[8.3.1]
 * fix java.lang.NoClassDefFoundError for non-java8 runtimes (e.g. Android 7.1.1)
   (thanks to https://github.com/ChristopherGittner)

[8.3.0]
 * add Instagram (https://www.instagram.com/) API (thanks to https://github.com/faent)
 * add getErrorMessage method to FacebookAccessTokenErrorResponse. Should be used instead of general getMessage method
   from the parent Exception

[8.2.0]
 * add ScopeBuilder to easily specify multiple scopes while requesting OAuth2.0 Access Tokens
 * make Base64 en/de-coding not dependent from java8 implementation (use three optional implementation
    (internal java 8+, Apache Commons Codec, JAXB) detected in runtime) (thanks to https://github.com/CodingFabian)
 * implement possibility to add extra parameters to Access Token Request
    (AccessTokenRequestParams#*ExtraParameters methods), https://github.com/scribejava/scribejava/issues/980
    (thanks to https://github.com/pmorch)

[8.1.0]
 * add raw Response (with HTTP response code and body) as member to the OAuth2AccessTokenErrorResponse
 * add possibility to set "" (empty string) as apiSecret
 * add Slack API (https://slack.com/) (thanks to https://github.com/petrkopotev)

[8.0.0]
 * add Kakao API (https://kakao.com/) (thanks to https://github.com/v0o0v)
 * support chunks in JDKHttpClient's Multipart (thanks to https://github.com/eos1d3)
 * add support for OAuth 2.0 Device Authorization Grant (RFC 8628) (thanks to https://github.com/rebarbora-mckvak)
 * update Google API URLs

[7.1.1]
 * add Proxy support (via config's option) to internal JDKHttpClient (thanks to https://github.com/bjournaud)
 * fix typo (change "Verfier" to "Verifier") (thanks to https://github.com/afkbrb)
 * fix Multipart support in JDKHttpClient (thanks to https://github.com/eos1d3)

[7.0.0]
 * Add Polar API (https://www.polar.com/) (thanks to https://github.com/vidi42)
 * make Response accept resources to autoclose and autoclose it (thanks to https://github.com/drei01)
 * fix url encoding in POST payload (it's needed for 'application/x-www-form-urlencoded' Content-Type)
     + unit tests (thanks to https://github.com/max904-github)
 * Add Armeria HTTP client (thanks to https://github.com/max904-github)

[6.9.0]
 * Add Xero API (https://www.xero.com/) (thanks to https://github.com/SidneyAllen)

[6.8.1]
 * make Response implements Closeable (thanks to https://github.com/omaric)
 * fix Type resolution for builder pattern in ServiceBuilderOAuth10a (thanks to https://github.com/mgyucht)
 * fix no Content-length errors (thanks to https://github.com/mikita-herasiutsin and https://github.com/iankurverma)

[6.8.0]
 * Add debug output to OAuth2Service (thanks to https://github.com/rbarbey)
 * Add Dropbox API (https://www.dropbox.com/) (thanks to https://github.com/petrkopotev)

[6.7.0]
 * Add OAuth2 support for Meetup.com (thanks to https://github.com/stevedes77)
 * upgrade okhttp to 4.0.1 and security fix for jackson-databind 2.9.9.1

[6.6.3]
 * fix NPE for OpenId providers

[6.6.2]
 * add PMD checks on compile
 * add all OAuth error codes from supported RFCs (incl. "invalid_token") (thanks to https://github.com/echorebel)
 * Update LinkedIn Example to API v2 (thanks to https://github.com/peternees)
 * switch to jackson dependency to parse json responses (thanks to https://github.com/galimru)

[6.5.1]
 * cleanup deprecates methods

[6.5.0]
 * separate OAuth1.0a and OAuth2.0 ServiceBuilders,
   introduce AuthorizationUrlBuilder (along with deprecation of AuthorizationUrlWithPKCE)
   add possibility to provide different scopes for each Access Token request
 * upgrade Facebook API from v2.11 to v3.2
 * upgrade VkontakteApi from 5.73 to 5.92

[6.4.1]
 * support TLS 1.3 in JDK 11 for Salesforce
 * fix NPE in Apache HTTP client in case of empty body in HTTP response (e.g. with 204 response code)
    (thanks to https://github.com/SainagNeelamPatnaik)
 * separate OAuth1.0a and OAuth2.0 classes

