From 6c87c9788f6f5a949d8620876a99add168829b62 Mon Sep 17 00:00:00 2001 From: Dan Schultzer <1254724+danschultzer@users.noreply.github.com> Date: Sat, 28 Dec 2024 22:15:44 -0800 Subject: [PATCH] Hard deprecations for v0.3 --- CHANGELOG.md | 276 +------------------------ lib/assent.ex | 15 -- lib/assent/config.ex | 49 ----- lib/assent/http_adapter/mint.ex | 120 ----------- lib/assent/strategies/oauth.ex | 9 +- lib/assent/strategies/oauth2.ex | 29 +-- lib/assent/strategies/oidc.ex | 3 +- lib/assent/strategy.ex | 26 --- mix.exs | 1 - mix.lock | 2 +- test/assent/config_test.exs | 4 - test/assent/http_adapter/mint_test.exs | 130 ------------ test/assent/strategies/oauth2_test.exs | 12 -- 13 files changed, 21 insertions(+), 655 deletions(-) delete mode 100644 lib/assent/config.ex delete mode 100644 lib/assent/http_adapter/mint.ex delete mode 100644 test/assent/config_test.exs delete mode 100644 test/assent/http_adapter/mint_test.exs diff --git a/CHANGELOG.md b/CHANGELOG.md index a41b94c..72786f1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,273 +1,19 @@ # Changelog -## v0.2.12 (2024-12-29) - -* `Assent` now has a module doc - -## v0.2.11 (2024-12-29) - -* Default to using `JSON` instead of `Jason` for JSON parsing on Elixir 1.18 -* `Assent.Strategy.OAuth2` now supports `:state` config option -* `Assent.Strategy.OAuth2` `:state` override in `:authorization_parms` has been deprecated -* `Assent.Strategy.OIDC` now supports `none` authentication method -* `Assent.Strategy.Bitbucket` added -* `Assent.Strategy.Twitch` added -* `Assent.Strategy.Telegram` added -* `Assent.Strategy.Zitadel` added -* `Assent.Strategy.Facebook.fetch_user/2` fixed bug with user not being decoded -* `Assent.Strategy.OAuth2` now supports PKCE -* `Assent.Strategy.OAuth2.Base.authorize_url/2` incomplete typespec fixed -* `Assent.Strategy.decode_response/2` deprecated accepting result tuples and now accepts `Assent.HTTPAdapter.HTTPResponse` structs -* `Assent.Strategy.request/5` deprecated in favor of `Assent.Strategy.http_request/5` -* `Assent.Strategy.decode_response/2` deprecated in favor of `Assent.HTTPAdapter.decode_response/2` -* `Assent.Config.get/3` deprecated in favor of `Keyword.get/3` -* `Assent.Config.put/3` deprecated in favor of `Keyword.put/3` -* `Assent.Config.merge/2` deprecated in favor of `Keyword.merge/2` -* `Assent.Config.t()` type deprecated in favor of `Keyword.t()` type -* `Assent.Config.fetch/2` deprecated in favor of `Assent.fetch_config/2` - -## v0.2.10 (2024-04-11) - -Requires Elixir 1.13+ - -- Fixed bug with trailing slash in `:base_url` not being ommitted when concatenating with relative path - -## v0.2.9 (2023-11-22) - -- Fixed bug where `Req` was not used by default if included in project -- `Assent.Strategy.Httpc.request/5` now sets content length header - -## v0.2.8 (2023-11-19) - -`Req` will be used by default if available in your project, otherwise `:httpc` will be used. - -- `Req` HTTP adapter added -- `Req` supported by default as HTTP client -- Global application config support for HTTP and JWT adapters -- More expressive errors now including the whole HTTP response where applicable -- Deprecated `:site` config in favor of `:base_url` config - -## v0.2.7 (2023-09-12) - -* `Assent.Strategy.Strava` added - -## v0.2.6 (2023-08-26) - -* Added `Assent.HTTPAdapter.Finch` -* Deprecated `Assent.HTTPAdapter.Mint` - -## v0.2.5 (2023-08-21) - -* `Assent.Strategy.Spotify` added - -## v0.2.4 (2023-08-20) - -* Fixed bug in `Assent.JWTAdapter.AssentJWT` where `verified?` could be a `{:error, term()}` tuple rather than boolean -* Improved message on private key file load error - -## v0.2.3 (2023-03-23) - -* Removed `:castore` version requirement -* `Assent.Strategy.Httpc.request/5` raises error when SSL certificate can't be validated - -## v0.2.2 (2023-02-27) - -* Fixed bug to handle 201 success response -* `Assent.Strategy.OIDC` now has support for multiple audiences -* `Assent.Strategy.OIDC` now permits any auth method if no `token_endpoint_auth_methods_supported` specified -* `Assent.Strategy.Linkedin` added - -## v0.2.1 (2022-09-15) - -* Default to using `Jason` instead of `Poison` for JSON parsing -* Fixed `Bitwise` warning when running on Elixir 1.14 - -## v0.2.0 (2022-03-01) +## v0.3.0 (TBA) **This release consists of breaking changes.