Merge branch 'feat/silence_no_tokens_warning' into 'main'

✨ silence_no_tokens_warning

See merge request oauth-xx/oauth2!646

Author: pboling

.rubocop_gradual.lock

@@ -3,9 +3,13 @@
     [66, 5, 20, "ThreadSafety/ClassInstanceVariable: Avoid class instance variables.", 2485198147],
     [78, 5, 74, "Style/InvertibleUnlessCondition: Prefer `if Gem.rubygems_version >= Gem::Version.new(\"2.7.0\")` over `unless Gem.rubygems_version < Gem::Version.new(\"2.7.0\")`.", 2453573257]
   ],
-  "lib/oauth2.rb:3563577000": [
-    [34, 5, 21, "ThreadSafety/ClassAndModuleAttributes: Avoid mutating class and module attributes.", 622027168],
-    [37, 11, 7, "ThreadSafety/ClassInstanceVariable: Avoid class instance variables.", 651502127]
+  "lib/oauth2.rb:1956148869": [
+    [35, 5, 21, "ThreadSafety/ClassAndModuleAttributes: Avoid mutating class and module attributes.", 622027168],
+    [38, 11, 7, "ThreadSafety/ClassInstanceVariable: Avoid class instance variables.", 651502127]
+  ],
+  "lib/oauth2/access_token.rb:2233632404": [
+    [49, 13, 5, "Style/IdenticalConditionalBranches: Move `t_key` out of the conditional.", 183811513],
+    [55, 13, 5, "Style/IdenticalConditionalBranches: Move `t_key` out of the conditional.", 183811513]
   ],
   "lib/oauth2/authenticator.rb:3711266135": [
     [42, 5, 113, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 734523108]
@@ -28,11 +32,11 @@
     [130, 3, 52, "Gemspec/DependencyVersion: Dependency version specification is required.", 3163430777],
     [131, 3, 48, "Gemspec/DependencyVersion: Dependency version specification is required.", 425065368]
   ],
-  "spec/oauth2/access_token_spec.rb:2406469319": [
+  "spec/oauth2/access_token_spec.rb:3473606468": [
     [3, 1, 34, "RSpec/SpecFilePathFormat: Spec path should end with `o_auth2/access_token*_spec.rb`.", 1972107547],
-    [612, 13, 25, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 770233088],
-    [682, 9, 101, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 3022740639],
-    [686, 9, 79, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 2507338967]
+    [780, 13, 25, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 770233088],
+    [850, 9, 101, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 3022740639],
+    [854, 9, 79, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 2507338967]
   ],
   "spec/oauth2/authenticator_spec.rb:853320290": [
     [3, 1, 36, "RSpec/SpecFilePathFormat: Spec path should end with `o_auth2/authenticator*_spec.rb`.", 819808017],
@@ -41,26 +45,26 @@
     [69, 15, 38, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 1480816240],
     [79, 13, 23, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 2314399065]
   ],
-  "spec/oauth2/client_spec.rb:623759711": [
+  "spec/oauth2/client_spec.rb:2085440011": [
     [6, 1, 29, "RSpec/SpecFilePathFormat: Spec path should end with `o_auth2/client*_spec.rb`.", 439549885],
     [174, 7, 492, "RSpec/NoExpectationExample: No expectation found in this example.", 1272021224],
     [193, 7, 592, "RSpec/NoExpectationExample: No expectation found in this example.", 3428877205],
     [206, 15, 20, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 2320605227],
     [221, 15, 20, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 1276531672],
     [236, 15, 43, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 1383956904],
     [251, 15, 43, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 3376202107],
-    [865, 5, 360, "RSpec/NoExpectationExample: No expectation found in this example.", 536201463],
-    [874, 5, 461, "RSpec/NoExpectationExample: No expectation found in this example.", 3392600621],
-    [885, 5, 340, "RSpec/NoExpectationExample: No expectation found in this example.", 244592251],
-    [930, 63, 2, "RSpec/BeEq: Prefer `be` over `eq`.", 5860785],
-    [975, 11, 99, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 3084776886],
-    [979, 11, 82, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 1524553529],
-    [987, 7, 89, "RSpec/NoExpectationExample: No expectation found in this example.", 4609419],
-    [1075, 11, 99, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 3084776886],
-    [1079, 11, 82, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 1524553529],
-    [1159, 17, 12, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 664794325],
-    [1184, 5, 459, "RSpec/NoExpectationExample: No expectation found in this example.", 2216851076],
-    [1194, 7, 450, "RSpec/NoExpectationExample: No expectation found in this example.", 2619808549]
+    [829, 5, 360, "RSpec/NoExpectationExample: No expectation found in this example.", 536201463],
+    [838, 5, 461, "RSpec/NoExpectationExample: No expectation found in this example.", 3392600621],
+    [849, 5, 340, "RSpec/NoExpectationExample: No expectation found in this example.", 244592251],
+    [894, 63, 2, "RSpec/BeEq: Prefer `be` over `eq`.", 5860785],
+    [939, 11, 99, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 3084776886],
+    [943, 11, 82, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 1524553529],
+    [951, 7, 89, "RSpec/NoExpectationExample: No expectation found in this example.", 4609419],
+    [1039, 11, 99, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 3084776886],
+    [1043, 11, 82, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 1524553529],
+    [1123, 17, 12, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 664794325],
+    [1148, 5, 459, "RSpec/NoExpectationExample: No expectation found in this example.", 2216851076],
+    [1158, 7, 450, "RSpec/NoExpectationExample: No expectation found in this example.", 2619808549]
   ],
   "spec/oauth2/error_spec.rb:1209122273": [
     [23, 1, 28, "RSpec/SpecFilePathFormat: Spec path should end with `o_auth2/error*_spec.rb`.", 3385870076],
@@ -97,7 +101,7 @@
   "spec/oauth2/version_spec.rb:1001406821": [
     [3, 1, 30, "RSpec/SpecFilePathFormat: Spec path should end with `o_auth2/version*_spec.rb`.", 1099517182]
   ],
-  "spec/oauth2_spec.rb:2292862590": [
+  "spec/oauth2_spec.rb:4211477230": [
     [3, 1, 21, "RSpec/SpecFilePathFormat: Spec path should end with `o_auth2*_spec.rb`.", 3359091140]
   ]
 }