[6.3.0]
 * fix Muplipart request model and implement it for a jdk HTTP client (thanks to https://github.com/NTPape)
 * remove any Google+ mention (switch to clean Google OAuth2) (thanks to https://github.com/fvasco)
 * fix Microsoft Azure AD v1.0 and v2.0 (thanks to https://github.com/kenpusney and https://github.com/oscararias)
 * add new API Asana (https://asana.com/) (thanks to https://github.com/joestazak)
 * state param should be used only for authorization url generation, for v2 only, for Authorization Code Grant only,
   and it should be set per request, not per created OAuthService

[6.2.0]
 * add new API Microsoft Azure Active Directory (Azure AD) 2.0
    (thanks to https://github.com/rzukow and https://github.com/dgrudenic)

[6.1.0]
 * add new API Keycloak (https://www.keycloak.org/) (thanks to https://github.com/JureZelic)
 * add new API Discord (https://discordapp.com/) (thanks to https://github.com/Jokuni)

[6.0.0]
 * make redirect_uri optional while Access Token requesting on OAuth 2.0 (thanks to https://github.com/computerlove)
 * switch to java 9+ (from java 7 only) for compilation. Runtime is still java 7+.
    Complement README with links and RFC descriptions.
 * switch OAuth2 Bearer Token Usage from enum OAuth2SignatureType to interface BearerSignature to be extensible
 * add new API Wunderlist (https://www.wunderlist.com/) (thanks to https://github.com/M-F-K)

[5.6.0]
 * remove support for obsolete NetEase (http://www.163.com/) and sohu 搜狐 (http://www.sohu.com/)
    (thanks to https://github.com/zawn)
 * add Multipart functionality to JDK Http Client (thanks to https://github.com/eos1d3)
 * switch OAuth2 ClientAuthenticationType from enum to interface ClientAuthentication to be extensible according to
   https://tools.ietf.org/html/rfc6749#section-2.3.2 (thanks to https://github.com/zawn)
 * add RuntimeException processing in async http clients (delivered to onError callbacks)
    (thanks to https://github.com/jochen314)
 * check 200 status code from response in OAuth2AccessTokenExtractor (thanks to https://github.com/jochen314)
 * fix case sensitive Http Headers comparison and sending Content-Type header along with content-type
    (thanks to https://github.com/marnix)
 * add HiOrg-Server (https://www.hiorg-server.de/) API (thanks to https://github.com/MartinBoehmer)

[5.5.0]
 * fix error parsing for Fitbit (thanks to https://github.com/danmana)
 * optimize debug log performance impact on prod in OAuth1 and fix
   NoClassDefFoundError on Android device with SDK 18 and lower (thanks to https://github.com/arcao)
 * add new API - MediaWiki (https://www.mediawiki.org/) (thanks to https://github.com/lucaswerkmeister)

[5.4.0]
 * fix missing support for scope for refresh_token grant_type (thanks to https://github.com/tlxtellef)
 * add email field to VKOAuth2AccessToken (thanks to https://github.com/grouzen)
 * add new API - Automatic (https://www.automatic.com/) (thanks to https://github.com/ramsrib)
 * add new API - Fitbit (https://www.fitbit.com/)
    (thanks to https://github.com/JustinLawler and https://github.com/alexthered)
 * deprecate OAuthConfig
 * OAuth1.0: send "oob" instead of null callback while requesting RequestToken (thanks to https://github.com/Rafaelsk)

[5.3.0]
 * fix Salesforce API (thanks to https://github.com/jhorowitz-firedrum)
 * remove 'final' from methods in OAuth[10a|20]Service to allow mocking it
 * fix Pinterest API (thanks to https://github.com/sschwieb)
 * add Yahoo2 API (thanks to https://github.com/javatestcase)
 * fix Tumblr urls, convert to https (thanks to https://github.com/highthunder)
 * fix: allow spaces in scope param in OAuth2Accesstoken response
 * add required param version to VK ВКонтакте (http://vk.com/) urls

[5.2.0-java7again]
 * allow 'null' as callback. It's an optional parameter. Remove "oob" as default
    (thanks to https://github.com/massongit)
 * java7 compatible again!

