://github.com/oauth-xx/oauth2/pull/403), [#415](https://github.com/oauth-xx/oauth2/pull/415), [#567](https://github.com/oauth-xx/oauth2/pull/567) - Updated Rubocop, Rubocop plugins and improved code style (@pboling, @bquorning, @lautis, @spectator) - [#328](https://github.com/oauth-xx/oauth2/pull/328) - _Documentation_: Homepage URL is SSL (@amatsuda) - [#339](https://github.com/oauth-xx/oauth2/pull/339), [#479](https://github.com/oauth-xx/oauth2/pull/479) - Update testing infrastructure for all supported Rubies (@pboling and @josephpage) - [#366](https://github.com/oauth-xx/oauth2/pull/366) - **Security**: Fix logging to `$stdout` of request and response bodies via Faraday's logger and `ENV["OAUTH_DEBUG"] == 'true'` (@pboling) - [#380](https://github.com/oauth-xx/oauth2/pull/380) - Fix: Stop attempting to encode non-encodable objects in `Oauth2::Error` (@jhmoore) - [#399](https://github.com/oauth-xx/oauth2/pull/399) - Fix: Stop duplicating `redirect_uri` in `get_token` (@markus) - [#410](https://github.com/oauth-xx/oauth2/pull/410) - Fix: `SystemStackError` caused by circular reference between Error and Response classes (@jhmoore) - [#460](https://github.com/oauth-xx/oauth2/pull/460) - Fix: Stop throwing errors when `raise_errors` is set to `false`; analog of [#524](https://github.com/oauth-xx/oauth2/pull/524) for `1-4-stable` branch (@joaolrpaulo) - [#472](https://github.com/oauth-xx/oauth2/pull/472) - **Security**: Add checks to enforce `client_secret` is *never* passed in authorize_url query params for `implicit` and `auth_code` grant types (@dfockler) - [#482](https://github.com/oauth-xx/oauth2/pull/482) - _Documentation_: Update last of `intridea` links to `oauth-xx` (@pboling) - [#536](https://github.com/oauth-xx/oauth2/pull/536) - **Security**: Compatibility with more (and recent) Ruby OpenSSL versions, Github Actions, Rubocop updated, analogous to [#535](https://github.com/oauth-xx/oauth2/pull/535) on `1-4-stable` branch (@pboling) - [#595](https://github.com/oauth-xx/oauth2/pull/595) - Graceful handling of empty responses from `Client#get_token`, respecting `:raise_errors` config (@stanhu) - [#596](https://github.com/oauth-xx/oauth2/pull/596) - Consistency between `AccessToken#refresh` and `Client#get_token` named arguments (@stanhu) - [#598](https://github.com/oauth-xx/oauth2/pull/598) - Fix unparseable data not raised as error in `Client#get_token`, respecting `:raise_errors` config (@stanhu) ### Removed - [#341](https://github.com/oauth-xx/oauth2/pull/341) - Remove Rdoc & Jeweler related files (@josephpage) - [#342](https://github.com/oauth-xx/oauth2/pull/342) - **BREAKING**: Dropped support for Ruby 1.8 (@josephpage) - [#539](https://github.com/oauth-xx/oauth2/pull/539) - Remove reliance on globally included OAuth2 in tests, analog of [#538](https://github.com/oauth-xx/oauth2/pull/538) for 1-4-stable (@anderscarling) - [#566](https://github.com/oauth-xx/oauth2/pull/566) - _Dependency_: Removed `wwtd` (@bquorning) - [#589](https://github.com/oauth-xx/oauth2/pull/589), [#593](https://github.com/oauth-xx/oauth2/pull/593) - Remove support for expired MAC token draft spec (@stanhu) - [#590](https://github.com/oauth-xx/oauth2/pull/590) - _Dependency_: Removed `multi_json` (@stanhu) ## [1.4.10] - 2022-07-01 - FIPS Compatibility [#587](https://github.com/oauth-xx/oauth2/pull/587) (@akostadinov) ## [1.4.9] - 2022-02-20 - Fixes compatibility with Faraday v2 [572](https://github.com/oauth-xx/oauth2/issues/572) - Includes supported versions of Faraday in test matrix: - Faraday ~> 2.2.0 with Ruby >= 2.6 - Faraday ~> 1.10 with Ruby >= 2.4 - Faraday ~> 0.17.3 with Ruby >= 1.9 - Add Windows and MacOS to test matrix ## [1.4.8] - 2022-02-18 - MFA is now required to push new gem versions (@pboling) - README overhaul w/ new Ruby Version and Engine compatibility policies (@pboling) - [#569](https://github.com/oauth-xx/oauth2/pull/569) Backport fixes ([#561](https://github.com/oauth-xx/oauth2/pull/561) by @ryogift), and add more fixes, to allow faraday 1.x and 2.x (@jrochkind) - Improve Code Coverage tracking (Coveralls, CodeCov, CodeClimate), and enable branch coverage (@pboling) - Add CodeQL, Security Policy, Funding info (@pboling) - Added Ruby 3.1, jruby, jruby-head, truffleruby, truffleruby-head to build matrix (@pboling) - [#543](https://github.com/oauth-xx/oauth2/pull/543) - Support for more modern Open SSL libraries (@pboling) ## [1.4.7] - 2021-03-19 - [#541](https://github.com/oauth-xx/oauth2/pull/541) - Backport fix to expires_at handling [#533](https://github.com/oauth-xx/oauth2/pull/533) to 1-4-stable branch. (@dobon) ## [1.4.6] - 2021-03-19 - [#540](https://github.com/oauth-xx/oauth2/pull/540) - Add VERSION constant (@pboling) - [#537](https://github.com/oauth-xx/oauth2/pull/537) - Fix crash in OAuth2::Client#get_token (@anderscarling) - [#538](https://github.com/oauth-xx/oauth2/pull/538) - Remove reliance on globally included OAuth2 in tests, analogous to [#539](https://github.com/oauth-xx/oauth2/pull/539) on master branch (@anderscarling) ## [1.4.5] - 2021-03-18 - [#535](https://github.com/oauth-xx/oauth2/pull/535) - Compatibility with range of supported Ruby OpenSSL versions, Rubocop updates, Github Actions, analogous to [#536](https://github.com/oauth-xx/oauth2/pull/536) on master branch (@pboling) - [#518](https://github.com/oauth-xx/oauth2/pull/518) - Add extract_access_token option to OAuth2::Client (@jonspalmer) - [#507](https://github.com/oauth-xx/oauth2/pull/507) - Fix camel case content type, response keys (@anvox) - [#500](https://github.com/oauth-xx/oauth2/pull/500) - Fix YARD documentation formatting (@olleolleolle) ## [1.4.4] - 2020-02-12 - [#408](https://github.com/oauth-xx/oauth2/pull/408) - Fixed expires_at for formatted time (@Lomey) ## [1.4.3] - 2020-01-29 - [#483](https://github.com/oauth-xx/oauth2/pull/483) - add project metadata to gemspec (@orien) - [#495](https://github.com/oauth-xx/oauth2/pull/495) - support additional types of access token requests (@SteveyblamFreeagent, @thomcorley, @dgholz) - Adds support for private_key_jwt and tls_client_auth - [#433](https://github.com/oauth-xx/oauth2/pull/433) - allow field names with square brackets and numbers in params (@asm256) ## [1.4.2] - 2019-10-01 - [#478](https://github.com/oauth-xx/oauth2/pull/478) - support latest version of faraday & fix build (@pboling) - Officially support Ruby 2.6 and truffleruby ## [1.4.1] - 2018-10-13 - [#417](https://github.com/oauth-xx/oauth2/pull/417) - update jwt dependency (@thewoolleyman) - [#419](https://github.com/oauth-xx/oauth2/pull/419) - remove rubocop dependency (temporary, added back in [#423](https://github.com/oauth-xx/oauth2/pull/423)) (@pboling) - [#418](https://github.com/oauth-xx/oauth2/pull/418) - update faraday dependency (@pboling) - [#420](https://github.com/oauth-xx/oauth2/pull/420) - update [oauth2.gemspec](https://github.com/oauth-xx/oauth2/blob/1-4-stable/oauth2.gemspec) (@pboling) - [#421](https://github.com/oauth-xx/oauth2/pull/421) - fix [CHANGELOG.md](https://github.com/oauth-xx/oauth2/blob/1-4-stable/CHANGELOG.md) for previous releases (@pboling) - [#422](https://github.com/oauth-xx/oauth2/pull/422) - update [LICENSE](https://github.com/oauth-xx/oauth2/blob/1-4-stable/LICENSE) and [README.md](https://github.com/oauth-xx/oauth2/blob/1-4-stable/README.md) (@pboling) - [#423](https://github.com/oauth-xx/oauth2/pull/423) - update [builds](https://travis-ci.org/oauth-xx/oauth2/builds), [Rakefile](https://github.com/oauth-xx/oauth2/blob/1-4-stable/Rakefile) (@pboling) - officially document supported Rubies * Ruby 1.9.3 * Ruby 2.0.0 * Ruby 2.1 * Ruby 2.2 * [JRuby 1.7][jruby-1.7] (targets MRI v1.9) * [JRuby 9.0][jruby-9.0] (targets MRI v2.0) * Ruby 2.3 * Ruby 2.4 * Ruby 2.5 * [JRuby 9.1][jruby-9.1] (targets MRI v2.3) * [JRuby 9.2][jruby-9.2] (targets MRI v2.5) [jruby-1.7]: https://www.jruby.org/2017/05/11/jruby-1-7-27.html [jruby-9.0]: https://www.jruby.org/2016/01/26/jruby-9-0-5-0.html [jruby-9.1]: https://www.jruby.org/2017/05/16/jruby-9-1-9-0.html [jruby-9.2]: https://www.jruby.org/2018/05/24/jruby-9-2-0-0.html ## [1.4.0] - 2017-06-09 - Drop Ruby 1.8.7 support (@sferik) - Fix some RuboCop offenses (@sferik) - _Dependency_: Remove Yardstick (@sferik) - _Dependency_: Upgrade Faraday to 0.12 (@sferik) ## [1.3.1] - 2017-03-03 - Add support for Ruby 2.4.0 (@pschambacher) - _Dependency_: Upgrade Faraday to Faraday 0.11 (@mcfiredrill, @rhymes, @pschambacher) ## [1.3.0] - 2016-12-28 - Add support for header-based authentication to the `Client` so it can be used across the library (@bjeanes) - Default to header-based authentication when getting a token from an authorisation code (@maletor) - **Breaking**: Allow an `auth_scheme` (`:basic_auth` or `:request_body`) to be set on the client, defaulting to `:request_body` to maintain backwards compatibility (@maletor, @bjeanes) - Handle `redirect_uri` according to the OAuth 2 spec, so it is passed on redirect and at the point of token exchange (@bjeanes) - Refactor handling of encoding of error responses (@urkle) - Avoid instantiating an `Error` if there is no error to raise (@urkle) - Add support for Faraday 0.10 (@rhymes) ## [1.2.0] - 2016-07-01 - Properly handle encoding of error responses (so we don't blow up, for example, when Google's response includes a ∞) (@Motoshi-Nishihira) - Make a copy of the options hash in `AccessToken#from_hash` to avoid accidental mutations (@Linuus) - Use `raise` rather than `fail` to throw exceptions (@sferik) ## [1.1.0] - 2016-01-30 - Various refactors (eliminating `Hash#merge!` usage in `AccessToken#refresh!`, use `yield` instead of `#call`, freezing mutable objects in constants, replacing constants with class variables) (@sferik) - Add support for Rack 2, and bump various other dependencies (@sferik) ## [1.0.0] - 2014-07-09 ### Added - Add an implementation of the MAC token spec. ### Fixed - Fix Base64.strict_encode64 incompatibility with Ruby 1.8.7. ## [0.5.0] - 2011-07-29 ### Changed - [breaking] `oauth_token` renamed to `oauth_bearer`. - [breaking] `authorize_path` Client option renamed to `authorize_url`. - [breaking] `access_token_path` Client option renamed to `token_url`. - [breaking] `access_token_method` Client option renamed to `token_method`. - [breaking] `web_server` renamed to `auth_code`. ## [0.4.1] - 2011-04-20 ## [0.4.0] - 2011-04-20 ## [0.3.0] - 2011-04-08 ## [0.2.0] - 2011-04-01 ## [0.1.1] - 2011-01-12 ## [0.1.0] - 2010-10-13 ## [0.0.13] + [0.0.12] + [0.0.11] - 2010-08-17 ## [0.0.10] - 2010-06-19 ## [0.0.9] - 2010-06-18 ## [0.0.8] + [0.0.7] - 2010-04-27 ## [0.0.6] - 2010-04-25 ## [0.0.5] - 2010-04-23 ## [0.0.4] + [0.0.3] + [0.0.2] + [0.0.1] - 2010-04-22 [0.0.1]: https://github.com/oauth-xx/oauth2/compare/311d9f4...v0.0.1 [0.0.2]: https://github.com/oauth-xx/oauth2/compare/v0.0.1...v0.0.2 [0.0.3]: https://github.com/oauth-xx/oauth2/compare/v0.0.2...v0.0.3 [0.0.4]: https://github.com/oauth-xx/oauth2/compare/v0.0.3...v0.0.4 [0.0.5]: https://github.com/oauth-xx/oauth2/compare/v0.0.4...v0.0.5 [0.0.6]: https://github.com/oauth-xx/oauth2/compare/v0.0.5...v0.0.6 [0.0.7]: https://github.com/oauth-xx/oauth2/compare/v0.0.6...v0.0.7 [0.0.8]: https://github.com/oauth-xx/oauth2/compare/v0.0.7...v0.0.8 [0.0.9]: https://github.com/oauth-xx/oauth2/compare/v0.0.8...v0.0.9 [0.0.10]: https://github.com/oauth-xx/oauth2/compare/v0.0.9...v0.0.10 [0.0.11]: https://github.com/oauth-xx/oauth2/compare/v0.0.10...v0.0.11 [0.0.12]: https://github.com/oauth-xx/oauth2/compare/v0.0.11...v0.0.12 [0.0.13]: https://github.com/oauth-xx/oauth2/compare/v0.0.12...v0.0.13 [0.1.0]: https://github.com/oauth-xx/oauth2/compare/v0.0.13...v0.1.0 [0.1.1]: https://github.com/oauth-xx/oauth2/compare/v0.1.0...v0.1.1 [0.2.0]: https://github.com/oauth-xx/oauth2/compare/v0.1.1...v0.2.0 [0.3.0]: https://github.com/oauth-xx/oauth2/compare/v0.2.0...v0.3.0 [0.4.0]: https://github.com/oauth-xx/oauth2/compare/v0.3.0...v0.4.0 [0.4.1]: https://github.com/oauth-xx/oauth2/compare/v0.4.0...v0.4.1 [0.5.0]: https://github.com/oauth-xx/oauth2/compare/v0.4.1...v0.5.0 [1.0.0]: https://github.com/oauth-xx/oauth2/compare/v0.9.4...v1.0.0 [1.1.0]: https://github.com/oauth-xx/oauth2/compare/v1.0.0...v1.1.0 [1.2.0]: https://github.com/oauth-xx/oauth2/compare/v1.1.0...v1.2.0 [1.3.0]: https://github.com/oauth-xx/oauth2/compare/v1.2.0...v1.3.0 [1.3.1]: https://github.com/oauth-xx/oauth2/compare/v1.3.0...v1.3.1 [1.4.0]: https://github.com/oauth-xx/oauth2/compare/v1.3.1...v1.4.0 [1.4.1]: https://github.com/oauth-xx/oauth2/compare/v1.4.0...v1.4.1 [1.4.2]: https://github.com/oauth-xx/oauth2/compare/v1.4.1...v1.4.2 [1.4.3]: https://github.com/oauth-xx/oauth2/compare/v1.4.2...v1.4.3 [1.4.4]: https://github.com/oauth-xx/oauth2/compare/v1.4.3...v1.4.4 [1.4.5]: https://github.com/oauth-xx/oauth2/compare/v1.4.4...v1.4.5 [1.4.6]: https://github.com/oauth-xx/oauth2/compare/v1.4.5...v1.4.6 [1.4.7]: https://github.com/oauth-xx/oauth2/compare/v1.4.6...v1.4.7 [1.4.8]: https://github.com/oauth-xx/oauth2/compare/v1.4.7...v1.4.8 [1.4.9]: https://github.com/oauth-xx/oauth2/compare/v1.4.8...v1.4.9 [1.4.10]: https://github.com/oauth-xx/oauth2/compare/v1.4.9...v1.4.10 [2.0.0]: https://github.com/oauth-xx/oauth2/compare/v1.4.10...v2.0.0 [2.0.1]: https://github.com/oauth-xx/oauth2/compare/v2.0.0...v2.0.1 [2.0.2]: https://github.com/oauth-xx/oauth2/compare/v2.0.1...v2.0.2 [2.0.3]: https://github.com/oauth-xx/oauth2/compare/v2.0.2...v2.0.3 [2.0.4]: https://github.com/oauth-xx/oauth2/compare/v2.0.3...v2.0.4 [2.0.5]: https://github.com/oauth-xx/oauth2/compare/v2.0.4...v2.0.5 [2.0.6]: https://github.com/oauth-xx/oauth2/compare/v2.0.5...v2.0.6 [Unreleased]: https://github.com/oauth-xx/oauth2/compare/v2.0.6...HEAD [gemfiles/readme]: gemfiles/README.md oauth2-2.0.7/CODE_OF_CONDUCT.md 0000664 0000000 0000000 00000012544 14300662245 0015531 0 ustar 00root root 0000000 0000000 # Contributor Covenant Code of Conduct ## Our Pledge We as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, religion, or sexual identity and orientation. We pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community. ## Our Standards Examples of behavior that contributes to a positive environment for our community include: * Demonstrating empathy and kindness toward other people * Being respectful of differing opinions, viewpoints, and experiences * Giving and gracefully accepting constructive feedback * Accepting responsibility and apologizing to those affected by our mistakes, and learning from the experience * Focusing on what is best not just for us as individuals, but for the overall community Examples of unacceptable behavior include: * The use of sexualized language or imagery, and sexual attention or advances of any kind * Trolling, insulting or derogatory comments, and personal or political attacks * Public or private harassment * Publishing others' private information, such as a physical or email address, without their explicit permission * Other conduct which could reasonably be considered inappropriate in a professional setting ## Enforcement Responsibilities Community leaders are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful. Community leaders have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, and will communicate reasons for moderation decisions when appropriate. ## Scope This Code of Conduct applies within all community spaces, and also applies when an individual is officially representing the community in public spaces. Examples of representing our community include using an official e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. ## Enforcement Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the community leaders responsible for enforcement at [INSERT CONTACT METHOD]. All