Append git commit info to version string.

Provide all input to security (macOS) as CLI arguments.
(solving issue #93 for macOS Tahoe)

Separate config options for gpgme, gi-secret.

Proof Key for Code Exchange (PKCE) is used during authorization.

To avoid CSRF attacks maintain a random sate during auth sessions.

Replaced make with just.

Added the missing InvalidClient AuthError.

Corrected the KEYRING backend for macOS - #87 by @NickHu

'oama' got a logo!

In Hawaii the word oama refers to juvenile goatfish.

Added client_id_cmd and client_secret_cmd alternative config parameters
to obtain id/secret from a password manager.

For more details see the Readme.

Fixed the bug related to creating the very first GPG backend.

Added the missing InvalidGrant AuthError

oama can now use the device code flow (RFC 8628) authorization method.
Thanks to @NickHu for the initial implementation.

Using this method should hopefully address some issues with Microsoft accounts.
For more details see the Readme and the new config template.

There are dual methods to manage secrets both for keyrings (KEYRING)
and 'gpg' encryted files (GPG). One method (secret-libs) is using library API-s via FFI,
the other method (secret-tools) spawns external utilities.

Which method is used can be determined by cabal options when building the program.

oama can now be compiled on macOS and uses the security utility to manage keyrings.
Thanks to @ktf for showing how to do this. Note, this feature is still experimental.
Feedback is welcome.

Now there are two ways to manage keyrings:

• Using the external secret-tool utility (old method).
• Build oama to directly use the libsecret API.
  For details, see building instructions.

The DBUS_SESSION_BUS_ADDRESS envvar is set only if it is not already set in
the environment.

There is a new simpler way to run oama on a remote host.
See running oama remotely.

When the GPG backend is used the encrypted credentials now are stored
in the $XDG_STATE_HOME/oama directory. If the XDG_STATE_HOME environment
variable is not set then it defaults to $HOME/.local/state.

That is a breaking change! If you use the GPG backend you need to manually
move your credential ~/.local/var/oama/*.oama files into the new directory.

Fixed a Microsoft contextID cookie mismatch.
Thanks to @VojtechStep

New better way to deal with the tenant field for Microsoft accounts.
For details see the README and issue #52 - thanks to the participants of this thread.

Generic KEYRING for any password manager with
a FreeDesktop.org Secret Service compatible API.

Examples of keyrings oama can work with: Gnome Keyring,
KeepassXC, KDE Wallet.

Fixed outlook URL in microsoft's auth_scope

Force google always return a refresh_key. That solves the occasional
problem of the user needing to repeatedly authorize when a private
client_{id,secret} pair is used.

Extend docs with a section on how to obtain a client_{id,secret} pair.