|
| 1 | +[SNAPSHOT] |
| 2 | + * Add Polar API (https://www.polar.com/) (thanks to https://github.com/vidi42) |
| 3 | + * make Response accept resources to autoclose and autoclose it (thanks to https://github.com/drei01) |
| 4 | + |
| 5 | +[6.9.0] |
| 6 | + * Add Xero API (https://www.xero.com/) (thanks to https://github.com/SidneyAllen) |
| 7 | + |
| 8 | +[6.8.1] |
| 9 | + * make Response implements Closeable (thanks to https://github.com/omaric) |
| 10 | + * fix Type resolution for builder pattern in ServiceBuilderOAuth10a (thanks to https://github.com/mgyucht) |
| 11 | + * fix no Content-length errors (thanks to https://github.com/mikita-herasiutsin and https://github.com/iankurverma) |
| 12 | + |
| 13 | +[6.8.0] |
| 14 | + * Add debug output to OAuth2Service (thanks to https://github.com/rbarbey) |
| 15 | + * Add Dropbox API (https://www.dropbox.com/) (thanks to https://github.com/petrkopotev) |
| 16 | + |
| 17 | +[6.7.0] |
| 18 | + * Add OAuth2 support for Meetup.com (thanks to https://github.com/stevedes77) |
| 19 | + * upgrade okhttp to 4.0.1 and security fix for jackson-databind 2.9.9.1 |
| 20 | + |
| 21 | +[6.6.3] |
| 22 | + * fix NPE for OpenId providers |
| 23 | + |
| 24 | +[6.6.2] |
| 25 | + * add PMD checks on compile |
| 26 | + * add all OAuth error codes from supported RFCs (incl. "invalid_token") (thanks to https://github.com/echorebel) |
| 27 | + * Update LinkedIn Example to API v2 (thanks to https://github.com/peternees) |
| 28 | + * switch to jackson dependency to parse json responses (thanks to https://github.com/galimru) |
| 29 | + |
| 30 | +[6.5.1] |
| 31 | + * cleanup deprecates methods |
| 32 | + |
| 33 | +[6.5.0] |
| 34 | + * separate OAuth1.0a and OAuth2.0 ServiceBuilders, |
| 35 | + introduce AuthorizationUrlBuilder (along with deprecation of AuthorizationUrlWithPKCE) |
| 36 | + add possibility to provide different scopes for each Access Token request |
| 37 | + * upgrade Facebook API from v2.11 to v3.2 |
| 38 | + * upgrade VkontakteApi from 5.73 to 5.92 |
| 39 | + |
| 40 | +[6.4.1] |
| 41 | + * support TLS 1.3 in JDK 11 for Salesforce |
| 42 | + * fix NPE in Apache HTTP client in case of empty body in HTTP response (e.g. with 204 response code) (thanks to https://github.com/SainagNeelamPatnaik) |
| 43 | + * separate OAuth1.0a and OAuth2.0 classes |
| 44 | + |
| 45 | +[6.3.0] |
| 46 | + * fix Muplipart request model and implement it for a jdk HTTP client (thanks to https://github.com/NTPape) |
| 47 | + * remove any Google+ mention (switch to clean Google OAuth2) (thanks to https://github.com/fvasco) |
| 48 | + * fix Microsoft Azure AD v1.0 and v2.0 (thanks to https://github.com/kenpusney and https://github.com/oscararias) |
| 49 | + * add new API Asana (https://asana.com/) (thanks to https://github.com/joestazak) |
| 50 | + * state param should be used only for authorization url generation, for v2 only, for Authorization Code Grant only, |
| 51 | + and it should be set per request, not per created OAuthService |
| 52 | + |
| 53 | +[6.2.0] |
| 54 | + * add new API Microsoft Azure Active Directory (Azure AD) 2.0 (thanks to https://github.com/rzukow and https://github.com/dgrudenic) |
| 55 | + |
| 56 | +[6.1.0] |
| 57 | + * add new API Keycloak (https://www.keycloak.org/) (thanks to https://github.com/JureZelic) |
| 58 | + * add new API Discord (https://discordapp.com/) (thanks to https://github.com/Jokuni) |
| 59 | + |
| 60 | +[6.0.0] |
| 61 | + * make redirect_uri optional while Access Token requesting on OAuth 2.0 (thanks to https://github.com/computerlove) |