** -In previous `Assent.Strategy.Slack` strategy, the `sub` user id field consisted of `{SUB}-{TEAM}`. Slack has migrated to OpenID Connect, and the response has been conformed to OIDC. The `sub` will now only consists of the `sub` id, and not include team id. To succesfullly migrate to this release all slack identity records storing the `sub` user id field has to be updated. - -If you wish to continue using the previous `sub` user id a custom OIDC strategy can be used instead: - -```elixir -defmodule Slack do - use Assent.Strategy.OIDC.Base - - alias Assent.Strategy.Slack - - defdelegate default_config(config), to: Slack - - def normalize(config, user) do - user = Map.put(user, "sub", "#{user["https://slack.com/user_id"]}-#{user["https://slack.com/team_id"]}") - - Slack.normalize(config, user) - end -end -``` - -* `Assent.Strategy.OIDC.fetch_user/2` now removes the ID token specific keys from the user claims instead of normalizing -* `Assent.Strategy.OIDC.Base` now adds `normalize/2` to the macro that will include the full user claims in the user params -* `Assent.Strategy.Slack` now uses OpenID connect instead of legacy OAuth 2.0, please note that the `sub` value may have changed - -## v0.1.28 (2021-09-30) - -* `Assent.Strategy.OIDC` bug fixed so it handles unreachable urls correctly - -## v0.1.27 (2021-08-21) - -* `Assent.Strategy.OIDC` bug fixed for `normalize/2` macro callback - -## v0.1.26 (2021-05-27) - -* `Assent.constant_time_compare/2` no longer outputs a deprecation warning for OTP 24 - -## v0.1.25 (2021-04-09) - -* `Assent.Strategy.Apple` has been fixed to handle the JSON encoded user in callback params - -## v0.1.24 (2021-03-22) - -* `Assent.Strategy.OIDC.Base.authorize_url/2` now has correct type specs - -## v0.1.23 (2021-03-01) - -Updated to support OTP 24 and no longer support OTP < 22.1 - -* `Assent.Strategy.OIDC` now handles missing `id_token` in token params - -## v0.1.22 (2021-01-08) - -* `Assent.Strategy.OAuth2.fetch_user/4` now accepts headers in arguments -* `Assent.Strategy.AzureAD` bug fixed so it now uses the `RS256` alg - -## v0.1.21 (2020-12-29) - -* `Assent.Strategy.OAuth` now handles missing params in callback phase -* `Assent.Strategy.Twitter` now handles access denied callback - -## v0.1.20 (2020-12-10) - -* `Assent.Strategy.Stripe` added -* `Assent.Strategy.to_url/3` now handles nested query params -* `Assent.Strategy.OAuth2` no longer removes padding for base64 encoding authorization header -* `Assent.Strategy.OIDC.validate_id_token/2` now supports dynamic OpenID configuration -* `Assent.Strategy.OIDC.fetch_userinfo/2` now supports dynamic OpenID configuration - -## v0.1.19 (2020-11-25) - -* Updated docs to detail `:inets` compilation -* `Assent.OAuth2.authorize_url/1` now returns the state, if defined, from `authorization_params` - -## v0.1.18 (2020-11-08) - -* Removed `oauther` dependency - -## v0.1.17 (2020-11-05) - -* Relax `mint` requirement - -## v0.1.16 (2020-10-21) - -**Warning:** This release has breaking changes. - -All `get_user/2` functions has been renamed to `fetch_user/2` as they return `{:ok, res}`/`{:error, res}` tuples. - -* `Assent.OAuth.get/4` removed in favor of `Assent.OAuth.request/6` -* `Assent.OAuth2.get_access_token/3` renamed to `Assent.OAuth2.grant_access_token/3` -* `Assent.OAuth2.get/4` removed in favor of `Assent.OAuth2.request/6` - -## v0.1.15 (2020-10-18) - -* `Assent.Strategy.OIDC.validate_id_token/2` has a bug fixed where `alg` was not validated correctly -* `Assent.Strategy.OIDC` now has an `:id_token_signed_response_alg` configuration option -* `Assent.Strategy.LINE` added - -## v0.1.14 (2020-10-11) - -* `Assent.Strategy.OAuth2.get_access_token/3` added -* `Assent.Strategy.OAuth2.refresh_access_token/3` added -* `Assent.Strategy.OAuth2.authorization_headers/2` is no long a public function -* `Assent.Strategy.Apple` updated to handle `name` scope - -## v0.1.13 (2020-07-14) - -* `Assent.Strategy.DigitalOcean` added - -## v0.1.12 (2020-05-24) - -* `Assent.Strategy.OAuth2.authorization_headers/2` now capitalizes the token type in the authorization header -* `Assent.Strategy.OIDC.callback/2` now calls the strategy `get_user/2` method before any ID token validation -* `Assent.Strategy.OIDC.validate_id_token/2` added -* `Assent.Strategy.OIDC.fetch_userinfo/2` added -* `Assent.Strategy.OIDC` no longer fetches the userinfo by default instead using the claims in the ID Token - -## v0.1.11 (2020-05-16) - -* `Assent.Strategy.OAuth2.callback/2` now requires `:session_params` to be set in the config -* `Assent.Strategy.OIDC.callback/2` now requires `:session_params` to be set in the config -* `Assent.Strategy.OAuth2` now uses constant time comparison for state -* `Assent.Strategy.OIDC` now uses constant time comparison for nonce -* `Assent.Strategy.Httpc.request/5` bug fixed for certificates that has wildcard domain with SAN extension -* `Assent.Strategy.Mint.request/5` bug fixed for certificates that has wildcard domain with SAN extension - -## v0.1.10 (2020-04-23) - -Now requires Mint 1.0.0 or higher. - -* `Assent.Strategy.Instagram` now accepts `:user_url_request_fields` config option and passes `fields` params to the `/me` point - -## v0.1.9 (2020-04-23) - -Now requires Elixir 1.7 or higher. - -* `Assent.Strategy.Instagram` now uses the Instagram Graph API -* `Assent.Strategy.OIDC` bug fixed when no `:session_params` set in config - -## v0.1.8 (2020-02-15) - -* `Assent.Strategy.Github` now provides `email_verified` value -* `Assent.Strategy.Gitlab` now provides `email_verified` value -* `Assent.Strategy.Google` fixed to provide correct `email_verified` value -* `Assent.Strategy.Twitter` now provides `email_verified` value - -## v0.1.7 (2020-02-10) - -* Fix `Assent.HTTPAdapter.Mint` where `:unknown` responses where not handled correctly - -## v0.1.6 (2020-01-30) - -* `Assent.Strategy.AzureAD` now uses auth code flow instead of hybrid flow - -## v0.1.5 (2020-01-13) - -* Removed unused `:resource` param in `Assent.Strategy.AzureAD` -* Added "email profile" to scope in `Assent.Strategy.AzureAD` -* Use `response_mode=form_post` for `Assent.Strategy.AzureAD` -* Updated `Assent.Strategy.OAuth2` to handle access token request correctly when `:auth_method` is `nil` per RFC specs -* Changed `Assent.Strategy.Apple` to use OIDC strategy and verify the JWT -* Changed `Assent.Strategy.OIDC` to update token with the expanded JWT as the `id_token` -* Fixed bug in `Assent.HTTPAdapter.Mint` with query params not being included in request - -## v0.1.4 (2019-11-09) - -* Support mint up to `v1.0.x` -* Fixed bug in `Assent.JWTAdapter.JOSE` where `nil` secret value raised an exception -* Fixed bug in `Assent.JWTAdapter.AssentJWT` where ECDSA algorithms didn't generate or verify valid signatures - -## v0.1.3 (2019-10-27) - -* Fixed bug in `Assent.Strategy.Github` where multiple emails for account resulted in the verified primary e-mail not being returned - -## v0.1.2 (2019-10-08) - -* Require `:redirect_uri` is set in the config of `Assent.Strategy.OAuth2.callback/3` instead of as `redirect_uri` in the params - -## v0.1.1 (2019-10-07) +## Breaking changes -* Relax mint requirement -* Fix bug in `Assent.HTTPAdapter.Mint` where HTTP/2 responses wasn't parsed correctly +* `:site` configuration option removed, use `:base_url` instead +* `Assent.Strategy.OAuth2.authorize_url/2` no longer allows `:state` in `:authorization_params` +* `Assent.Strategy.decode_response/2`removed, use `Assent.HTTPAdapter.decode_response/2` instead +* `Assent.Strategy.request/5` removed, use `Assent.Strategy.http_request/5` instead +* `Assent.MissingParamError` no longer accepts `:expected_key`, use `:key` instead +* `Assent.HTTPAdapter.Mint` removed +* `Assent.Config` removed -## v0.1.0 (2019-10-06) +## v0.2 -* Initial release +The CHANGELOG for v0.2 releases can be found [in the v0.2 branch](https://github.com/pow-auth/assent/blob/v0.2/CHANGELOG.md). \ No newline at end of file diff --git a/lib/assent.ex b/lib/assent.ex index 8814038..3cac8a3 100644 --- a/lib/assent.ex +++ b/lib/assent.ex @@ -45,21 +45,6 @@ defmodule Assent do params: map() } - # TODO: Deprecated, remove in 0.3 - def exception(opts) do - opts = - case Keyword.fetch(opts, :expected_key) do - {:ok, key} -> - IO.warn("The `expected_key` option is deprecated. Please use `key` instead.") - [key: key, params: opts[:params]] - - :error -> - opts - end - - struct!