|
1 | 1 | [SNAPSHOT] |
2 | 2 | * add ScopeBuilder to easily specify multiple scopes while requesting OAuth2.0 Access Tokens |
| 3 | + * make Base64 en/de-coding not dependent from java8 implementation (use three optional implementation |
| 4 | + (internal java 8+, Apache Commons Codec, JAXB) detected in runtime) (thanks to https://github.com/CodingFabian) |
3 | 5 |
|
4 | 6 | [8.1.0] |
5 | 7 | * add raw Response (with HTTP response code and body) as member to the OAuth2AccessTokenErrorResponse |
|
61 | 63 |
|
62 | 64 | [6.4.1] |
63 | 65 | * support TLS 1.3 in JDK 11 for Salesforce |
64 | | - * fix NPE in Apache HTTP client in case of empty body in HTTP response (e.g. with 204 response code) (thanks to https://github.com/SainagNeelamPatnaik) |
| 66 | + * fix NPE in Apache HTTP client in case of empty body in HTTP response (e.g. with 204 response code) |
| 67 | + (thanks to https://github.com/SainagNeelamPatnaik) |
65 | 68 | * separate OAuth1.0a and OAuth2.0 classes |
66 | 69 |
|
67 | 70 | [6.3.0] |
|
73 | 76 | and it should be set per request, not per created OAuthService |
74 | 77 |
|
75 | 78 | [6.2.0] |
76 | | - * add new API Microsoft Azure Active Directory (Azure AD) 2.0 (thanks to https://github.com/rzukow and https://github.com/dgrudenic) |
| 79 | + * add new API Microsoft Azure Active Directory (Azure AD) 2.0 |
| 80 | + (thanks to https://github.com/rzukow and https://github.com/dgrudenic) |
77 | 81 |
|
78 | 82 | [6.1.0] |
79 | 83 | * add new API Keycloak (https://www.keycloak.org/) (thanks to https://github.com/JureZelic) |
80 | 84 | * add new API Discord (https://discordapp.com/) (thanks to https://github.com/Jokuni) |
81 | 85 |
|
82 | 86 | [6.0.0] |
83 | 87 | * make redirect_uri optional while Access Token requesting on OAuth 2.0 (thanks to https://github.com/computerlove) |
84 | | - * switch to java 9+ (from java 7 only) for compilation. Runtime is still java 7+. Complement README with links and RFC descriptions. |
| 88 | + * switch to java 9+ (from java 7 only) for compilation. Runtime is still java 7+. |
| 89 | + Complement README with links and RFC descriptions. |
85 | 90 | * switch OAuth2 Bearer Token Usage from enum OAuth2SignatureType to interface BearerSignature to be extensible |
86 | 91 | * add new API Wunderlist (https://www.wunderlist.com/) (thanks to https://github.com/M-F-K) |
87 | 92 |
|
88 | 93 | [5.6.0] |
89 | | - * remove support for obsolete NetEase (http://www.163.com/) and sohu 搜狐 (http://www.sohu.com/) (thanks to https://github.com/zawn) |
| 94 | + * remove support for obsolete NetEase (http://www.163.com/) and sohu 搜狐 (http://www.sohu.com/) |
| 95 | + (thanks to https://github.com/zawn) |
90 | 96 | * add Multipart functionality to JDK Http Client (thanks to https://github.com/eos1d3) |
91 | 97 | * switch OAuth2 ClientAuthenticationType from enum to interface ClientAuthentication to be extensible according to |
92 | 98 | https://tools.ietf.org/html/rfc6749#section-2.3.2 (thanks to https://github.com/zawn) |
93 | | - * add RuntimeException processing in async http clients (delivered to onError callbacks) (thanks to https://github.com/jochen314) |
| 99 | + * add RuntimeException processing in async http clients (delivered to onError callbacks) |
| 100 | + (thanks to https://github.com/jochen314) |
94 | 101 | * check 200 status code from response in OAuth2AccessTokenExtractor (thanks to https://github.com/jochen314) |
95 | | - * fix case sensitive Http Headers comparison and sending Content-Type header along with content-type (thanks to https://github.com/marnix) |
| 102 | + * fix case sensitive Http Headers comparison and sending Content-Type header along with content-type |
| 103 | + (thanks to https://github.com/marnix) |
96 | 104 | * add HiOrg-Server (https://www.hiorg-server.de/) API (thanks to https://github.com/MartinBoehmer) |
97 | 105 |
|
98 | 106 | [5.5.0] |
|
105 | 113 | * fix missing support for scope for refresh_token grant_type (thanks to https://github.com/tlxtellef) |
106 | 114 | * add email field to VKOAuth2AccessToken (thanks to https://github.com/grouzen) |
107 | 115 | * add new API - Automatic (https://www.automatic.com/) (thanks to https://github.com/ramsrib) |
108 | | - * add new API - Fitbit (https://www.fitbit.com/) (thanks to https://github.com/JustinLawler and https://github.com/alexthered) |
| 116 | + * add new API - Fitbit (https://www.fitbit.com/) |
| 117 | + (thanks to https://github.com/JustinLawler and https://github.com/alexthered) |
109 | 118 | * deprecate OAuthConfig |