complaints will be reviewed and investigated promptly and fairly. All community leaders are obligated to respect the privacy and security of the reporter of any incident. ## Enforcement Guidelines Community leaders will follow these Community Impact Guidelines in determining the consequences for any action they deem in violation of this Code of Conduct: ### 1. Correction **Community Impact**: Use of inappropriate language or other behavior deemed unprofessional or unwelcome in the community. **Consequence**: A private, written warning from community leaders, providing clarity around the nature of the violation and an explanation of why the behavior was inappropriate. A public apology may be requested. ### 2. Warning **Community Impact**: A violation through a single incident or series of actions. **Consequence**: A warning with consequences for continued behavior. No interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, for a specified period of time. This includes avoiding interactions in community spaces as well as external channels like social media. Violating these terms may lead to a temporary or permanent ban. ### 3. Temporary Ban **Community Impact**: A serious violation of community standards, including sustained inappropriate behavior. **Consequence**: A temporary ban from any sort of interaction or public communication with the community for a specified period of time. No public or private interaction with the people involved, including unsolicited interaction with those enforcing the Code of Conduct, is allowed during this period. Violating these terms may lead to a permanent ban. ### 4. Permanent Ban **Community Impact**: Demonstrating a pattern of violation of community standards, including sustained inappropriate behavior, harassment of an individual, or aggression toward or disparagement of classes of individuals. **Consequence**: A permanent ban from any sort of public interaction within the community. ## Attribution This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 2.0, available at [https://www.contributor-covenant.org/version/2/0/code_of_conduct.html][v2.0]. Community Impact Guidelines were inspired by [Mozilla's code of conduct enforcement ladder][Mozilla CoC]. For answers to common questions about this code of conduct, see the FAQ at [https://www.contributor-covenant.org/faq][FAQ]. Translations are available at [https://www.contributor-covenant.org/translations][translations]. [homepage]: https://www.contributor-covenant.org [v2.0]: https://www.contributor-covenant.org/version/2/0/code_of_conduct.html [Mozilla CoC]: https://github.com/mozilla/diversity [FAQ]: https://www.contributor-covenant.org/faq [translations]: https://www.contributor-covenant.org/translations oauth2-2.0.7/CONTRIBUTING.md 0000664 0000000 0000000 00000003331 14300662245 0015155 0 ustar 00root root 0000000 0000000 ## Contributing Bug reports and pull requests are welcome on GitHub at [https://github.com/oauth-xx/oauth2][source] . This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct][conduct]. To submit a patch, please fork the project and create a patch with tests. Once you're happy with it send a pull request! ## Detailed instructions on Submitting a Pull Request 1. [Fork the repository.][fork] 2. [Create a topic branch.][branch] 3. Add specs for your unimplemented feature or bug fix. 4. Run `bundle exec rake spec`. If your specs pass, return to step 3. 5. Implement your feature or bug fix. 6. Run `bundle exec rake`. If your specs fail, return to step 5. 7. Run `open coverage/index.html`. If your changes are not completely covered by your tests, return to step 3. 8. Add documentation for your feature or bug fix. 9. Run `bundle exec rake verify_measurements`. If your changes are not 100% documented, go back to step 8. 10. Commit and push your changes. 