| 62 | + * switch to java 9+ (from java 7 only) for compilation. Runtime is still java 7+. Complement README with links and RFC descriptions. |
| 63 | + * switch OAuth2 Bearer Token Usage from enum OAuth2SignatureType to interface BearerSignature to be extensible |
| 64 | + * add new API Wunderlist (https://www.wunderlist.com/) (thanks to https://github.com/M-F-K) |
| 65 | + |
| 66 | +[5.6.0] |
| 67 | + * remove support for obsolete NetEase (http://www.163.com/) and sohu 搜狐 (http://www.sohu.com/) (thanks to https://github.com/zawn) |
| 68 | + * add Multipart functionality to JDK Http Client (thanks to https://github.com/eos1d3) |
| 69 | + * switch OAuth2 ClientAuthenticationType from enum to interface ClientAuthentication to be extensible according to |
| 70 | + https://tools.ietf.org/html/rfc6749#section-2.3.2 (thanks to https://github.com/zawn) |
| 71 | + * add RuntimeException processing in async http clients (delivered to onError callbacks) (thanks to https://github.com/jochen314) |
| 72 | + * check 200 status code from response in OAuth2AccessTokenExtractor (thanks to https://github.com/jochen314) |
| 73 | + * fix case sensitive Http Headers comparison and sending Content-Type header along with content-type (thanks to https://github.com/marnix) |
| 74 | + * add HiOrg-Server (https://www.hiorg-server.de/) API (thanks to https://github.com/MartinBoehmer) |
| 75 | + |
| 76 | +[5.5.0] |
| 77 | + * fix error parsing for Fitbit (thanks to https://github.com/danmana) |
| 78 | + * optimize debug log performance impact on prod in OAuth1 and fix |
| 79 | + NoClassDefFoundError on Android device with SDK 18 and lower (thanks to https://github.com/arcao) |
| 80 | + * add new API - MediaWiki (https://www.mediawiki.org/) (thanks to https://github.com/lucaswerkmeister) |
| 81 | + |
| 82 | +[5.4.0] |
| 83 | + * fix missing support for scope for refresh_token grant_type (thanks to https://github.com/tlxtellef) |
| 84 | + * add email field to VKOAuth2AccessToken (thanks to https://github.com/grouzen) |
| 85 | + * add new API - Automatic (https://www.automatic.com/) (thanks to https://github.com/ramsrib) |
| 86 | + * add new API - Fitbit (https://www.fitbit.com/) (thanks to https://github.com/JustinLawler and https://github.com/alexthered) |
| 87 | + * deprecate OAuthConfig |
| 88 | + * OAuth1.0: send "oob" instead of null callback while requesting RequestToken (thanks to https://github.com/Rafaelsk) |
| 89 | + |
| 90 | +[5.3.0] |
| 91 | + * fix Salesforce API (thanks to https://github.com/jhorowitz-firedrum) |
| 92 | + * remove 'final' from methods in OAuth[10a|20]Service to allow mocking it |
| 93 | + * fix Pinterest API (thanks to https://github.com/sschwieb) |
| 94 | + * add Yahoo2 API (thanks to https://github.com/javatestcase) |
| 95 | + * fix Tumblr urls, convert to https (thanks to https://github.com/highthunder) |
| 96 | + * fix: allow spaces in scope param in OAuth2Accesstoken response |
| 97 | + * add required param version to VK ВКонтакте (http://vk.com/) urls |
| 98 | + |
| 99 | +[5.2.0-java7again] |
| 100 | + * allow 'null' as callback. It's an optional parameter. Remove "oob" as default (thanks to https://github.com/massongit) |
| 101 | + * java7 compatible again! |
| 102 | + |
| 103 | +[5.1.0] |
| 104 | + * drop optional dependency on Apache commons-codec |
| 105 | + * add API - Dataporten (https://docs.dataporten.no/) (thanks to https://github.com/xibriz) |
| 106 | + * add API - Microsoft Azure Active Directory (Azure AD) (thanks to https://github.com/kaushalmall) |