110 | 119 | * OAuth1.0: send "oob" instead of null callback while requesting RequestToken (thanks to https://github.com/Rafaelsk) |
111 | 120 |
|
|
119 | 128 | * add required param version to VK ВКонтакте (http://vk.com/) urls |
120 | 129 |
|
121 | 130 | [5.2.0-java7again] |
122 | | - * allow 'null' as callback. It's an optional parameter. Remove "oob" as default (thanks to https://github.com/massongit) |
| 131 | + * allow 'null' as callback. It's an optional parameter. Remove "oob" as default |
| 132 | + (thanks to https://github.com/massongit) |
123 | 133 | * java7 compatible again! |
124 | 134 |
|
125 | 135 | [5.1.0] |
|
132 | 142 | * drop Java 7 backward compatibility support, become Java 8 only (was reverted in v5.2.0-java7again) |
133 | 143 | * add JSON token extractor for OAuth 1.0a (thanks to https://github.com/evstropovv) |
134 | 144 | * add new API - uCoz (https://www.ucoz.com/) (thanks to https://github.com/evstropovv) |
135 | | - * add PKCE (RFC 7636) support (Proof Key for Code Exchange by OAuth Public Clients) (thanks for suggesting to https://github.com/dieseldjango) |
| 145 | + * add PKCE (RFC 7636) support (Proof Key for Code Exchange by OAuth Public Clients) |
| 146 | + (thanks for suggesting to https://github.com/dieseldjango) |
136 | 147 | * switch to use HTTP Basic Authorization by default in requests with need of |
137 | 148 | (2.3. Client Authentication) https://tools.ietf.org/html/rfc6749#section-2.3 Can be overrided in API class |
138 | 149 | * add support for client_credentials grant type (thanks to https://github.com/vivin) |
139 | 150 | * add support for RFC 7009 OAuth 2.0 Token Revocation (thanks to https://github.com/vivin) |
140 | 151 | * add OAuth2Service signRequest method accepting just String, not OAuth2 Access Token Object. |
141 | 152 | Remove signRequest from abstract OAuthService. 2.0 and 1.0a will be a bit more different now. |
142 | | - * drop toString method from *Tokens to prevent leak of sensible data (token ans secrets) (thanks to https://github.com/rcaa) |
| 153 | + * drop toString method from *Tokens to prevent leak of sensible data (token ans secrets) |
| 154 | + (thanks to https://github.com/rcaa) |
143 | 155 | * add Apache HttpComponents HttpClient support in separate module (thanks to https://github.com/sschwieb) |
144 | 156 | * add support for appsecret_proof in Facebook |
145 | | - * update Facebook v2.8 -> v2.11 (version can be configured while constructing OAuthService - use FacebookApi.customVersion("2.11")) |
| 157 | + * update Facebook v2.8 -> v2.11 |
| 158 | + (version can be configured while constructing OAuthService - use FacebookApi.customVersion("2.11")) |
146 | 159 |
|
147 | 160 | [4.2.0] |
148 | 161 | * DELETE in JdkClient permits, but not requires payload (thanks to https://github.com/miguelD73) |
|
155 | 168 | * update Live API (thanks to https://github.com/typhoon17) |
156 | 169 |
|
157 | 170 | [4.1.1] |
158 | | - * omit the client_secret parameter if it is an empty string while refreshing token (thanks to https://github.com/KungfuPancake) |
| 171 | + * omit the client_secret parameter if it is an empty string while refreshing token |
| 172 | + (thanks to https://github.com/KungfuPancake) |
159 | 173 | * allow perms to be specified in Flickr Api (read, write, or delete) (thanks to https://github.com/rogerhu) |
160 | | - * OdnoklassnikiService should consider params in a body while signing the request (thanks to https://github.com/MrNeuronix) |
| 174 | + * OdnoklassnikiService should consider params in a body while signing the request |
| 175 | + (thanks to https://github.com/MrNeuronix) |
161 | 176 | * do not open OutputStream for output while sending empty body in HTTP requests in the default JDK Http client |
162 | 177 |
|
163 | 178 | [4.1.0] |
164 | | - * make client_secret optional in OAuth2 while requesting AccessToken (if set to null, it's not required by OAuth2 specs) |
| 179 | + * make client_secret optional in OAuth2 while requesting AccessToken |
| 180 | + (if set to null, it's not required by OAuth2 specs) |
165 | 181 | * move OAuth1 SignatureType from ServiceBuilder to API |
166 | 182 | * add body for PATCH HTTP method |
167 | | - * make addOAuthParams appendSignature methods protected in OAuth10aService (to override them in case of need) (thanks to https://github.com/vivin) |
| 183 | + * make addOAuthParams appendSignature methods protected in OAuth10aService (to override them in case of need) |
| 184 | + (thanks to https://github.com/vivin) |
168 | 185 |