11. [Submit a pull request.][pr] [fork]: http://help.github.com/fork-a-repo/ [branch]: http://learn.github.com/p/branching.html [pr]: http://help.github.com/send-pull-requests/ ## Contributors [][contributors] Made with [contributors-img][contrib-rocks]. [comment]: <> (Following links are used by README, CONTRIBUTING) [conduct]: https://github.com/oauth-xx/oauth2/blob/master/CODE_OF_CONDUCT.md [contrib-rocks]: https://contrib.rocks [contributors]: https://github.com/oauth-xx/oauth2/graphs/contributors [comment]: <> (Following links are used by README, CONTRIBUTING, Homepage) [source]: https://github.com/oauth-xx/oauth2/ oauth2-2.0.7/Dangerfile 0000664 0000000 0000000 00000001117 14300662245 0014707 0 ustar 00root root 0000000 0000000 # frozen_string_literal: true # Ideas... # 1. Check for hashtags in PR title, and disallow changes to changelog? # e.g. github.pr_title.include? "#trivial" # Make it more obvious that a PR is a work in progress and shouldn't be merged yet warn('PR is classed as Work in Progress') if github.pr_title.include? '[WIP]' # Warn when there is a big PR warn('Big PR') if git.lines_of_code > 500 # Don't let testing shortcuts get into master by accident raise('fdescribe left in tests') if `grep -r fdescribe specs/ `.length > 1 raise('fit left in tests') if `grep -r fit specs/ `.length > 1 oauth2-2.0.7/Gemfile 0000664 0000000 0000000 00000003163 14300662245 0014222 0 ustar 00root root 0000000 0000000 # frozen_string_literal: true source 'https://rubygems.org' gemspec git_source(:github) { |repo_name| "https://github.com/#{repo_name}" } gem 'rake', '~> 13.0' gem 'rspec', '~> 3.0' ruby_version = Gem::Version.new(RUBY_VERSION) minimum_version = ->(version, engine = 'ruby') { ruby_version >= Gem::Version.new(version) && RUBY_ENGINE == engine } linting = minimum_version.call('2.7') coverage = minimum_version.call('2.7') debug = minimum_version.call('2.5') gem 'overcommit', '~> 0.58' if linting platforms :mri do if linting # Danger is incompatible with Faraday 2 (for now) # see: https://github.com/danger/danger/issues/1349 # gem 'danger', '~> 8.4' gem 'rubocop-md', require: false # Can be added once we reach rubocop-lts >= v10 (i.e. drop Ruby 2.2) # gem 'rubocop-packaging', require: false gem 'rubocop-performance', require: false gem 'rubocop-rake', require: false gem 'rubocop-rspec', require: false gem 'rubocop-thread_safety', require: false end if coverage gem 'codecov', '~> 0.6' # For CodeCov gem 'simplecov', '~> 0.21', require: false gem 'simplecov-cobertura' # XML for Jenkins gem 'simplecov-json' # For CodeClimate gem 'simplecov-lcov', '~> 0.8', require: false end if debug # Add `byebug` to your code where you want to drop to REPL gem 'byebug' end end platforms :jruby do # Add `binding.pry` to your code where you want to drop to REPL gem 'pry-debugger-jruby' end ### deps for documentation and rdoc.info group :documentation do gem 'github-markup', platform: :mri gem 'redcarpet', platform: :mri gem 'yard', require: false end oauth2-2.0.7/LICENSE 0000664 0000000 0000000 00000002226 14300662245 0013733 0 ustar 00root root 0000000 0000000 MIT License Copyright (c) 2011 - 2013 Michael Bleigh and Intridea, Inc. Copyright (c) 2017 - 2022 oauth-xx organization, https://github.com/oauth-xx Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. oauth2-2.0.7/README.md 0000664 0000000 0000000 00000072010 14300662245 0014203 0 ustar 00root root 0000000 0000000
## What OAuth 2.0 is the industry-standard protocol for authorization. OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications, desktop applications, mobile phones, and living room devices. This is a RubyGem for implementing OAuth 2.0 clients and servers in Ruby applications. See the sibling `oauth` gem for OAuth 1.0 implementations in Ruby. --- * [OAuth 2.0 Spec][oauth2-spec] * [oauth sibling gem][sibling-gem] for OAuth 1.0 implementations in Ruby. [oauth2-spec]: https://oauth.net/2/ [sibling-gem]: https://github.com/oauth-xx/oauth-ruby ## Release Documentation ### Version 2.0.x