(__MODULE__, opts) - end - def message(exception) do key = inspect(exception.key) param_keys = exception.params |> Map.keys() |> Enum.sort() |> inspect() diff --git a/lib/assent/config.ex b/lib/assent/config.ex deleted file mode 100644 index 961f245..0000000 --- a/lib/assent/config.ex +++ /dev/null @@ -1,49 +0,0 @@ -# TODO: Deprecated, remove in 0.3 -defmodule Assent.Config do - @moduledoc false - - defmodule MissingConfigError do - @type t :: %__MODULE__{} - - defexception [:key] - - def message(exception) do - "Key #{inspect(exception.key)} not found in config" - end - end - - @type t :: Keyword.t() - - @doc false - @deprecated "Use Assent.fetch_config/2 instead" - def fetch(config, key), do: Assent.fetch_config(config, key) - - @deprecated "Use Keyword.get/3 instead" - defdelegate get(config, key, default), to: Keyword - - @deprecated "Use Keyword.put/3 instead" - defdelegate put(config, key, value), to: Keyword - - @deprecated "Use Keyword.merge/2 instead" - defdelegate merge(config_a, config_b), to: Keyword - - @deprecated "Use Assent.json_library/1 instead" - def json_library(config), do: Assent.json_library(config) - - def __base_url__(config) do - case Assent.fetch_config(config, :base_url) do - {:ok, base_url} -> - {:ok, base_url} - - {:error, error} -> - case Assent.fetch_config(config, :site) do - {:ok, base_url} -> - IO.warn("The `:site` configuration key is deprecated, use `:base_url` instead") - {:ok, base_url} - - {:error, _site_error} -> - {:error, error} - end - end - end -end diff --git a/lib/assent/http_adapter/mint.ex b/lib/assent/http_adapter/mint.ex deleted file mode 100644 index f7d9741..0000000 --- a/lib/assent/http_adapter/mint.ex +++ /dev/null @@ -1,120 +0,0 @@ -if Code.ensure_loaded?(Mint.HTTP) do - defmodule Assent.HTTPAdapter.Mint do - @moduledoc false - alias Assent.{HTTPAdapter, HTTPAdapter.HTTPResponse} - - @behaviour HTTPAdapter - - @impl HTTPAdapter - def request(method, url, body, headers, mint_opts \\ nil) do - IO.warn( - "#{inspect(__MODULE__)} is deprecated, consider use #{inspect(Assent.HTTPAdapter.Finch)} instead" - ) - - headers = headers ++ [HTTPAdapter.user_agent_header()] - - %{scheme: scheme, port: port, host: host, path: path, query: query} = URI.parse(url) - - path = add_query_to_path(path, query) - - scheme - |> open_mint_conn(host, port, mint_opts) - |> mint_request(method, path, headers, body) - |> format_response() - end - - defp add_query_to_path(path, query) when is_binary(query), do: path <> "?" <> query - defp add_query_to_path(path, _any), do: path - - defp open_mint_conn(scheme, host, port, nil), do: open_mint_conn(scheme, host, port, []) - defp open_mint_conn("http", host, port, opts), do: open_mint_conn(:http, host, port, opts) - defp open_mint_conn("https", host, port, opts), do: open_mint_conn(:https, host, port, opts) - - defp open_mint_conn(scheme, host, port, opts) when is_atom(scheme) do - transport_opts = Keyword.get(opts, :transport_opts, []) - opts = Keyword.put(opts, :transport_opts, transport_opts) - - Mint.HTTP.connect(scheme, host, port, opts) - end - - defp mint_request(resp, :get, path, headers, body), - do: mint_request(resp, "GET", path, headers, body) - - defp mint_request(resp, :post, path, headers, body), - do: mint_request(resp, "POST", path, headers, body) - - defp mint_request(resp, method, nil, headers, body), - do: mint_request(resp, method, "/", headers, body) - - defp mint_request({:ok, conn}, method, path, headers, body) do - conn - |> Mint.HTTP.request(method, path, headers, body) - |> await_response() - end - - defp mint_request({:error, error}, _method, _path, _headers, _body), do: {:error, error} - - defp await_response({:ok, conn, request_ref}), do: await_response(conn, request_ref) - - defp await_response(conn, request_ref, timeout \\ 5_000, responses \\ []) do - start_time = monotonic_timestamp() - - receive do - {:tcp, _, _} = message -> - handle_response(conn, request_ref, message, timeout, start_time, responses) - - {:ssl, _, _} = message -> - handle_response(conn, request_ref, message, timeout, start_time, responses) - after - timeout -> {:error, :timeout} - end - end - - defp monotonic_timestamp, do: :erlang.monotonic_time(:millisecond) - - defp handle_response(conn, request_ref, message, timeout, start_time, prev_responses) do - case Mint.HTTP.stream(conn, message) do - {:ok, conn, responses} -> - case completed?