@appzmonster/msal-token-interceptor
Advanced tools
Comparing version 1.0.0 to 1.0.1
| # Change Log - @appzmonster/msal-token-interceptor | ||
| ### 1.0.1 (Thursday, 1 July 2021, 04:19:00 GMT) | ||
| ### 1.0.0 (Tuesday, 30 June 2021 12:34:00 GMT) | ||
| - Corrected typo in README.md and CHANGELOG.md. | ||
| ### 1.0.0 (Wednesday, 30 June 2021 12:34:00 GMT) | ||
| - Initial version |
| { | ||
| "name": "@appzmonster/msal-token-interceptor", | ||
| "version": "1.0.0", | ||
| "version": "1.0.1", | ||
| "description": "Msal-Token-Interceptor is a request interceptor which uses Microsoft MSAL to handle OAuth 2.0 token exchange with Microsoft Identity Platform during a fetch request. This is part of fetch-interceptor family.", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -275,3 +275,3 @@ # Msal-Token-Interceptor | ||
| ### Plans to Support Other OAuth 2.0 client Besides MSAL | ||
| There are many OAuth 2.0 and OpenId Connect compliant clients out there and most are developed to work specifically for specific auth server (Identity Provider). For example, Google has its own client for Google Identity Platform. A more agnostic client and OpenId Connect compliant client is [oidc-client](https://github.com/IdentityModel/oidc-client-js). This is the best generic i've come across so far to my knowledge. I've tried using [oidc-client](https://github.com/IdentityModel/oidc-client-js) to authenticate with Microsoft Identity Platform directly with going through Identity Server and it works but only limited to 1 single Azure tenant and not the "common" or "organization" multiplexer. The argument is OpenId Connect spec mentions the authority and token issuer must be the same. For Microsoft Identity Platform, it is more advance such that it supports sort of multiplexer "common" or "organizations" authority which is different from the token issuer (token issuer is the actual tenant itself), thus failing the token validation in oidc-client. If we want to extend this library to support "one-stop" solution, the best approach is to create an interface and use adapter design pattern to adapt all different clients against the interface specification. Probably the community can contribute on that. | ||
| There are many OAuth 2.0 and OpenId Connect compliant clients out there and most are developed to work specifically for specific auth server (Identity Provider). For example, Google has its own client for Google Identity Platform. A more agnostic client and OpenId Connect compliant client is [oidc-client](https://github.com/IdentityModel/oidc-client-js). This is the best generic i've come across so far to my knowledge. I've tried using [oidc-client](https://github.com/IdentityModel/oidc-client-js) to authenticate with Microsoft Identity Platform directly without going through [Identity Server](https://identityserver4.readthedocs.io/en/latest/) and it works but only limited to 1 single Azure tenant and not the "common" or "organization" multiplexer. The argument is OpenId Connect spec mentions the authority and token issuer must be the same. For Microsoft Identity Platform, it is more advance such that it supports sort of multiplexer "common" or "organizations" authority which is different from the token issuer (token issuer is the actual tenant itself), thus failing the token validation in oidc-client. If we want to extend this library to support "one-stop" solution, the best approach is to create an interface and use adapter design pattern to adapt all different clients against the interface specification. Probably the community can contribute on that. | ||
@@ -278,0 +278,0 @@ |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by0.5%
31147
No dependency changes