profile
viewpoint
Joseph Page josephpage Octo Technology Paris, France http://octo.com

josephpage/audited 0

Audited (formerly acts_as_audited) is an ORM extension that logs all changes to your Rails models.

josephpage/boot2docker 0

Lightweight Linux for Docker

josephpage/canirequire 0

Can I require modules for Auth0 Extensibility

josephpage/centos-docker-custom-build 0

DEPRECATED - Simple scripts to build your own Centos base docker with customizations and additionnal packages. Designed to be lightweight and easy to use, based on official repository.

josephpage/compose 0

Define and run complex applications using Docker

josephpage/docker-compose 0

Wrap docker-compose inside a docker container !

josephpage/docker-premailer 0

Docker container for premailer (http://premailer.dialect.ca)

josephpage/docker-registry-runabove 0

A Docker registry using RunAbove Object Storage as storage backend

startedcasbin/node-casbin

started time in 2 days

created repositorypatou/biblionantes

created time in 6 days

created repositorypatou/zenbox-quarkus

Generated by code.quarkus.io

created time in 11 days

startedodensc/ttv-ublock

started time in 16 days

startedM4LV0/LFI-phpinfo-RCE

started time in 17 days

created repository1e1/arduino-macaddress-notifier

Monitors nearby devices - Sends a notification (ex: switch off when all your smartphones are "Flight" mode)

created time in 19 days

pull request commentoauth-xx/oauth2

Add new token_method post_with_query_string

That's awesome! How can I help?

JCotton1123

comment created time in 20 days

pull request commentoauth-xx/oauth2

Add new token_method post_with_query_string

(New) Maintainers are now discussing a new release of oauth. It's been 3 years, so we have a bit of prep work to do. Please lend a hand if you have some time!

JCotton1123

comment created time in 22 days

pull request commentoauth-xx/oauth2

Add new token_method post_with_query_string

Thanks @utkarsh2102 and @JCotton1123 !

JCotton1123

comment created time in 22 days

push eventoauth-xx/oauth2

Jesse Cotton

commit sha f60af5fcb203cf502352e648ff68738863e4e128

Add new token_method post_with_query_string (#525)

view details

push time in 22 days

PR merged oauth-xx/oauth2

Add new token_method post_with_query_string

Hi, curious if you would accept a change like this? I'm working with a couple APIs where the token HTTP method must be a POST but the parameters must be passed via the query string.

+15 -2

4 comments

2 changed files

JCotton1123

pr closed time in 22 days

created repository1e1/arduino-macaddress-notifier

Monitors nearby devices - Sends a notification (ex: switch off when all your smartphones are "Flight" mode)

created time in 22 days

issue commentoauth-xx/oauth2

How to renew the access token, when oauth2 drops the refresh token?

I feel you and thank you for your contribution to the community!

Unfortunately I couldn't find a way and had to roll my own solution instead of using a gem.

There are two issues here: First of all, which is also the issue I encountered above. The gem drops refresh token on the Authorization Grant response. The graph below is from the Introduction section in RFC6749

  +--------+                                           +---------------+
  |        |--(A)------- Authorization Grant --------->|               |
  |        |                                           |               |
  |        |<-(B)----------- Access Token -------------|               |
  |        |               & Refresh Token             |               |
  |        |                                           |               |
  |        |                            +----------+   |               |
  |        |--(C)---- Access Token ---->|          |   |               |
  |        |                            |          |   |               |
  |        |<-(D)- Protected Resource --| Resource |   | Authorization |
  | Client |                            |  Server  |   |     Server    |
  |        |--(E)---- Access Token ---->|          |   |               |
  |        |                            |          |   |               |
  |        |<-(F)- Invalid Token Error -|          |   |               |
  |        |                            +----------+   |               |
  |        |                                           |               |
  |        |--(G)----------- Refresh Token ----------->|               |
  |        |                                           |               |
  |        |<-(H)----------- Access Token -------------|               |
  +--------+           & Optional Refresh Token        +---------------+

               Figure 2: Refreshing an Expired Access Token

   The flow illustrated in Figure 2 includes the following steps:

   (A)  The client requests an access token by authenticating with the
        authorization server and presenting an authorization grant.

   (B)  The authorization server authenticates the client and validates
        the authorization grant, and if valid, issues an access token
        and a refresh token.

  Omitting steps (C) to (F) as they are irrelevant...

