Skip to content

Upgrade oauth2 to v5.0 with typestate endpoint safety#143

Merged
Yashb404 merged 2 commits intochore/upgrade-depfrom
copilot/sub-pr-141-again
Feb 13, 2026
Merged

Upgrade oauth2 to v5.0 with typestate endpoint safety#143
Yashb404 merged 2 commits intochore/upgrade-depfrom
copilot/sub-pr-141-again

Conversation

Copy link
Copy Markdown

Copilot AI commented Feb 13, 2026
edited
Loading

Upgrades oauth2 from 4.4 to 5.0, adopting the new typestate-based API that enforces endpoint configuration at compile time.

Dependency Updates

  • oauth2: 4.4 → 5.0
  • reqwest: 0.11 → 0.12 (required by oauth2 v5)

OAuth Client Refactor

  • Single-argument constructor with explicit endpoint setters replacing the old multi-argument new()
  • Typestate generics track configured endpoints at compile time
  • Type alias ConfiguredClient documents the endpoint configuration
// Before (v4.4)
BasicClient::new(
    client_id,
    Some(client_secret),
    auth_url,
    Some(token_url),
)

// After (v5.0)
BasicClient::new(client_id)
    .set_client_secret(client_secret)
    .set_auth_uri(auth_url)
    .set_token_uri(token_url)

HTTP Client Security

  • Stateful reqwest::Client replaces function-based client
  • Explicit redirect::Policy::none() for SSRF protection

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Copilot AI mentioned this pull request Feb 13, 2026
Draft
@Yashb404
Upgrade oauth2 from 4.4 to 5.0 and reqwest to 0.12
64dd939 
Co-authored-by: Yashb404 <139128977+Yashb404@users.noreply.github.com>
Copilot AI changed the title [WIP] Upgrade server dependencies including Axum and session crates Upgrade oauth2 to v5.0 with typestate endpoint safety Feb 13, 2026
Copilot AI requested a review from Yashb404 February 13, 2026 11:40
@Yashb404 Yashb404 marked this pull request as ready for review February 13, 2026 12:11
@Yashb404 Yashb404 merged commit 889718d into chore/upgrade-dep Feb 13, 2026
@Yashb404 Yashb404 deleted the copilot/sub-pr-141-again branch February 13, 2026 20:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Yashb404 Yashb404 Awaiting requested review from Yashb404

Assignees

@Yashb404 Yashb404

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Yashb404