(responses) do - true -> - {:ok, prev_responses ++ responses} - - false -> - new_timeout = new_timeout(timeout, start_time) - - await_response(conn, request_ref, new_timeout, prev_responses ++ responses) - end - - {:error, _, e, _} -> - {:error, e} - - :unknown -> - new_timeout = new_timeout(timeout, start_time) - - await_response(conn, request_ref, new_timeout, prev_responses) - end - end - - defp new_timeout(timeout, start_time), - do: max(timeout - (monotonic_timestamp() - start_time), 0) - - defp completed?([{:done, _request_ref} | _rest]), do: true - defp completed?([_resp | responses]), do: completed?(responses) - defp completed?([]), do: false - - defp format_response({:ok, responses}) do - [{:status, _, status}, {:headers, _, headers} | responses] = responses - body = merge_body(responses) - - {:ok, %HTTPResponse{status: status, headers: headers, body: body}} - end - - defp format_response({:error, response}), do: {:error, response} - - defp merge_body([{:data, _request, new_body} | rest], body), - do: merge_body(rest, body <> new_body) - - defp merge_body(_rest, body), do: body - defp merge_body(responses), do: merge_body(responses, "") - end -end diff --git a/lib/assent/strategies/oauth.ex b/lib/assent/strategies/oauth.ex index e7d1bc7..cd2d2ee 100644 --- a/lib/assent/strategies/oauth.ex +++ b/lib/assent/strategies/oauth.ex @@ -48,7 +48,6 @@ defmodule Assent.Strategy.OAuth do alias Assent.Strategy, as: Helpers alias Assent.{ - Config, HTTPAdapter.HTTPResponse, InvalidResponseError, JWTAdapter, @@ -88,7 +87,7 @@ defmodule Assent.Strategy.OAuth do end defp fetch_request_token(config, oauth_params) do - with {:ok, base_url} <- Config.__base_url__(config) do + with {:ok, base_url} <- Assent.fetch_config(config, :base_url) do request_token_url = Keyword.get(config, :request_token_url, "/request_token") url = process_url(base_url, request_token_url) @@ -298,7 +297,7 @@ defmodule Assent.Strategy.OAuth do defp process_response({:error, error}), do: {:error, error} defp gen_authorize_url(config, token) do - with {:ok, base_url} <- Config.__base_url__(config), + with {:ok, base_url} <- Assent.fetch_config(config, :base_url), {:ok, oauth_token} <- fetch_from_token(token, "oauth_token"), {:ok, oauth_token_secret} <- fetch_from_token(token, "oauth_token_secret") do authorization_url = Keyword.get(config, :authorize_url, "/authorize") @@ -346,7 +345,7 @@ defmodule Assent.Strategy.OAuth do end defp fetch_access_token(config, oauth_token, oauth_verifier) do - with {:ok, base_url} <- Config.__base_url__(config) do + with {:ok, base_url} <- Assent.fetch_config(config, :base_url) do access_token_url = Keyword.get(config, :access_token_url, "/access_token") url = process_url(base_url, access_token_url) oauth_token_secret = Kernel.get_in(config, [:session_params, :oauth_token_secret]) @@ -371,7 +370,7 @@ defmodule Assent.Strategy.OAuth do @spec request(Keyword.t(), map(), atom(), binary(), map() | Keyword.t(), [{binary(), binary()}]) :: {:ok, map()} | {:error, term()} def request(config, token, method, url, params \\ [], headers \\ []) do - with {:ok, base_url} <- Config.__base_url__(config), + with {:ok, base_url} <- Assent.fetch_config(config, :base_url), {:ok, oauth_token} <- fetch_from_token(token, "oauth_token"), {:ok, oauth_token_secret} <- fetch_from_token(token, "oauth_token_secret") do url = process_url(base_url, url) diff --git a/lib/assent/strategies/oauth2.ex b/lib/assent/strategies/oauth2.ex index b4fc885..00d7f66 100644 --- a/lib/assent/strategies/oauth2.ex +++ b/lib/assent/strategies/oauth2.ex @@ -80,7 +80,6 @@ defmodule Assent.Strategy.OAuth2 do alias Assent.