Bug fixes

• Assent.JWTAdapter.AssentJWT fixed padding issue with ECDSA that caused invalid signatures #192

This release consists of breaking changes.

Userinfo is now cast to the correct type per https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.5.1 (thanks @robinvdvleuten). When upgrading you must ensure that you do not depend on a specific type in the returned userinfo for any of the strategies listed below.

Breaking changes

• Assent.Strategy.Auth0.authorize_url/2 no longer accepts :domain config, use :base_url instead #178
• Assent.Strategy.Basecamp.callback/2 now encodes sub as a binary() instead of an integer() #167
• Assent.Strategy.Github.callback/2 now encodes sub as a binary() instead of an integer() #167
• Assent.Strategy.Google now encodes email_verified as a boolean() instead of a binary() #167
• Assent.Strategy.Google now return hd instead of google_hd #169
• Assent.Strategy.Strava.callback/2 now encodes sub as a binary() instead of an integer() #167
• Assent.Strategy.Telegram.callback/2 now encodes sub as a binary() instead of an integer() #167
• Assent.Strategy.Twitter.callback/2 now encodes sub as a binary() instead of an integer() #167
• Assent.Strategy.VK.callback/2 now encodes sub as a binary() instead of an integer() #167
• :site configuration option removed, use :base_url instead #174
• Assent.Strategy.OAuth2.authorize_url/2 no longer allows :state in :authorization_params #174
• Assent.Strategy.decode_response/2removed, use Assent.HTTPAdapter.decode_response/2 instead #174
• Assent.Strategy.request/5 removed, use Assent.Strategy.http_request/5 instead #174
• Assent.Strategy.prune/1 removed #167
• Assent.MissingParamError no longer accepts :expected_key, use :key instead #174
• Assent.HTTPAdapter.Mint removed #174
• Assent.Config removed #174

Changes

• Assent.Strategy.Auth0 now uses OIDC instead of OAuth 2.0 base strategy #178
• Assent.Strategy.Gitlab now uses OIDC instead of OAuth 2.0 base strategy #179
• Assent.Strategy.Google now uses OIDC instead of OAuth 2.0 base strategy #169
• Assent.Strategy.normalize_userinfo/2 now casts the user claims per OpenID specification #167

• Assent.Strategy.Auth0 deprecated :domain config option in favor of :base_url #177

• Assent now has a module doc #176

• Default to using JSON instead of Jason for JSON parsing on Elixir 1.18 #161
• Assent.Strategy.OAuth2 now supports :state config option #162
• Assent.Strategy.OAuth2 :state override in :authorization_parms has been deprecated #162
• Assent.Strategy.OIDC now supports none authentication method #163 (thanks @tommasop)
• Assent.Strategy.Bitbucket added #160 (thanks @djgoku)
• Assent.Strategy.Twitch added #159 (thanks @s0er3n)
• Assent.Strategy.Telegram added #152 (thanks @vheathen)
• Assent.Strategy.Zitadel added #154 (thanks @tommasop)
• Assent.Strategy.Facebook.fetch_user/2 fixed bug with user not being decoded #168 (thanks @JohnDoneth)
• Assent.Strategy.OAuth2 now supports PKCE #164 (thanks @tommasop)
• Assent.Strategy.OAuth2.Base.authorize_url/2 incomplete typespec fixed #166 (thanks @diogomrts)
• Assent.Strategy.decode_response/2 deprecated accepting result tuples and now accepts Assent.HTTPAdapter.HTTPResponse structs #172
• Assent.Strategy.request/5 deprecated in favor of Assent.Strategy.http_request/5 #175
• Assent.Strategy.decode_response/2 deprecated in favor of Assent.HTTPAdapter.decode_response/2 #175
• Assent.Config.get/3 deprecated in favor of Keyword.get/3 #175
• Assent.Config.put/3 deprecated in favor of Keyword.put/3 #175
• Assent.Config.merge/2 deprecated in favor of Keyword.merge/2 #175
• Assent.Config.t() type deprecated in favor of Keyword.t() type #175
• Assent.Config.fetch/2 deprecated in favor of Assent.fetch_config/2 #175

Requires Elixir 1.13+

• Fixed bug with trailing slash in :base_url not being ommitted when concatenating with relative path #150 (thanks @dtluther)

• Fixed bug where Req was not used by default if included in project #143
• Assent.Strategy.Httpc.request/5 now sets content length header #144

Req will be used by default if available in your project, otherwise :httpc will be used. #139

• Req HTTP adapter added #139
• Req supported by default as HTTP client #139
• Global application config support for HTTP and JWT adapters #139
• More expressive errors now including the whole HTTP response where applicable #138
• Deprecated :site config in favor of :base_url config #140

• Assent.Strategy.Strava added #135

• Added Assent.HTTPAdapter.Finch #124
• Deprecated Assent.HTTPAdapter.Mint #124