   (G)  The client requests a new access token by authenticating with
        the authorization server and presenting the refresh token.  The
        client authentication requirements are based on the client type
        and on the authorization server policies.

   (H)  The authorization server authenticates the client and validates
        the refresh token, and if valid, issues a new access token (and,
        optionally, a new refresh token).

As we can see from step (B), the first refresh token must be included in the response so it can be used to renew access token in step (G), while the gem dropped it on purpose.

Secondly, as of the Optional Refresh Token in step (G), which is being discussed in #321. According to the refresh token section in RFC6749

1.5.  Refresh Token

   Refresh tokens are credentials used to obtain access tokens.  Refresh
   tokens are issued to the client by the authorization server and are
   used to obtain a new access token when the current access token
   becomes invalid or expires, or to obtain additional access tokens
   with identical or narrower scope (access tokens may have a shorter
   lifetime and fewer permissions than authorized by the resource
   owner).  Issuing a refresh token is optional at the discretion of the
   authorization server.  If the authorization server issues a refresh
   token, it is included when issuing an access token

We can see that Issuing a refresh token is optional at the discretion of the authorization server. So if the authorization server decided to issue a refresh token, does it really make sense for the gem to drop it?

Update, I took another look at the section which is mentioned by @matt-glover in the same github issue, and now I understand why he decided to drop the refresh token.

He was referring to 4.4.3. Access Token Response in the Client Credentials Grant section, which is a different workflow.

If you would take a look at the 4.1. Authorization Code Grant section, which clearly states that a refresh token could be included in the response.

4.1.4.  Access Token Response

   If the access token request is valid and authorized, the
   authorization server issues an access token and optional refresh
   token as described in Section 5.1.  If the request client
   authentication failed or is invalid, the authorization server returns
   an error response as described in Section 5.2.

   An example successful response:

     HTTP/1.1 200 OK
     Content-Type: application/json;charset=UTF-8
     Cache-Control: no-store
     Pragma: no-cache

     {
       "access_token":"2YotnFZFEjr1zCsicMWpAA",
       "token_type":"example",
       "expires_in":3600,
       "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA",
       "example_parameter":"example_value"
     }

In summary, it's "at the discretion of the authorization server" to return a refresh token or not. The gem should present any data received from the server to the user unopinionated. If a refresh token is not necessary, the server simply will not return it in the first place. I don't think the gem should make the decision to drop it or not.

evanhdc

comment created time in 24 days

issue commentoauth-xx/oauth2

How to renew the access token, when oauth2 drops the refresh token?

I honestly do not know how to accomplish the flow you want, and have never done it myself. If you do figure it out please document the solution here, or contribute documentation to the readme, or wiki.

This gem is on life support!

Any effort you could put into figuring out how to solve #321 would be greatly appreciated. I doubt I will have time to invest in solving this bug myself. This gem is too large a project to be maintained by a tiny team of people who only use it for narrow use cases. We are always looking for more maintainers #307 ! Please lend a hand if you can. I have a plan to dedicate more of my time to supporting this gem soon, but it keeps getting delayed, because the world is on fire, and I only have 24 hours in a day.

I volunteered to maintain this gem because it is important to the community, and the Ruby community matters to me, but I and the other maintainers are stretched thin. I hope more people will step up to improve this tool!

evanhdc

comment created time in 24 days

created repositoryshykes/tests

A placeholder for various tests. Different branches may hold different things.

created time in a month

startedsystemd/casync

started time in a month

startedskickar/FriendDetector

started time in a month

fork kevinvennitti/getkirby.com

Source code and content for the Kirby website

https://getkirby.com

fork in a month

fork ThamosIO/terraform-policymaker

Tool for generating least privileged policies in Terraform

fork in a month

pull request commentoauth-xx/oauth2

New version of faraday (1.1.0) broke the build

Pull Request Test Coverage Report for Build 1056

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 0.0%

Totals Coverage Status
Change from base Build 1050: 0.0%
Covered Lines: 0
Relevant Lines: 0

💛 - Coveralls
depfu[bot]

comment created time in a month

pull request commentoauth-xx/oauth2

New version of faraday (1.1.0) broke the build

Pull Request Test Coverage Report for Build 1056

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 0.0%

Totals Coverage Status
Change from base Build 1050: 0.0%
Covered Lines: 0
Relevant Lines: 0

💛 - Coveralls
depfu[bot]

comment created time in a month

delete branch oauth-xx/oauth2

delete branch : depfu/check/faraday-1.0.1

delete time in a month

pull request commentoauth-xx/oauth2

New version of faraday (1.0.1) broke the build

Closed in favor of #529.

depfu[bot]

comment created time in a month

PR closed oauth-xx/oauth2

New version of faraday (1.0.1) broke the build depfu good first issue

We've tested your project with an updated dependency and the build failed.