| 107 | + * fix LinkedInApi20 (thanks to https://github.com/jhorowitz-firedrum) |
| 108 | + |
| 109 | +[5.0.0] |
| 110 | + * drop Java 7 backward compatibility support, become Java 8 only (was reverted in v5.2.0-java7again) |
| 111 | + * add JSON token extractor for OAuth 1.0a (thanks to https://github.com/evstropovv) |
| 112 | + * add new API - uCoz (https://www.ucoz.com/) (thanks to https://github.com/evstropovv) |
| 113 | + * add PKCE (RFC 7636) support (Proof Key for Code Exchange by OAuth Public Clients) (thanks for suggesting to https://github.com/dieseldjango) |
| 114 | + * switch to use HTTP Basic Authorization by default in requests with need of |
| 115 | + (2.3. Client Authentication) https://tools.ietf.org/html/rfc6749#section-2.3 Can be overrided in API class |
| 116 | + * add support for client_credentials grant type (thanks to https://github.com/vivin) |
| 117 | + * add support for RFC 7009 OAuth 2.0 Token Revocation (thanks to https://github.com/vivin) |
| 118 | + * add OAuth2Service signRequest method accepting just String, not OAuth2 Access Token Object. |
| 119 | + Remove signRequest from abstract OAuthService. 2.0 and 1.0a will be a bit more different now. |
| 120 | + * drop toString method from *Tokens to prevent leak of sensible data (token ans secrets) (thanks to https://github.com/rcaa) |
| 121 | + * add Apache HttpComponents HttpClient support in separate module (thanks to https://github.com/sschwieb) |
| 122 | + * add support for appsecret_proof in Facebook |
| 123 | + * update Facebook v2.8 -> v2.11 (version can be configured while constructing OAuthService - use FacebookApi.customVersion("2.11")) |
| 124 | + |
| 125 | +[4.2.0] |
| 126 | + * DELETE in JdkClient permits, but not requires payload (thanks to https://github.com/miguelD73) |
| 127 | + * add new API - Frappe (https://github.com/frappe/frappe) (thanks to https://github.com/revant) |
| 128 | + * add new API - Etsy (https://www.etsy.com/) (thanks to https://github.com/efekocabas) |
| 129 | + |
| 130 | +[4.1.2] |
| 131 | + * LinkedIn use Header to sign OAuth2 requests |
| 132 | + * upgrade ServiceBuilder to check apiKey preconditions compile-time (not run-time) |
| 133 | + * update Live API (thanks to https://github.com/typhoon17) |
| 134 | + |
| 135 | +[4.1.1] |
| 136 | + * omit the client_secret parameter if it is an empty string while refreshing token (thanks to https://github.com/KungfuPancake) |
| 137 | + * allow perms to be specified in Flickr Api (read, write, or delete) (thanks to https://github.com/rogerhu) |
| 138 | + * OdnoklassnikiService should consider params in a body while signing the request (thanks to https://github.com/MrNeuronix) |
| 139 | + * do not open OutputStream for output while sending empty body in HTTP requests in the default JDK Http client |
| 140 | + |
| 141 | +[4.1.0] |
| 142 | + * make client_secret optional in OAuth2 while requesting AccessToken (if set to null, it's not required by OAuth2 specs) |
| 143 | + * move OAuth1 SignatureType from ServiceBuilder to API |
| 144 | + * add body for PATCH HTTP method |
| 145 | + * make addOAuthParams appendSignature methods protected in OAuth10aService (to override them in case of need) (thanks to https://github.com/vivin) |
| 146 | + |
| 147 | +[4.0.0] |
| 148 | + * Remove OAuthRequestAsync, just OAuthRequest. Request should know about sync vs async. Move default Http engine to JDKHttpClient. |
| 149 | + * introduce SignatureType for OAuth2.0 to implement Bearer signing for the requests |
