Changes since 2.0.0-beta.1

• Upgrade oauth2 dependency to stable 4.0 release.

Summary of changes since 1.0.0

Breaking changes

• Raise minimum supported Rust version (MSRV) to 1.45.
• Upgrade reqwest to 0.11 and rename feature flag to reqwest. This upgrades tokio to 1.0 and removes support for both the reqwest-010 and reqwest-09 feature flags.
• Drop support for futures 0.1 and remove the futures-01 and futures-03 feature flags; only async/await and futures 0.3 are now supported (without requiring any feature flags).
• Eliminate Async* traits and move the request_async methods to the underlying *Request structs
• Rename set_redirect_url to set_redirect_uri (see #39 for context).
• Migrate public API from http 0.1 to 0.2.
• Return error types that implement std::error::Error instead of failure::Fail.
• Expose serde_path_to_error::Error<serde_json::Error>> in several error types to make JSON deserialization errors easier to diagnose.
• Add #[non_exhaustive] attribute to AuthType to support non-breaking additions in the future.
• Have Client::user_info fail fast with a new ConfigurationError enum when the relevant OAuth2 endpoint hasn't been configured from the OpenID Connect Discovery metadata. Previously, an error would not be returned until a call to request/request_async.

New features

• Add support for OAuth 2.0 Token Revocation (RFC 7009).
• Add support for OAuth 2.0 Token Introspection (RFC 7662).
• Add support for the OAuth2 Client Credentials Grant.
• Add support for ES256/ES384 JWT signatures.

Other changes

• Have reqwest client use rustls-tls by default instead of native TLS. This behavior can be overridden using the native-tls feature flag.
• Disable deprecated OpenID Connect conformance tests.