This version is either within the version range you specified or you haven't specified a version/range. To be able to test your project with the new version, we've taken the liberty of pinning the version for this branch and pull request.

name version specification new version
faraday >= 0.8, < 2.0 1.0.1

Unfortunately, we encountered failing tests after pinning. This means that this new version is not compatible with your project and the test failure will potentially also happen on fresh installs.

If you have correctly specified a semantic versioning version range, you should probably also file an issue with the upstream project as they might have released an update that's breaking SemVer rules, which is not cool. (But then again, not all projects explicitly follow SemVer)

We've left the pull request open for you to investigate this issue. Please don't merge it as is, because, again, we've pinned the version of faraday for this test run.

What changed?

✳️ faraday (>= 0.8, < 2.0 → 1.0.1) · Repo · Changelog

<details> <summary>Release Notes</summary> <h4><a href="https://github.com/lostisland/faraday/releases/tag/v1.0.1">1.0.1</a></h4>

<blockquote><p>Fixes:</p> <ul> <li>Use Net::HTTP#start(&block) to ensure closed TCP connections (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1117">#1117</a>)</li> <li>Fully qualify constants to be checked (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1122">#1122</a>)</li> <li>Allows <code>parse</code> method to be private/protected in response middleware (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1123">#1123</a>)</li> <li>Encode Spaces in Query Strings as '%20' Instead of '+' (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1125">#1125</a>)</li> <li>Limits rack to v2.0.x (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1127">#1127</a>)</li> <li>Adapter Registry reads also use mutex (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1136">#1136</a>)</li> </ul> <p>Documentation:</p> <ul> <li>Retry middleware documentation fix (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1109">#1109</a>)</li> <li>Docs(retry): precise usage of retry-after (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1111">#1111</a>)</li> <li>README: Link the logo to the website (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1112">#1112</a>)</li> <li>Website: add search bar (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1116">#1116</a>)</li> <li>Fix request/response mix-up in docs text (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1132">#1132</a>)</li> </ul></blockquote> <p><em>Does any of this look wrong? <a href="https://depfu.com/packages/rubygem/faraday/feedback">Please let us know.</a></em></p> </details>

<details> <summary>Commits</summary> <p><a href="https://github.com/lostisland/faraday/compare/ff9dc1d1219a1bbdba95a9a4cf5d135b97247ee2...5547e9131aa2629cec13a6b3b00ac9daeab9d430">See the full diff on Github</a>. The new version differs by 22 commits:</p>

<ul> <li><a href="https://github.com/lostisland/faraday/commit/5547e9131aa2629cec13a6b3b00ac9daeab9d430"><code>Bump version to 1.0.1</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/864a7e52f3343159d247bc0c6f896f4d3dba5eeb"><code>Encode Spaces in Query Strings as '%20' Instead of '+' (#1125)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/b4ad6e386efa2bb84290cc96fd8f520dacee8a22"><code>Update publish.yml</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/f6401225a4c3d778997b14c4be08a3f56aa414fe"><code>Adapter Registry reads also use mutex</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/5d24afc373585c8a58aee187ff0663af17125743"><code>External adapters exposed</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/e2c56e90c9b12f69f84a536ae341617672bd52b7"><code>docs(website): fix request/response mix-up in text</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/52e30bf8e8d79159f332088189cb7f7e536d1ba1"><code>spec: JRuby-proof a test about error messages</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/284d920cf330a2e2ee1d2e9bd9a0a74b59d9648c"><code>specs: JRuby-Skip EM specs</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/e80b8299761c8d7ce35ec9084c3fbc7a1a65375a"><code>specs: JRuby-Skip Patron specs</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/1042a4561876b32f9474e35d2bfd885f391f0099"><code>Allows parse method to be private/protected in response middleware (#1123)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/a4837c8509a81c4c24f36a29ef736e8d250cb0b8"><code>Update org name for typhoeus repo</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/d77c9efee9b12763f685f46df470eb22351154f5"><code>Fully qualify constants to be checked (#1122)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/8560572d16108ca769b9eb700bd2f6de40766cfc"><code>Use Net::HTTP#start(&block) to ensure closed TCP connections (#1117)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/614c26fe9dd940e9d92cd526fbbd4b43ca09da9a"><code>Limits rack to v2.0.x (#1127)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/099dd45f63ff99bbb343eebf7504a3cf0b10bc63"><code>Merge pull request #1116 from vvo/docs/add-documentation-search</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/47dcf037a7ea2fc9648696f25355c1de4d5c8ab8"><code>Merge branch 'master' into docs/add-documentation-search</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/008321b24fd84d2da9e38aab38b10abd897e35e1"><code>docs(website): add search to the website</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/e346b8bdb46ee7f38ee5f9d519ad227a14de9612"><code>README: Link the logo to the website (#1112)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/b30ec73e99e32e87f1ccb861be1c2c68680b07e2"><code>docs(retry): precise usage of retry-after (#1111)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/6015ae97d6f22c744da0176f8fecf51cfded736b"><code>[docs] Use "including" wording</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/024bfebd1a5b0a881101f99b6156aa2dcf2433cc"><code>docs(retry): precise usage of retry-after</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/8a43a4791992fc02e55d4d41e0a2d8ac862537e1"><code>Retry middleware documentation fix (#1109)</code></a></li> </ul> </details>