|
169 | 186 | [4.0.0] |
170 | | - * Remove OAuthRequestAsync, just OAuthRequest. Request should know about sync vs async. Move default Http engine to JDKHttpClient. |
| 187 | + * Remove OAuthRequestAsync, just OAuthRequest. Request should know about sync vs async. |
| 188 | + Move default Http engine to JDKHttpClient. |
171 | 189 | * introduce SignatureType for OAuth2.0 to implement Bearer signing for the requests |
172 | | - * switch Google, GitHub, Facebook OAuth2.0 oauth requests signing to more secured recommended variant (GET-param -> header Bearer) |
| 190 | + * switch Google, GitHub, Facebook OAuth2.0 oauth requests signing to more secured recommended variant |
| 191 | + (GET-param -> header Bearer) |
173 | 192 | * introduce custom nonstandard Facebook AccessTokenErrorResponse |
174 | 193 |
|
175 | 194 | [3.4.1] |
|
182 | 201 | * add support for byte[] and File (async only) payload in OAuth Requests (thanks to https://github.com/keijohyttinen) |
183 | 202 | * add support for HTTP verbs (thanks to https://github.com/keijohyttinen) |
184 | 203 | * add OkHttp http client support (thanks to https://github.com/arcao) |
185 | | - * add default HTTP client configs (to use like 'new ServiceBuilder().httpClientConfig(OkHttpHttpClientConfig.defaultConfig())') |
| 204 | + * add default HTTP client configs |
| 205 | + (to use like 'new ServiceBuilder().httpClientConfig(OkHttpHttpClientConfig.defaultConfig())') |
186 | 206 | * you can use your own impl of AsyncHttpClient |
187 | 207 |
|
188 | 208 | [3.3.0] |
189 | 209 | * update Facebook v2.6 -> v2.8 |
190 | 210 | * add The Things Network API (v1-staging and v2-preview) (thanks to https://github.com/jpmeijers) |
191 | 211 | * add Box (thanks to https://github.com/MclaughlinSteve) |
192 | | - * fix: OAuth20Service::refreshAccessToken should use RefreshTokenEndpoint, not AccessTokenEndpoint (thanks to https://github.com/vivin) |
| 212 | + * fix: OAuth20Service::refreshAccessToken should use RefreshTokenEndpoint, not AccessTokenEndpoint |
| 213 | + (thanks to https://github.com/vivin) |
193 | 214 | * move signRequest method to OAuthService (common for OAuth1 and OAuth2) (thanks to https://github.com/apomelov) |
194 | 215 | * drop deprecated setConnectionKeepAlive method |
195 | 216 |
|
|
198 | 219 | * handle OAuth2 error response for Issuing an Access Token (thanks to juherr) |
199 | 220 |
|
200 | 221 | [3.1.0] |
201 | | - * fix OdnoklassnikiServiceImpl signature, params for hash must be sorted in lexicographic order, see http://new.apiok.ru/dev/methods/ |
| 222 | + * fix OdnoklassnikiServiceImpl signature, params for hash must be sorted in lexicographic order, |
| 223 | + see http://new.apiok.ru/dev/methods/ |
202 | 224 | * add posibility to use externally created http client |
203 | 225 | * make ScribeJava compilable under jdk7 (checkstyle downgraded for jdk 1.7) |
204 | 226 | * add travis CI (check [oracle|open]jdk7 oraclejdk8) |
205 | 227 |
|
206 | 228 | [3.0.0] |
207 | | - * create abstract HTTP Client layer to support different HTTP clients as plugins (AHC and Ning support becames maven submodules) |
208 | | - * remove changing global JVM property http.keepAlive, deprecate controlling this property inside of ScribeJava (thanks to wldaunfr and rockihack) |
| 229 | + * create abstract HTTP Client layer to support different HTTP clients as plugins |
| 230 | + (AHC and Ning support becames maven submodules) |
| 231 | + * remove changing global JVM property http.keepAlive, deprecate controlling this property inside of ScribeJava |
| 232 | + (thanks to wldaunfr and rockihack) |
209 | 233 |
|
210 | 234 | [2.8.1] |
211 | 235 | * add Salesforce sandbox API support |
|
246 | 270 | [2.5.2] |
247 | 271 | * add Google Async Exmaple (with bugfix for it to work) |
248 | 272 | * add OSGI manifest metadata |
249 | | - * apiSecret is not mandatory parameter in config (to use on client sides and other flows without need of the API secret) |
250 | | - * implement OAuth2 Authorization Response parsing in the OAuth20Service (to extract code and state from url, useful for Android) |
| 273 | + * apiSecret is not mandatory parameter in config |
| 274 | + (to use on client sides and other flows without need of the API secret) |
| 275 | + * implement OAuth2 Authorization Response parsing in the OAuth20Service |
| 276 | + (to extract code and state from url, useful for Android) |
251 | 277 | * update ok.ru API urls, add 'state' support, add refresh token to the example |
252 | 278 |
|
253 | 279 | [2.4.0] |
|