[5.1.0]
 * drop optional dependency on Apache commons-codec
 * add API - Dataporten (https://docs.dataporten.no/) (thanks to https://github.com/xibriz)
 * add API - Microsoft Azure Active Directory (Azure AD) (thanks to https://github.com/kaushalmall)
 * fix LinkedInApi20 (thanks to https://github.com/jhorowitz-firedrum)

[5.0.0]
 * drop Java 7 backward compatibility support, become Java 8 only (was reverted in v5.2.0-java7again)
 * add JSON token extractor for OAuth 1.0a (thanks to https://github.com/evstropovv)
 * add new API - uCoz (https://www.ucoz.com/) (thanks to https://github.com/evstropovv)
 * add PKCE (RFC 7636) support (Proof Key for Code Exchange by OAuth Public Clients)
    (thanks for suggesting to https://github.com/dieseldjango)
 * switch to use HTTP Basic Authorization by default in requests with need of
   (2.3.  Client Authentication) https://tools.ietf.org/html/rfc6749#section-2.3 Can be overrided in API class
 * add support for client_credentials grant type (thanks to https://github.com/vivin)
 * add support for RFC 7009 OAuth 2.0 Token Revocation (thanks to https://github.com/vivin)
 * add OAuth2Service signRequest method accepting just String, not OAuth2 Access Token Object.
   Remove signRequest from abstract OAuthService. 2.0 and 1.0a will be a bit more different now.
 * drop toString method from *Tokens to prevent leak of sensible data (token ans secrets)
    (thanks to https://github.com/rcaa)
 * add Apache HttpComponents HttpClient support in separate module (thanks to https://github.com/sschwieb)
 * add support for appsecret_proof in Facebook
 * update Facebook v2.8 -> v2.11
    (version can be configured while constructing OAuthService - use FacebookApi.customVersion("2.11"))

[4.2.0]
 * DELETE in JdkClient permits, but not requires payload (thanks to https://github.com/miguelD73)
 * add new API - Frappe (https://github.com/frappe/frappe) (thanks to https://github.com/revant)
 * add new API - Etsy (https://www.etsy.com/) (thanks to https://github.com/efekocabas)

[4.1.2]
 * LinkedIn use Header to sign OAuth2 requests
 * upgrade ServiceBuilder to check apiKey preconditions compile-time (not run-time)
 * update Live API (thanks to https://github.com/typhoon17)

[4.1.1]
 * omit the client_secret parameter if it is an empty string while refreshing token
    (thanks to https://github.com/KungfuPancake)
 * allow perms to be specified in Flickr Api (read, write, or delete) (thanks to https://github.com/rogerhu)
 * OdnoklassnikiService should consider params in a body while signing the request
    (thanks to https://github.com/MrNeuronix)
 * do not open OutputStream for output while sending empty body in HTTP requests in the default JDK Http client

[4.1.0]
 * make client_secret optional in OAuth2 while requesting AccessToken
    (if set to null, it's not required by OAuth2 specs)
 * move OAuth1 SignatureType from ServiceBuilder to API
 * add body for PATCH HTTP method
 * make addOAuthParams appendSignature methods protected in OAuth10aService (to override them in case of need)
    (thanks to https://github.com/vivin)

[4.0.0]
 * Remove OAuthRequestAsync, just OAuthRequest. Request should know about sync vs async.
    Move default Http engine to JDKHttpClient.
 * introduce SignatureType for OAuth2.0 to implement Bearer signing for the requests
 * switch Google, GitHub, Facebook OAuth2.0 oauth requests signing to more secured recommended variant
    (GET-param -> header Bearer)
 * introduce custom nonstandard Facebook AccessTokenErrorResponse

[3.4.1]
 * Drop deprecated methods
 * Move doktornarabote.ru urls to https (thanks to https://github.com/ezibrov)

[3.4.0]
 * uncouple OAuthRequest and Service. OAuthRequest shouldn't know anything about OAuthservice.
   You don't need OAuthService to create OAuthRequest anymore. Async request should be sent via OAuthService method.
 * add support for byte[] and File (async only) payload in OAuth Requests (thanks to https://github.com/keijohyttinen)
 * add support for  HTTP verbs (thanks to https://github.com/keijohyttinen)
 * add OkHttp http client support (thanks to https://github.com/arcao)
 * add default HTTP client configs
    (to use like 'new ServiceBuilder().httpClientConfig(OkHttpHttpClientConfig.defaultConfig())')
 * you can use your own impl of AsyncHttpClient

[3.3.0]
 * update Facebook v2.6 -> v2.8
 * add The Things Network API (v1-staging and v2-preview) (thanks to https://github.com/jpmeijers)
 * add Box (thanks to https://github.com/MclaughlinSteve)
 * fix: OAuth20Service::refreshAccessToken should use RefreshTokenEndpoint, not AccessTokenEndpoint
    (thanks to https://github.com/vivin)
 * move signRequest method to OAuthService (common for OAuth1 and OAuth2) (thanks to https://github.com/apomelov)
 * drop deprecated setConnectionKeepAlive method