Depfu Status

Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with @depfu rebase.

<details><summary>All Depfu comment commands</summary> <blockquote><dl> <dt>@​depfu rebase</dt><dd>Rebases against your default branch and redoes this update</dd> <dt>@​depfu recreate</dt><dd>Recreates this PR, overwriting any edits that you've made to it</dd> <dt>@​depfu merge</dt><dd>Merges this PR once your tests are passing and conflicts are resolved</dd> <dt>@​depfu close</dt><dd>Closes this PR and deletes the branch</dd> <dt>@​depfu reopen</dt><dd>Restores the branch and reopens this PR (if it's closed)</dd> <dt>@​depfu pause</dt><dd>Ignores all future updates for this dependency and closes this PR</dd> <dt>@​depfu pause [minor|major]</dt><dd>Ignores all future minor/major updates for this dependency and closes this PR</dd> <dt>@​depfu resume</dt><dd>Future versions of this dependency will create PRs again (leaves this PR as is)</dd> </dl></blockquote> </details>

+1 -1

3 comments

1 changed file

depfu[bot]

pr closed time in a month

pull request commentoauth-xx/oauth2

New version of faraday (1.0.1) broke the build

Closed in favor of #529.

depfu[bot]

comment created time in a month

PR opened oauth-xx/oauth2

New version of faraday (1.1.0) broke the build

We've tested your project with an updated dependency and the build failed.

This version is either within the version range you specified or you haven't specified a version/range. To be able to test your project with the new version, we've taken the liberty of pinning the version for this branch and pull request.

name version specification new version
faraday >= 0.8, < 2.0 1.1.0

Unfortunately, we encountered failing tests after pinning. This means that this new version is not compatible with your project and the test failure will potentially also happen on fresh installs.

If you have correctly specified a semantic versioning version range, you should probably also file an issue with the upstream project as they might have released an update that's breaking SemVer rules, which is not cool. (But then again, not all projects explicitly follow SemVer)

We've left the pull request open for you to investigate this issue. Please don't merge it as is, because, again, we've pinned the version of faraday for this test run.

What changed?

✳️ faraday (>= 0.8, < 2.0 → 1.1.0) · Repo · Changelog

<details> <summary>Release Notes</summary> <h4><a href="https://github.com/lostisland/faraday/releases/tag/v1.1.0">1.1.0</a></h4>