| 150 | + * switch Google, GitHub, Facebook OAuth2.0 oauth requests signing to more secured recommended variant (GET-param -> header Bearer) |
| 151 | + * introduce custom nonstandard Facebook AccessTokenErrorResponse |
| 152 | + |
| 153 | +[3.4.1] |
| 154 | + * Drop deprecated methods |
| 155 | + * Move doktornarabote.ru urls to https (thanks to https://github.com/ezibrov) |
| 156 | + |
| 157 | +[3.4.0] |
| 158 | + * uncouple OAuthRequest and Service. OAuthRequest shouldn't know anything about OAuthservice. |
| 159 | + You don't need OAuthService to create OAuthRequest anymore. Async request should be sent via OAuthService method. |
| 160 | + * add support for byte[] and File (async only) payload in OAuth Requests (thanks to https://github.com/keijohyttinen) |
| 161 | + * add support for HTTP verbs (thanks to https://github.com/keijohyttinen) |
| 162 | + * add OkHttp http client support (thanks to https://github.com/arcao) |
| 163 | + * add default HTTP client configs (to use like 'new ServiceBuilder().httpClientConfig(OkHttpHttpClientConfig.defaultConfig())') |
| 164 | + * you can use your own impl of AsyncHttpClient |
| 165 | + |
| 166 | +[3.3.0] |
| 167 | + * update Facebook v2.6 -> v2.8 |
| 168 | + * add The Things Network API (v1-staging and v2-preview) (thanks to https://github.com/jpmeijers) |
| 169 | + * add Box (thanks to https://github.com/MclaughlinSteve) |
| 170 | + * fix: OAuth20Service::refreshAccessToken should use RefreshTokenEndpoint, not AccessTokenEndpoint (thanks to https://github.com/vivin) |
| 171 | + * move signRequest method to OAuthService (common for OAuth1 and OAuth2) (thanks to https://github.com/apomelov) |
| 172 | + * drop deprecated setConnectionKeepAlive method |
| 173 | + |
| 174 | +[3.2.0] |
| 175 | + * Add Naver API (thanks to chooco) |
| 176 | + * handle OAuth2 error response for Issuing an Access Token (thanks to juherr) |
| 177 | + |
| 178 | +[3.1.0] |
| 179 | + * fix OdnoklassnikiServiceImpl signature, params for hash must be sorted in lexicographic order, see http://new.apiok.ru/dev/methods/ |
| 180 | + * add posibility to use externally created http client |
| 181 | + * make ScribeJava compilable under jdk7 (checkstyle downgraded for jdk 1.7) |
| 182 | + * add travis CI (check [oracle|open]jdk7 oraclejdk8) |
| 183 | + |
| 184 | +[3.0.0] |
| 185 | + * create abstract HTTP Client layer to support different HTTP clients as plugins (AHC and Ning support becames maven submodules) |
| 186 | + * remove changing global JVM property http.keepAlive, deprecate controlling this property inside of ScribeJava (thanks to wldaunfr and rockihack) |
| 187 | + |
| 188 | +[2.8.1] |
| 189 | + * add Salesforce sandbox API support |
| 190 | + |
| 191 | +[2.8.0] |
| 192 | + * add Salesforce API |
| 193 | + * update Linked In API |
| 194 | + |
| 195 | +[2.7.3] |
| 196 | + * FIX: ScribeJava shouldn't require all async http client provider to be on the classpath if using only one of them |
| 197 | + |
| 198 | +[2.7.2] |
| 199 | + * FIX: ScribeJava shouldn't require any async http client provider to be on the classpath (neither ning neither AHC) |
| 200 | + |
| 201 | +[2.7.1] |
| 202 | + * do not hide checked IOException in unchecked IllegalArgumentException |
| 203 | + |
| 204 | +[2.7.0] |
| 205 | + * make http async client implementation be more pluggable |
| 206 | + * add async-http-client 2.0 support (thanks to Sai Chandrasekharan https://github.com/saichand) |
| 207 | + * add Misfit (http://misfit.com/) API |
| 208 | + * implement async version getting Request Token for OAuth 1.0a |