[3.2.0]
 * Add Naver API (thanks to chooco)
 * handle OAuth2 error response for Issuing an Access Token (thanks to juherr)

[3.1.0]
 * fix OdnoklassnikiServiceImpl signature, params for hash must be sorted in lexicographic order,
    see http://new.apiok.ru/dev/methods/
 * add posibility to use externally created http client
 * make ScribeJava compilable under jdk7 (checkstyle downgraded for jdk 1.7)
 * add travis CI (check [oracle|open]jdk7 oraclejdk8)

[3.0.0]
 * create abstract HTTP Client layer to support different HTTP clients as plugins
    (AHC and Ning support becames maven submodules)
 * remove changing global JVM property http.keepAlive, deprecate controlling this property inside of ScribeJava
    (thanks to wldaunfr and rockihack)

[2.8.1]
 * add Salesforce sandbox API support

[2.8.0]
 * add Salesforce API
 * update Linked In API

[2.7.3]
 * FIX: ScribeJava shouldn't require all async http client provider to be on the classpath if using only one of them

[2.7.2]
 * FIX: ScribeJava shouldn't require any async http client provider to be on the classpath (neither ning neither AHC)

[2.7.1]
 * do not hide checked IOException in unchecked IllegalArgumentException

[2.7.0]
 * make http async client implementation be more pluggable
 * add async-http-client 2.0 support (thanks to Sai Chandrasekharan https://github.com/saichand)
 * add Misfit (http://misfit.com/) API
 * implement async version getting Request Token for OAuth 1.0a

[2.6.0]
 * simplify async/sync usages
 * add optional "User-Agent" config option to use while making http calls
 * refactor usage of grant_type [authorization_code|refresh_token|password|etc]
 * add Genius.com API authentication (OAuth2)
 * fix GitHub API
 * standardize authorization url generation for OAuth2
 * update Facebook to v2.6
 * cleanup: drop old APIs without Examples and with outdated domains

[2.5.3]
 * fix - do not send two Content-Type header in async requests
 * improve OK example

[2.5.2]
 * add Google Async Exmaple (with bugfix for it to work)
 * add OSGI manifest metadata
 * apiSecret is not mandatory parameter in config
    (to use on client sides and other flows without need of the API secret)
 * implement OAuth2 Authorization Response parsing in the OAuth20Service
    (to extract code and state from url, useful for Android)
 * update ok.ru API urls, add 'state' support, add refresh token to the example

[2.4.0]
 * APIs 2.0 can define different endpoints for access token and for refresh token (the same urls by default)
 * mark Facebook doesn't support refresh token by throwing UnsupportedOperationException
 * make JSON Access Token Extractor be the default for OAuth 2.0 (according to RFC 6749)
 * drop Google OAuth 1.0 support (OAuth 1.0 was officially deprecated by Google)
 * add response_type parameter to the ServiceBuilder/OAuthConfig to use not only "code" for authorization code
 * remove Verifier object, we just need Strings, 'code' for OAuth2 and 'oauthVerifier' for OAuth1
 * default HTTP verb for OAuth 2.0 Access Token EndPoint is POST (http://tools.ietf.org/html/rfc6749#section-3.2)
 * send missed headers in async version (as in sync)
 * support 'password' grant_type for OAuth 2.0

[2.3.0]
 * Stack Exchange authentication via OAuth 2.0 (stackoverflow.com, askubuntu.com, etc.).
 * Support response in gzip.
 * differentiate OAuth1 Access token, OAuth 1 Request Token and OAuth 2 Access token, make them conforms RFCs
 * OAuth 1 APIs can choose whether to pass empty oauth_token param in requests
 * Support refresh tokens for OAuth2 (very thanks to P. Daniel Tyreus https://github.com/pdtyreus)

[2.2.2]
 * make all APIs to be extentable (have protected constructors, useful for testing)

[2.2.1]
 * Update Facebook API v2.2 -> v2.5
 * Update hh.ru urls

[2.2.0]
 * Let GoogleApi20 supports OOB
 * Updated Imgur API to OAuth2
 * force not to instantiate stateless APIs. Use provided singletons
 * reduce OAuthService abstraction for OAuth1 and OAuth2. Separate OAuth(1|2)Services

[2.1.0]
 * add Pinterest API

[2.0.1]
 * small code enhancements

[2.0]
 * merge back SubScribe fork to the ScribeJava

for previous changes see
v1-changelog - changelog for 1.x version
v2pre-changelog - changelog for SubScribe fork