<blockquote><h2>Features</h2> <ul> <li>Makes parameters sorting configurable (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1162">#1162</a> <a href="https://bounce.depfu.com/github.com/wishdev">@wishdev</a>)</li> <li>Introduces <code>flat_encode</code> option for multipart adapter. (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1163">#1163</a> <a href="https://bounce.depfu.com/github.com/iMacTia">@iMacTia</a>)</li> <li>Include request info in exceptions raised by RaiseError Middleware (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1181">#1181</a> <a href="https://bounce.depfu.com/github.com/SandroDamilano">@SandroDamilano</a>)</li> </ul> <h2>Fixes</h2> <ul> <li>Avoid <code>last arg as keyword param</code> warning when building user middleware on Ruby 2.7 (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1153">#1153</a> <a href="https://bounce.depfu.com/github.com/dgholz">@dgholz</a>)</li> <li>Limits net-http-persistent version to < 4.0 (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1156">#1156</a> <a href="https://bounce.depfu.com/github.com/iMacTia">@iMacTia</a>)</li> <li>Update <code>typhoeus</code> to new stable version (<code>1.4</code>) (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1159">#1159</a> <a href="https://bounce.depfu.com/github.com/AlexWayfer">@AlexWayfer</a>)</li> <li>Properly fix test failure with Rack 2.1+. (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1171">#1171</a> <a href="https://bounce.depfu.com/github.com/voxik">@voxik</a>)</li> </ul> <h2>Documentation</h2> <ul> <li>Improves documentation on how to contribute to the site by using Docker. (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1175">#1175</a> <a href="https://bounce.depfu.com/github.com/iMacTia">@iMacTia</a>)</li> <li>Remove retry_change_requests from documentation (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1185">#1185</a> <a href="https://bounce.depfu.com/github.com/stim371">@stim371</a>)</li> </ul> <h2>Misc</h2> <ul> <li>Link from GitHub Actions badge to CI workflow (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1141">#1141</a> <a href="https://bounce.depfu.com/github.com/olleolleolle">@olleolleolle</a>)</li> <li>Return tests of <code>Test</code> adapter (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1147">#1147</a> <a href="https://bounce.depfu.com/github.com/AlexWayfer">@AlexWayfer</a>)</li> <li>Add 1.0 release to wording in CONTRIBUTING (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1155">#1155</a> <a href="https://bounce.depfu.com/github.com/olleolleolle">@olleolleolle</a>)</li> <li>Fix linting bumping Rubocop to 0.90.0 (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1182">#1182</a> <a href="https://bounce.depfu.com/github.com/iMacTia">@iMacTia</a>)</li> <li>Drop <code>git ls-files</code> in gemspec (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1183">#1183</a> <a href="https://bounce.depfu.com/github.com/utkarsh2102">@utkarsh2102</a>)</li> <li>Upgrade CI to ruby/setup-ruby (<a href="https://bounce.depfu.com/github.com/lostisland/faraday/pull/1187">#1187</a> <a href="https://bounce.depfu.com/github.com/gogainda">@gogainda</a>)</li> </ul></blockquote> <p><em>Does any of this look wrong? <a href="https://depfu.com/packages/rubygem/faraday/feedback">Please let us know.</a></em></p> </details>

<details> <summary>Commits</summary> <p><a href="https://github.com/lostisland/faraday/compare/5547e9131aa2629cec13a6b3b00ac9daeab9d430...571dc11c2faae7b43fc3b6f4e5750493b0d68fbc">See the full diff on Github</a>. The new version differs by 22 commits:</p> <ul> <li><a href="https://github.com/lostisland/faraday/commit/571dc11c2faae7b43fc3b6f4e5750493b0d68fbc"><code>Version bump to 1.1.0</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/0461c4b321dbf8894a52415d77389a0a31707217"><code>Upgrade CI to ruby/setup-ruby (#1187)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/85b46bef6c5d67d7db6ecd279ea1fd5607690f3a"><code>Remove retry_change_requests from documentation (#1185)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/a5b7a6bc810a7923dfcea16fffc226fafb8e198b"><code>Drop git ls-files in gemspec (#1183)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/8ee406d7886087053fc8d2d2c15ca378f566e008"><code>Include request info in exceptions raised by RaiseError Middleware (#1181)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/868fe9bb18eed44bd0da160c453635d62762e196"><code>Fix linting bumping Rubocop to 0.90.0 (#1182)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/9af091f9c43bb2daeb713991ae356aa16c155dee"><code>Improves documentation on how to contribute to the site by using Docker. (#1175)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/6521a1606ef1842579e613f01a945cd7ee1ddcb4"><code>Properly fix test failure with Rack 2.1+.</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/5acab3623994e6dbcc77f203fe0b5e1f29684874"><code>Introduces flat_encode option for multipart adapter. (#1163)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/e02a8c100921c75d714cc9f2aa2a5e0063260fa7"><code>Makes parameters sorting configurable (#1162)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/f6130995eb4db72a46d612f5d8e212b4dd2cf5b9"><code>Update typhoeus to new stable version (1.4) (#1159)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/90b4564cecde7fd35b7d752fc84a785b89efd9e2"><code>Rubocop linting with 0.84.0 (#1160)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/722821fab79faa65a1dd2ec0ed1667ed593f06fe"><code>Avoid 'last arg as keyword param' warning when building user middleware on Ruby 2.7 (#1153)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/019e1a841707718adad2fd05c602eb1a869b42bc"><code>Limits net-http-persistent version to < 4.0 (#1156)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/41c0dc7edf0fa997c7a4771d91fa1100f7d84515"><code>Add 1.0 release to wording in CONTRIBUTING (#1155)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/87ecaf96822ef03ef6e86a9b9b57caa97e4c0fa8"><code>Return tests of Test adapter</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/680b9f8a6cba0e0a11763ce824c2fac94ce1a087"><code>Add EditorConfig file</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/c26df87b8653db4f270e3bcdc7a15bcdd2dd5cae"><code>Update RuboCop</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/3b3de79e3df5f29628a29233a417a61e1adeb520"><code>Fix typo for RSpec</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/3ca146de4d1b9d8fa2b153f27106a254cff147b9"><code>Update year markers to 2020 for a lively look</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/e33c559345865378da09b9745955df5d9c133771"><code>Link from GitHub Actions badge to CI workflow (#1141)</code></a></li> <li><a href="https://github.com/lostisland/faraday/commit/f0c76f826f52f8d1749061fd1a802bf4fc943430"><code>Remove Codeclimate coverage badge</code></a></li> </ul> </details>


