@auth0/auth0-api-js
Advanced tools
@auth0/auth0-api-js - npm Package Compare versions
+2
-2
@@ -1245,3 +1245,3 @@ "use strict"; | ||
| // src/token.ts | ||
| var TOKEN_RE = /^Bearer (.+)$/i; | ||
| var TOKEN_RE = /^(?:Bearer|DPoP) (.+)$/i; | ||
| function getToken(headers, query, body) { | ||
@@ -1252,3 +1252,3 @@ const fromHeader = getTokenFromHeader(headers); | ||
| if (!fromQuery && !fromHeader && !fromBody) { | ||
| throw new InvalidRequestError("No Bearer token found in request"); | ||
| throw new InvalidRequestError("No access token found in request"); | ||
| } | ||
@@ -1255,0 +1255,0 @@ if (+!!fromQuery + +!!fromBody + +!!fromHeader > 1) { |
+11
-7
@@ -779,5 +779,5 @@ import { JWTPayload } from 'jose'; | ||
| /** | ||
| * Extracts a Bearer token from HTTP request according to RFC 6750. | ||
| * Supports all three methods defined in the RFC: | ||
| * - Authorization header (Section 2.1) | ||
| * Extracts an access token from an HTTP request according to RFC 6750 and RFC 9449. | ||
| * Supports all three methods defined in RFC 6750: | ||
| * - Authorization header (Section 2.1) — accepts both Bearer and DPoP schemes | ||
| * - Form-encoded body parameter (Section 2.2) | ||
@@ -797,7 +797,10 @@ * - URI query parameter (Section 2.3) | ||
| * | ||
| * // DPoP Authorization header | ||
| * const token2 = getToken({ authorization: 'DPoP mF_9.B5f-4.1JqM' }); | ||
| * | ||
| * // Query parameter method | ||
| * const token2 = getToken({}, { access_token: 'mF_9.B5f-4.1JqM' }); | ||
| * const token3 = getToken({}, { access_token: 'mF_9.B5f-4.1JqM' }); | ||
| * | ||
| * // Form body method | ||
| * const token3 = getToken( | ||
| * const token4 = getToken( | ||
| * { 'content-type': 'application/x-www-form-urlencoded' }, | ||
@@ -808,7 +811,8 @@ * {}, | ||
| * | ||
| * // Express.js usage | ||
| * const token4 = getToken(req.headers, req.query, req.body); | ||
| * // Express.js / Fastify usage | ||
| * const token5 = getToken(req.headers, req.query, req.body); | ||
| * ``` | ||
| * | ||
| * @see https://datatracker.ietf.org/doc/html/rfc6750#section-2 - RFC 6750 Section 2 | ||
| * @see https://datatracker.ietf.org/doc/html/rfc9449 - RFC 9449 (DPoP) | ||
| */ | ||
@@ -815,0 +819,0 @@ declare function getToken(headers: HeadersLike, query?: QueryLike, body?: BodyLike): string; |
+11
-7
@@ -779,5 +779,5 @@ import { JWTPayload } from 'jose'; | ||
| /** | ||
| * Extracts a Bearer token from HTTP request according to RFC 6750. | ||
| * Supports all three methods defined in the RFC: | ||
| * - Authorization header (Section 2.1) | ||
| * Extracts an access token from an HTTP request according to RFC 6750 and RFC 9449. | ||
| * Supports all three methods defined in RFC 6750: | ||
| * - Authorization header (Section 2.1) — accepts both Bearer and DPoP schemes | ||
| * - Form-encoded body parameter (Section 2.2) | ||
@@ -797,7 +797,10 @@ * - URI query parameter (Section 2.3) | ||
| * | ||
| * // DPoP Authorization header | ||
| * const token2 = getToken({ authorization: 'DPoP mF_9.B5f-4.1JqM' }); | ||
| * | ||
| * // Query parameter method | ||
| * const token2 = getToken({}, { access_token: 'mF_9.B5f-4.1JqM' }); | ||
| * const token3 = getToken({}, { access_token: 'mF_9.B5f-4.1JqM' }); | ||
| * | ||
| * // Form body method | ||
| * const token3 = getToken( | ||
| * const token4 = getToken( | ||
| * { 'content-type': 'application/x-www-form-urlencoded' }, | ||
@@ -808,7 +811,8 @@ * {}, | ||
| * | ||
| * // Express.js usage | ||
| * const token4 = getToken(req.headers, req.query, req.body); | ||
| * // Express.js / Fastify usage | ||
| * const token5 = getToken(req.headers, req.query, req.body); | ||
| * ``` | ||
| * | ||
| * @see https://datatracker.ietf.org/doc/html/rfc6750#section-2 - RFC 6750 Section 2 | ||
| * @see https://datatracker.ietf.org/doc/html/rfc9449 - RFC 9449 (DPoP) | ||
| */ | ||
@@ -815,0 +819,0 @@ declare function getToken(headers: HeadersLike, query?: QueryLike, body?: BodyLike): string; |
+2
-2
@@ -1197,3 +1197,3 @@ // src/api-client.ts | ||
| // src/token.ts | ||
| var TOKEN_RE = /^Bearer (.+)$/i; | ||
| var TOKEN_RE = /^(?:Bearer|DPoP) (.+)$/i; | ||
| function getToken(headers, query, body) { | ||
@@ -1204,3 +1204,3 @@ const fromHeader = getTokenFromHeader(headers); | ||
| if (!fromQuery && !fromHeader && !fromBody) { | ||
| throw new InvalidRequestError("No Bearer token found in request"); | ||
| throw new InvalidRequestError("No access token found in request"); | ||
| } | ||
@@ -1207,0 +1207,0 @@ if (+!!fromQuery + +!!fromBody + +!!fromHeader > 1) { |
+1
-1
| { | ||
| "name": "@auth0/auth0-api-js", | ||
| "version": "1.6.0", | ||
| "version": "1.6.1", | ||
| "description": "Auth0 Authentication SDK for API's on JavaScript runtimes", | ||
@@ -5,0 +5,0 @@ "author": "Auth0", |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
Improved metrics
- Total package byte prevSize
340832
0.33%- Lines of code
3372
0.12%