{ CallbackCSRFError, CallbackError, - Config, HTTPAdapter.HTTPResponse, InvalidResponseError, JWTAdapter, @@ -113,10 +112,8 @@ defmodule Assent.Strategy.OAuth2 do @impl true @spec authorize_url(Keyword.t()) :: on_authorize_url() def authorize_url(config) do - config = deprecated_state_handling(config) - with {:ok, redirect_uri} <- Assent.fetch_config(config, :redirect_uri), - {:ok, base_url} <- Config.__base_url__(config), + {:ok, base_url} <- Assent.fetch_config(config, :base_url), {:ok, client_id} <- Assent.fetch_config(config, :client_id) do session_params = session_params(config) url_params = authorization_params(config, client_id, redirect_uri, session_params) @@ -128,24 +125,6 @@ defmodule Assent.Strategy.OAuth2 do end end - # TODO: Remove in >= 0.3 - defp deprecated_state_handling(config) do - config - |> Keyword.get(:authorization_params, []) - |> Keyword.get(:state) - |> case do - nil -> - config - - state -> - IO.warn( - "Passing `:state` key in `:authorization_params` is deprecated, set it in the config instead." - ) - - Keyword.put(config, :state, state) - end - end - defp session_params(config) do state_params(config) ++ code_verifier_params(config) end @@ -271,7 +250,7 @@ defmodule Assent.Strategy.OAuth2 do auth_method = Keyword.get(config, :auth_method) token_url = Keyword.get(config, :token_url, "/oauth/token") - with {:ok, base_url} <- Config.__base_url__(config), + with {:ok, base_url} <- Assent.fetch_config(config, :base_url), {:ok, auth_headers, auth_body} <- authentication_params(auth_method, config) do headers = [{"content-type", "application/x-www-form-urlencoded"}] ++ auth_headers params = Keyword.merge(params, Keyword.put(auth_body, :grant_type, grant_type)) @@ -352,7 +331,7 @@ defmodule Assent.Strategy.OAuth2 do defp jwt_claims(config) do timestamp = :os.system_time(:second) - with {:ok, base_url} <- Config.__base_url__(config), + with {:ok, base_url} <- Assent.fetch_config(config, :base_url), {:ok, client_id} <- Assent.fetch_config(config, :client_id) do {:ok, %{ @@ -411,7 +390,7 @@ defmodule Assent.Strategy.OAuth2 do @spec request(Keyword.t(), map(), atom(), binary(), map() | Keyword.t(), [{binary(), binary()}]) :: {:ok, map()} | {:error, term()} def request(config, token, method, url, params \\ [], headers \\ []) do - with {:ok, base_url} <- Config.__base_url__(config), + with {:ok, base_url} <- Assent.fetch_config(config, :base_url), {:ok, auth_headers} <- authorization_headers(token) do req_headers = request_headers(method, auth_headers ++ headers) req_body = request_body(method, params) diff --git a/lib/assent/strategies/oidc.ex b/lib/assent/strategies/oidc.ex index f2b78ef..db52bff 100644 --- a/lib/assent/strategies/oidc.ex +++ b/lib/assent/strategies/oidc.ex @@ -79,7 +79,6 @@ defmodule Assent.Strategy.OIDC do alias Assent.Strategy, as: Helpers alias Assent.{ - Config, HTTPAdapter.HTTPResponse, InvalidResponseError, RequestError, @@ -136,7 +135,7 @@ defmodule Assent.Strategy.OIDC do end defp fetch_openid_configuration_from_uri(config) do - with {:ok, base_url} <- Config.__base_url__(config) do + with {:ok, base_url} <- Assent.fetch_config(config, :base_url) do configuration_url = Keyword.get(config, :openid_configuration_uri, "/.well-known/openid-configuration") diff --git a/lib/assent/strategy.ex b/lib/assent/strategy.ex index 1ca3f32..3de4607 100644 --- a/lib/assent/strategy.ex +++ b/lib/assent/strategy.ex @@ -170,30 +170,4 @@ defmodule Assent.Strategy do end def __normalize__({:error, error}, _config, _strategy), do: {:error, error} - - # TODO: Remove in 0.3 - @deprecated "Use http_request/4 instead" - def request(method, url, body, headers, config), - do: http_request(method, url, body, headers, config) - - # TODO: Remove in 0.3 - def decode_response({res, %Assent.HTTPAdapter.HTTPResponse{} = response}, config) do - IO.warn("Passing {:ok | :error, response} to decode_response/2 is deprecated") - - case decode_response(response, config) do - {:ok, body} -> {res, %{response | body: body}} - {:error, error} -> {:error, error} - end - end - - # TODO: Remove in 0.3 - def decode_response({:error, error}, _config) do - IO.warn("Passing {:error, error} to decode_response/2 is deprecated") - - {:error, error} - end - - # TODO: Remove in 0.3 - @deprecated "Use Assent.HTTPAdapter.decode_response/2 instead" - def decode_response(response, config), do: Assent.HTTPAdapter.decode_response(response, config) end diff --git a/mix.exs b/mix.exs index 25becf5..5284cf9 100644 --- a/mix.exs +++ b/mix.exs @@ -40,7 +40,6 @@ defmodule Assent.MixProject do {:certifi, ">= 0.0.0", optional: true}, {:ssl_verify_fun, ">= 0.0.0", optional: true}, {:finch, "~> 0.15", optional: true}, - {:mint, "~> 1.0", optional: true}, {:req, "~> 0.4", optional: true}, # Docs and tests {:ex_doc, ">= 0.0.0", only: :dev, runtime: false}, diff --git a/mix.lock b/mix.lock index 00b863f..1afe38b 100644 --- a/mix.lock +++ b/mix.lock @@ -2,7 +2,7 @@ "bandit": {:hex, :bandit, "1.6.1", "9e01b93d72ddc21d8c576a704949e86ee6cde7d11270a1d3073787876527a48f", [:mix], [{:hpax, "~> 1.0", [hex: :hpax, repo: "hexpm", optional: false]}, {:plug, "~> 1.14", [hex: :plug, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}, {:thousand_island, "~> 1.0", [hex: :thousand_island, repo: "hexpm", optional: false]}, {:websock, "~> 0.5", [hex: :websock, repo: "hexpm", optional: false]}], "hexpm", "5a904bf010ea24b67979835e0507688e31ac873d4ffc8ed0e5413e8d77455031"}, "bunt": {:hex, :bunt, "1.0.0", "081c2c665f086849e6d57900292b3a161727ab40431219529f13c4ddcf3e7a44", [:mix], [], "hexpm", "dc5f86aa08a5f6fa6b8096f0735c4e76d54ae5c9fa2c143e5a1fc7c1cd9bb6b5"}, "certifi": {:hex, :certifi, "2.13.0", "e52be248590050b2dd33b0bb274b56678f9068e67805dca8aa8b1ccdb016bbf6", [:rebar3], [], "hexpm", "8f3d9533a0f06070afdfd5d596b32e21c6580667a492891851b0e2737bc507a1"}, - "credo": {:hex, :credo, "1.7.10", "6e64fe59be8da5e30a1b96273b247b5cf1cc9e336b5fd66302a64b25749ad44d", [:mix], [{:bunt, "~> 0.2.1 or ~> 1.0", [hex: :bunt, repo: "hexpm", optional: false]}, {:file_system, "~> 0.2 or ~> 1.0", [hex: :file_system, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: false]}], "hexpm", "71fbc9a6b8be21d993deca85bf151df023a3097b01e09a2809d460348561d8cd"}, + "credo": {:hex, :credo, "1.7.11", "d3e805f7ddf6c9c854fd36f089649d7cf6ba74c42bc3795d587814e3c9847102", [:mix], [{:bunt, "~> 0.2.1 or ~> 1.0", [hex: :bunt, repo: "hexpm", optional: false]}, {:file_system, "~> 0.2 or ~> 1.0", [hex: :file_system, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: false]}], "hexpm", "56826b4306843253a66e47ae45e98e7d284ee1f95d53d1612bb483f88a8cf219"}, "dialyxir": {:hex, :dialyxir, "1.4.5", "ca1571ac18e0f88d4ab245f0b60fa31ff1b12cbae2b11bd25d207f865e8ae78a", [:mix], [{:erlex, ">= 0.2.7", [hex: :erlex, repo: "hexpm", optional: false]}], "hexpm", "b0fb08bb8107c750db5c0b324fa2df5ceaa0f9307690ee3c1f6ba5b9eb5d35c3"}, "earmark_parser": {:hex, :earmark_parser, "1.4.42", "f23d856f41919f17cd06a493923a722d87a2d684f143a1e663c04a2b93100682", [:mix], [], "hexpm", "6915b6ca369b5f7346636a2f41c6a6d78b5af419d61a611079189233358b8b8b"}, "erlex": {:hex, :erlex, "0.2.7", "810e8725f96ab74d17aac676e748627a07bc87eb950d2b83acd29dc047a30595", [:mix], [], "hexpm", "3ed95f79d1a844c3f6bf0cea61e0d5612a42ce56da9c03f01df538685365efb0"}, diff --git a/test/assent/config_test.exs b/test/assent/config_test.exs deleted file mode 100644 index 9d18e61..0000000 --- a/test/assent/config_test.exs +++ /dev/null @@ -1,4 +0,0 @@ -defmodule Assent.ConfigTest do - use Assent.TestCase - doctest Assent.Config -end diff --git a/test/assent/http_adapter/mint_test.exs b/test/assent/http_adapter/mint_test.exs deleted file mode 100644 index faa4463..0000000 --- a/test/assent/http_adapter/mint_test.exs +++ /dev/null @@ -1,130 +0,0 @@ -defmodule Assent.HTTPAdapter.MintTest do - use Assent.TestCase - doctest Assent.HTTPAdapter.Mint - - alias ExUnit.CaptureIO - alias Mint.TransportError - alias Assent.HTTPAdapter.