Depfu Status

Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with @depfu rebase.

<details><summary>All Depfu comment commands</summary> <blockquote><dl> <dt>@​depfu rebase</dt><dd>Rebases against your default branch and redoes this update</dd> <dt>@​depfu recreate</dt><dd>Recreates this PR, overwriting any edits that you've made to it</dd> <dt>@​depfu merge</dt><dd>Merges this PR once your tests are passing and conflicts are resolved</dd> <dt>@​depfu close</dt><dd>Closes this PR and deletes the branch</dd> <dt>@​depfu reopen</dt><dd>Restores the branch and reopens this PR (if it's closed)</dd> <dt>@​depfu pause</dt><dd>Ignores all future updates for this dependency and closes this PR</dd> <dt>@​depfu pause [minor|major]</dt><dd>Ignores all future minor/major updates for this dependency and closes this PR</dd> <dt>@​depfu resume</dt><dd>Future versions of this dependency will create PRs again (leaves this PR as is)</dd> </dl></blockquote> </details>

+1 -1

0 comment

1 changed file

pr created time in a month

create barnchoauth-xx/oauth2

branch : depfu/check/faraday-1.1.0

created branch time in a month

issue openedoauth-xx/oauth2

How to renew the access token, when oauth2 drops the refresh token?

Hi,

My API provider uses a standardized OAuth 2.0 token-based authentication flow. Now I get stuck on finding a way to refresh the access token.

2.7.1 :001 > require 'oauth2'
2.7.1 :002 > client = OAuth2::Client.new('client_id', '', grant_type: 'refresh_token', site: 'site', token_url: 'token_url', redirect_uri: 'redirect_uri')
2.7.1 :003 > client.auth_code.authorize_url(access_type: 'offline')
2.7.1 :004 > tokens = client.auth_code.get_token('auth_code', 'grant_type': 'authorization_code')
2.7.1 :005 > tokens.refresh_token
 => nil

According to the API guide, the response attributes are

{
  "access_token": "string",
  "expires_in": 0,
  "refresh_token": "string",
  "refresh_token_expires_in": 0,
}

But as shown in line 5, the tokens.refresh_token was nil. It looks like it's intentional per https://github.com/oauth-xx/oauth2/issues/321. How am I supposed to renew the access token, since a refresh token is required when using refresh token grant?

Here is the error. I waited until the access token expired, then tried to renew it:

2.7.1 :006 > tokens.expired?
 => true 
2.7.1 :007 > new_tokens = tokens.refresh!
Traceback (most recent call last):
        1: from (irb):95
RuntimeError (A refresh_token is not available)

Did I miss anything?

created time in a month

pull request commentoauth-xx/oauth2

Add new token_method post_with_query_string

/cc @pboling, can you please take a look?

JCotton1123

comment created time in a month

more