4.0.0-alpha.6

Breaking Changes

• Fix URI/URL naming inconsistencies (#128). For context, see ramosbugs/openidconnect-rs#39.
  • set_introspection_url -> set_introspection_uri
  • set_redirect_url -> set_redirect_uri
  • set_revocation_url -> set_revocation_uri

4.0.0-alpha.5

Breaking Changes

• Have Client::exchange_device_code, Client::introspect, and Client::revoke_token fail fast with a new ConfigurationError enum when the relevant OAuth2 endpoint hasn't been configured by calling set_device_authorization_url, set_introspection_url, or set_revocation_url, respectively. Previously, an error would not be returned until a call to request/request_async (#127).

Other Changes

• Add extra_fields() getter to StandardTokenIntrospectionResponse (#126)
• Fix missing closing parenthesis in doc comment (#125)

4.0.0-alpha.4

Breaking Changes

• Fix inconsistent naming of types related to RFC 7662 Token Introspection (fdab640/#123). This renames the following:
  • IntrospectRequest to IntrospectionRequest
  • *TokenInspectionResponse to *TokenIntrospectionResponse
  • IntrospectUrl to IntrospectionUrl
  • introspect_url to introspection_url.

New Features

• Add support for OAuth 2.0 Token Revocation (RFC 7009) (#122).

  Special thanks to @ximon18 for contributing this feature.

• Add ureq http_client (#119)

Other Changes

• Support wasm32 targets (#120)

4.0.0-alpha.3

Breaking Changes

• Raise minimum supported Rust version (MSRV) to 1.45
• Upgrade reqwest to 0.11 and rename feature flag from reqwest-010 to reqwest. This upgrades tokio to 1.0.
• Add #[non_exhaustive] attribute to AuthType to support non-breaking additions in the future

New Features

• Add support for the plain (plaintext) PKCE verifier when the (non-default) pkce-plain feature flag is enabled. Use of this feature is discouraged for security reasons.

• Add support for OAuth 2.0 Token Introspection.

  Special thanks to @jeroenvervaeke for contributing this feature.

4.0.0-alpha.2

New Features

• Add support for OAuth 2.0 Device Authorization Grant.

  Special thanks to @maxdymond for contributing this feature.

4.0.0-alpha.1

Breaking changes

• Raise minimum supported Rust version to 1.41
• Drop support for reqwest 0.9 (previously enabled via the reqwest-09 feature flag); only the (default) reqwest-010 feature flag is now supported
• Migrate public API from http 0.1 to 0.2
• Drop support for futures 0.1 and remove the futures-01 and futures-03 feature flags; only async/await is now supported (without requiring any feature flags)
• Eliminate Async* traits and move the request_async methods to the underlying *Request structs
• Return error types that implement std::error::Error instead of failure::Fail

Other changes

• Remove Send and Sync trait bounds on error types to improve compatibility with actix
• Have reqwest client use rustls-tls instead of the default native TLS
• Enable serde feature flag on url crate dependency
• Upgrade sha2 dependency
• RUSTSEC-2016-0005: replace rust-crypto with hmac in dev-dependencies
• Remove unused unicode-normalization dependency
• Rename master branch to main

3.0.0

This version is identical to 3.0.0-alpha.10 but is no longer considered to be a pre-release.

3.0.0-alpha.10

• Add AuthorizationRequest::set_redirect_url method
• Update sha2, rand, and base64 dependencies
• Pin to hex 0.4.0 to maintain Rust 1.34 compatibility

3.0.0-alpha.9

Breaking changes

• Add Extension variants to BasicTokenType and BasicErrorResponseType enums

Other changes

• Update reqwest-010 feature flag to use reqwest 0.10
• Add re-export of http and url crates

3.0.0-alpha.8

This release is identical to 3.0.0-alpha.7 except that it pins specifically
to reqwest version 0.10.0-alpha.2 when the request-010 feature
is enabled. This prevents Cargo's SemVer functionality from automatically
using reqwest 0.10, with which this crate is not yet compatible.