{HTTPResponse, Mint} - - describe "request/4" do - test "handles SSL" do - TestServer.start(scheme: :https) - TestServer.add("/", via: :get) - - mint_opts = [ - transport_opts: [cacerts: TestServer.x509_suite().cacerts], - protocols: [:http1] - ] - - assert CaptureIO.capture_io(:stderr, fn -> - assert {:ok, %HTTPResponse{status: 200, body: "HTTP/1.1"}} = - Mint.request(:get, TestServer.url(), nil, [], mint_opts) - end) =~ - "Assent.HTTPAdapter.Mint is deprecated, consider use Assent.HTTPAdapter.Finch instead" - end - - test "handles SSL with bad certificate" do - TestServer.start(scheme: :https) - - bad_host_url = TestServer.url(host: "bad-host.localhost") - mint_opts = [transport_opts: [cacerts: TestServer.x509_suite().cacerts]] - - assert CaptureIO.capture_io(:stderr, fn -> - assert {:error, - %TransportError{reason: {:tls_alert, {:handshake_failure, _error}}}} = - Mint.request(:get, bad_host_url, nil, [], mint_opts) - end) =~ - "Assent.HTTPAdapter.Mint is deprecated, consider use Assent.HTTPAdapter.Finch instead" - end - - test "handles SSL with bad certificate and no verification" do - TestServer.start(scheme: :https) - TestServer.add("/", via: :get) - - bad_host_url = TestServer.url(host: "bad-host.localhost") - - mint_opts = [ - transport_opts: [cacerts: TestServer.x509_suite().cacerts, verify: :verify_none] - ] - - assert CaptureIO.capture_io(:stderr, fn -> - assert {:ok, %HTTPResponse{status: 200}} = - Mint.request(:get, bad_host_url, nil, [], mint_opts) - end) =~ - "Assent.HTTPAdapter.Mint is deprecated, consider use Assent.HTTPAdapter.Finch instead" - end - - if :crypto.supports()[:curves] do - test "handles http/2" do - TestServer.start(scheme: :https) - TestServer.add("/", via: :get) - - mint_opts = [transport_opts: [cacerts: TestServer.x509_suite().cacerts]] - - assert CaptureIO.capture_io(:stderr, fn -> - assert {:ok, %HTTPResponse{status: 200, body: "HTTP/2"}} = - Mint.request(:get, TestServer.url(), nil, [], mint_opts) - end) =~ - "Assent.HTTPAdapter.Mint is deprecated, consider use Assent.HTTPAdapter.Finch instead" - end - else - IO.warn("No support curve algorithms, can't test in #{__MODULE__}") - end - - test "handles unreachable host" do - TestServer.start() - url = TestServer.url() - TestServer.stop() - - assert CaptureIO.capture_io(:stderr, fn -> - assert {:error, %TransportError{reason: :econnrefused}} = - Mint.request(:get, url, nil, []) - end) =~ - "Assent.HTTPAdapter.Mint is deprecated, consider use Assent.HTTPAdapter.Finch instead" - end - - test "handles query in URL" do - TestServer.add("/get", - via: :get, - to: fn conn -> - assert conn.query_string == "a=1" - - Plug.Conn.send_resp(conn, 200, "") - end - ) - - assert CaptureIO.capture_io(:stderr, fn -> - assert {:ok, %HTTPResponse{status: 200}} = - Mint.request(:get, TestServer.url("/get?a=1"), nil, []) - end) =~ - "Assent.HTTPAdapter.Mint is deprecated, consider use Assent.HTTPAdapter.Finch instead" - end - - test "handles POST" do - TestServer.add("/post", - via: :post, - to: fn conn -> - {:ok, body, conn} = Plug.Conn.read_body(conn, []) - params = URI.decode_query(body) - - assert params["a"] == "1" - assert params["b"] == "2" - - assert Plug.Conn.get_req_header(conn, "content-type") == [ - "application/x-www-form-urlencoded" - ] - - Plug.Conn.send_resp(conn, 200, "") - end - ) - - assert CaptureIO.capture_io(:stderr, fn -> - assert {:ok, %HTTPResponse{status: 200}} = - Mint.request(:post, TestServer.url("/post"), "a=1&b=2", [ - {"content-type", "application/x-www-form-urlencoded"} - ]) - end) =~ - "Assent.HTTPAdapter.Mint is deprecated, consider use Assent.HTTPAdapter.Finch instead" - end - end -end diff --git a/test/assent/strategies/oauth2_test.exs b/test/assent/strategies/oauth2_test.exs index 1a0d3be..b6acf57 100644 --- a/test/assent/strategies/oauth2_test.exs +++ b/test/assent/strategies/oauth2_test.exs @@ -710,16 +710,4 @@ defmodule Assent.Strategy.OAuth2Test do assert {:ok, response} = OAuth2.request(config, token, :post, "/info", a: 1) assert response.body == %{"success" => true} end - - ## Deprecated - - test "authorize_url/2 with state in authorization_params", %{config: config} do - assert {:ok, %{session_params: %{state: state}}} = - config - |> Keyword.put(:client_id, @client_id) - |> Keyword.put(:authorization_params, state: "state_test_value") - |> OAuth2.authorize_url() - - assert state == "state_test_value" - end end