| 209 | + |
| 210 | +[2.6.0] |
| 211 | + * simplify async/sync usages |
| 212 | + * add optional "User-Agent" config option to use while making http calls |
| 213 | + * refactor usage of grant_type [authorization_code|refresh_token|password|etc] |
| 214 | + * add Genius.com API authentication (OAuth2) |
| 215 | + * fix GitHub API |
| 216 | + * standardize authorization url generation for OAuth2 |
| 217 | + * update Facebook to v2.6 |
| 218 | + * cleanup: drop old APIs without Examples and with outdated domains |
| 219 | + |
| 220 | +[2.5.3] |
| 221 | + * fix - do not send two Content-Type header in async requests |
| 222 | + * improve OK example |
| 223 | + |
| 224 | +[2.5.2] |
| 225 | + * add Google Async Exmaple (with bugfix for it to work) |
| 226 | + * add OSGI manifest metadata |
| 227 | + * apiSecret is not mandatory parameter in config (to use on client sides and other flows without need of the API secret) |
| 228 | + * implement OAuth2 Authorization Response parsing in the OAuth20Service (to extract code and state from url, useful for Android) |
| 229 | + * update ok.ru API urls, add 'state' support, add refresh token to the example |
| 230 | + |
| 231 | +[2.4.0] |
| 232 | + * APIs 2.0 can define different endpoints for access token and for refresh token (the same urls by default) |
| 233 | + * mark Facebook doesn't support refresh token by throwing UnsupportedOperationException |
| 234 | + * make JSON Access Token Extractor be the default for OAuth 2.0 (according to RFC 6749) |
| 235 | + * drop Google OAuth 1.0 support (OAuth 1.0 was officially deprecated by Google) |
| 236 | + * add response_type parameter to the ServiceBuilder/OAuthConfig to use not only "code" for authorization code |
| 237 | + * remove Verifier object, we just need Strings, 'code' for OAuth2 and 'oauthVerifier' for OAuth1 |
| 238 | + * default HTTP verb for OAuth 2.0 Access Token EndPoint is POST (http://tools.ietf.org/html/rfc6749#section-3.2) |
| 239 | + * send missed headers in async version (as in sync) |
| 240 | + * support 'password' grant_type for OAuth 2.0 |
| 241 | + |
| 242 | +[2.3.0] |
| 243 | + * Stack Exchange authentication via OAuth 2.0 (stackoverflow.com, askubuntu.com, etc.). |
| 244 | + * Support response in gzip. |
| 245 | + * differentiate OAuth1 Access token, OAuth 1 Request Token and OAuth 2 Access token, make them conforms RFCs |
| 246 | + * OAuth 1 APIs can choose whether to pass empty oauth_token param in requests |
| 247 | + * Support refresh tokens for OAuth2 (very thanks to P. Daniel Tyreus https://github.com/pdtyreus) |
| 248 | + |
| 249 | +[2.2.2] |
| 250 | + * make all APIs to be extentable (have protected constructors, useful for testing) |
| 251 | + |
| 252 | +[2.2.1] |
| 253 | + * Update Facebook API v2.2 -> v2.5 |
| 254 | + * Update hh.ru urls |
| 255 | + |
| 256 | +[2.2.0] |
| 257 | + * Let GoogleApi20 supports OOB |
| 258 | + * Updated Imgur API to OAuth2 |
| 259 | + * force not to instantiate stateless APIs. Use provided singletons |
| 260 | + * reduce OAuthService abstraction for OAuth1 and OAuth2. Separate OAuth(1|2)Services |
| 261 | + |
| 262 | +[2.1.0] |
| 263 | + * add Pinterest API |
| 264 | + |
| 265 | +[2.0.1] |
| 266 | + * small code enhancements |
| 267 | + |
| 268 | +[2.0] |
| 269 | + * merge back SubScribe fork to the ScribeJava |
| 270 | + |
| 271 | +for previous changes see |
| 272 | +v1-changelog - changelog for 1.x version |
| 273 | +v2pre-changelog - changelog for SubScribe fork |
0 commit comments