Add SensitiveParameter attribute to all sensitive parameters

Author: onlime

CHANGELOG.md

@@ -1,6 +1,11 @@
 # CHANGELOG
 
-## [0.6.x (unreleased)](https://github.com/onlime/bexio-api-client/compare/0.6.1...main)
+## [0.6.x (unreleased)](https://github.com/onlime/bexio-api-client/compare/0.6.2...main)
+
+## [0.6.2 (2024-12-05)](https://github.com/onlime/bexio-api-client/compare/0.6.1...0.6.2)
+
+- Fix token refresh for new Bexio OpenID Connect provider URL `https://auth.bexio.com/realms/bexio`: Always store scopes in tokens file, as they are also used in `refreshToken()`.
+- Add `SensitiveParameter` attribute to all sensitive parameters to avoid logging/leaking them.
 
 ## [0.6.1 (2024-10-09)](https://github.com/onlime/bexio-api-client/compare/0.6.0...0.6.1)
 

src/Bexio/AbstractClient.php

@@ -31,10 +31,11 @@ abstract class AbstractClient
 
     public function __construct(
         public string $clientId,
+        #[\SensitiveParameter]
         public string $clientSecret
     ) {}
 
-    public function setAccessToken(string $accessToken): self
+    public function setAccessToken(#[\SensitiveParameter] string $accessToken): self
     {
         $this->accessToken = $accessToken;
         return $this;
@@ -45,7 +46,7 @@ public function getAccessToken(): ?string
         return $this->accessToken;
     }
 
-    public function setRefreshToken(string $refreshToken): self
+    public function setRefreshToken(#[\SensitiveParameter] string $refreshToken): self
     {
         $this->refreshToken = $refreshToken;
         return $this;