CHANGELOG.md

@@ -10,19 +10,22 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 ### Fixed
 ### Removed
 
-## [2.0.10] - 2025-05-12 ([tag][2.0.10t])
+## [2.0.10] - 2025-05-XX ([tag][2.0.10t])
 ### Added
 - [!635](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/635) - `.gitlab-ci.yml` file (@jessieay)
-- [!643](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/643) - Add token_name option (@pboling)
-    - Specify the parameter name that identifies the access token
-- [!642](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/642) - 20 year certificate for signing gem releases, expires 2045-04-29 (@pboling)
-  - Gemspec metadata (@pboling)
-    - funding_uri
-    - news_uri
-    - mailing_list_uri
-  - SHA256 and SHA512 Checksums for release (@pboling)
 - [#638](https://gitlab.com/oauth-xx/oauth2/-/issues/638) - Documentation of support for ILO Fundamental Principles of Rights at Work
+- [!642](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/642) - 20 year certificate for signing gem releases, expires 2045-04-29 (@pboling)
+    - Gemspec metadata (@pboling)
+      - funding_uri
+      - news_uri
+      - mailing_list_uri
+    - SHA256 and SHA512 Checksums for release (@pboling)
+- [!643](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/643) - Add `token_name` option (@pboling)
+    - Specify the parameter name that identifies the access token
+- [!645](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/645) - Add `OAuth2::OAUTH_DEBUG` constant, based on `ENV["OAUTH_DEBUG"] (@pboling)
+- [!646](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/646) - Add `OAuth2.config.silence_extra_tokens_warning`, default: false (@pboling)
 ### Changed
+- Default value of `OAuth2.config.silence_extra_tokens_warning` was `false`, now `true`
 - Gem releases are now cryptographically signed, with a 20-year cert (@pboling)
   - Allow linux distros to build release without signing, as their package managers sign independently
 ### Fixed

lib/oauth2.rb

@@ -28,6 +28,7 @@ module OAuth2
   OAUTH_DEBUG = ENV.fetch("OAUTH_DEBUG", "false").casecmp("true").zero?
   DEFAULT_CONFIG = SnakyHash::SymbolKeyed.new(
     silence_extra_tokens_warning: true,
+    silence_no_tokens_warning: true,
   )
   @config = DEFAULT_CONFIG.dup
   class << self

lib/oauth2/access_token.rb

@@ -31,6 +31,8 @@ class << self
       #   'access_token', 'id_token', 'token' (or their symbolic versions)
       # @note If multiple token keys are present, a warning will be issued unless
       #   OAuth2.config.silence_extra_tokens_warning is true
+      # @note If no token keys are present, a warning will be issued unless
+      #   OAuth2.config.silence_no_tokens_warning is true
       # @note For "soon-to-expire"/"clock-skew" functionality see the `:expires_latency` option.
       # @mote If snaky key conversion is being used, token_name needs to match the converted key.
       #
@@ -40,21 +42,18 @@ class << self
       def from_hash(client, hash)
         fresh = hash.dup
         # If token_name is present, then use that key name
-        if fresh.key?(:token_name)
-          key = fresh[:token_name]
-          if key.nil? || !fresh.key?(key)
-            warn(%[
-OAuth2::AccessToken#from_hash key mismatch.
-Custom token_name (#{key}) does match any keys (#{fresh.keys})
-You may need to set `snaky: false`. See inline documentation for more info.
-            ])
+        key =
+          if fresh.key?(:token_name)
+            t_key = fresh[:token_name]
+            no_tokens_warning(fresh, t_key)
+            t_key
+          else
+            # Otherwise, if one of the supported default keys is present, use whichever has precedence
+            supported_keys = TOKEN_KEY_LOOKUP & fresh.keys
+            t_key = supported_keys[0]
+            extra_tokens_warning(supported_keys, t_key)
+            t_key
           end
-        else
-          # Otherwise, if one of the supported default keys is present, use whichever has precedence
-          supported_keys = TOKEN_KEY_LOOKUP & fresh.keys
-          key = supported_keys[0]
-          extra_tokens_warning(supported_keys, key)
-        end
         token = fresh.delete(key) || ""
         new(client, token, fresh)
       end
@@ -77,6 +76,17 @@ def extra_tokens_warning(supported_keys, key)
 
         warn("OAuth2::AccessToken.from_hash: `hash` contained more than one 'token' key (#{supported_keys}); using #{key.inspect}.")
       end
+
+      def no_tokens_warning(hash, key)
+        return if OAuth2.config.silence_no_tokens_warning
+        return if key && hash.key?(key)
+
+        warn(%[
+OAuth2::AccessToken#from_hash key mismatch.
+Custom token_name (#{key}) is not found in (#{hash.keys})
+You may need to set `snaky: false`. See inline documentation for more info.
+        ])
+      end
     end
 
     # Initialize an AccessToken
@@ -117,7 +127,7 @@ def initialize(client, token, opts = {})
         if @client.options[:raise_errors]
           error = Error.new(opts)
           raise(error)
-        else
+        elsif !OAuth2.config.silence_no_tokens_warning
           warn("OAuth2::AccessToken has no token")
         end
       end