This is same GHC version, but newer other packages, which we need after
updating for yesod-1.6. The 11.5 yaml is equivalent to stack.yaml, but
we'll keep it distinct for when we update our default development
resolver.
I just can't get the older LTS to solve after updating for yesod-1.6. I
will not in the CHANGELOG that, from this point, it may work on that
version, but we aren't explicitly testing it anymore.
8.4 is about to release, so it seems OK to start phasing out anyway, if
we're following a reasonable "current and one back" policy.
- Latest LTS-11.5
- Allow hoauth2-1.7, needs to be extra-dep though
- Support *and require* yesod-1.6
This required:
- Less lifts
- HandlerFor, WidgetFor, etc
- Lost MonadThrow, but can use MonadIO instead
- Incorrect indentation
- We should always accept Id/Secret last
- The function is oauth... not oAuth...
Because of the mis-naming, at least we could fix the argument-order in a
backwards-compatible way, deprecating the old function/interface.
Even though it's "guaranteed" that values will be present because we set
them, nothing stops end-users from using these functions on Creds values
created by other plugins! Since that seems common, it would be
irresponsible of us to remain so unsafe.
See #71.
New `credsExtra` keys:
- `accessToken`: so you can make your own follow-up requests
- `userResponseJSON`: so you can get more information out of the request
we already made (you just have to parse it yourself)
Removed keys:
- `access_token`: renamed to `accessToken`
- `avatar_url`: can be re-parsed
- `email`: requires your own request to `/emails`
- `login`: can be re-parsed from `userResponseJSON`
- `location`: can be re-parsed, was not always present
- `name`: can be re-parse, was not not always present
- `public_email`: can be re-parsed, was not not always present
Also re-orders arguments between default and scoped to allow better
partial application -- taking advantage of API breakage already.
- Extract ...OAuth2.Dispatch
- Extract ...OAuth2.Prelude
- Reduce ...OAuth2 interface
- Re-export ...OAuth2 from Prelude
Incidental improvements:
- Moves a lot of FromJSON interfaces to withObject which will provide
better de-serialization errors
- Updates Dispatch code to prepare for fetch-creds functions returning
either instead of maybe, so we can eventually remove exceptions
entirely
- Replaces (the potentially information-leaking) 500 on OAuth2-related
errors with a 403 and logged error
