- Add access token expiration leeway buffer
- Add retry() mechanism inside refresh credentials
- Add
trackingId
and other headers to refresh credentials request.
- Add
onBeforeCredentialsRefreshed
callback toClient
.
- Bump
http
to version 1.1.0.
- Fix nullability.
- Allow Dart 3.
- Fix
rawParsedData
can be null due to backward compatibility
- Add
rawParsedData
parameter to credentials object for raw response data
- Add
CredentialsRefreshedCallback? onCredentialsRefreshed, CredentialsRefreshingCallback? onCredentialsRefreshing, CredentialsRefreshFailedCallback? onCredentialsRefreshFailed,
- Handle
expires_in
when encoded as string. - Populate the pubspec
repository
field. - Increase the minimum Dart SDK to
2.17.0
.
- Migrate to null safety.
- Added optional
codeVerifier
parameter toAuthorizationCodeGrant
constructor.
- Added fix to make sure that credentials are only refreshed once when multiple calls are made.
- Added PKCE support to
AuthorizationCodeGrant
.
- Added support for
clientCredentialsGrant
.
- OpenID's id_token treated.
- Added
onCredentialsRefreshed
option when creatingClient
objects.
- Support the latest
package:http
release.
- Allow the stable 2.0 SDK.
- Updated SDK version to 2.0.0-dev.17.0
- Add a
getParameter()
parameter tonew AuthorizationCodeGrant()
,new Credentials()
, andresourceOwnerPasswordGrant()
. This controls how the authorization server's response is parsed for servers that don't provide the standard JSON response.
resourceOwnerPasswordGrant()
now properly uses its HTTP client for requests made by the OAuth2 client it returns.
- Add a
delimiter
parameter tonew AuthorizationCodeGrant()
,new Credentials()
, andresourceOwnerPasswordGrant()
. This controls the delimiter between scopes, which some authorization servers require to be different values than the specified' '
.
-
Fix all strong-mode warnings.
-
Support
crypto
1.0.0. -
Support
http_parser
3.0.0.
- Support
http_parser
2.0.0.
-
Requests that use client authentication, such as the
AuthorizationCodeGrant
's access token request andCredentials
' refresh request, now use HTTP Basic authentication by default. This form of authentication is strongly recommended by the OAuth 2.0 spec. The newbasicAuth
parameter may be set tofalse
to force form-based authentication for servers that require it. -
new AuthorizationCodeGrant()
now takessecret
as an optional named argument rather than a required argument. This matches the OAuth 2.0 spec, which says that a client secret is only required for confidential clients. -
new Client()
andCredentials.refresh()
now take bothidentifier
andsecret
as optional named arguments rather than required arguments. This matches the OAuth 2.0 spec, which says that the server may choose not to require client authentication for some flows. -
new Credentials()
now takes named arguments rather than optional positional arguments.
-
Added a
resourceOwnerPasswordGrant
method. -
The
scopes
argument toAuthorizationCodeGrant.getAuthorizationUrl()
andnew Credentials()
and thenewScopes
argument toCredentials.refresh
now take anIterable
rather than just aList
. -
The
scopes
argument toAuthorizationCodeGrant.getAuthorizationUrl()
now defaults tonull
rather thanconst []
.
-
Update the
http
dependency. -
Since
http
0.11.0 now works in non-dart:io
contexts,oauth2
does as well.
-
Expand the dependency on the HTTP package to include 0.10.x.
-
Add a README file.