New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@okta/oidc-middleware
Advanced tools
@okta/oidc-middleware - npm Package Compare versions
Comparing version 4.3.0 to 4.4.0
@@ -0,1 +1,15 @@ | ||
| # 4.4.0 | ||
| ### Bug Fixes | ||
| - [#34](https://github.com/okta/okta-oidc-middleware/pull/34) Fixes Org AS login issue | ||
| - [#3](https://github.com/okta/okta-oidc-middleware/pull/3) Call `res.redirect()` after custom `routes.loginCallback.handler` | ||
| - [#37](https://github.com/okta/okta-oidc-middleware/pull/37) fix: `.logout` no longer throws error without valid credentials | ||
| # 4.3.0 | ||
| ### Other | ||
| - Release after migrating from monorepo | ||
| - | ||
| # 4.2.0 | ||
@@ -2,0 +16,0 @@ |
| { | ||
| "name": "@okta/oidc-middleware", | ||
| "version": "4.3.0", | ||
| "version": "4.4.0", | ||
| "description": "OpenId Connect middleware for authorization code flows", | ||
@@ -27,3 +27,3 @@ "repository": "https://github.com/okta/okta-oidc-middleware", | ||
| "express": "^4.16.3", | ||
| "lodash": "^4.17.5", | ||
| "lodash": "^4.17.21", | ||
| "negotiator": "^0.6.1", | ||
@@ -38,5 +38,5 @@ "node-fetch": "^2.3.0", | ||
| "babel-eslint": "^10.1.0", | ||
| "dotenv": "^8.1.0", | ||
| "cookie-parser": "^1.4.5", | ||
| "cross-env": "^7.0.0", | ||
| "dotenv": "^8.1.0", | ||
| "ejs": "^3.0.1", | ||
@@ -66,6 +66,6 @@ "eslint": "^6.6.0", | ||
| "okta": { | ||
| "commitSha": "f2d02160b0a564df768df4c637c95c7c1ecfffea", | ||
| "fullVersion": "4.3.0-gf2d0216", | ||
| "testedSha": "4880515bad157e17b0a730a8849f728f39e2b7ae" | ||
| "commitSha": "2763555969119b57ddb4b37a31501576be8a8ede", | ||
| "fullVersion": "4.4.0-g2763555", | ||
| "testedSha": "1879e6947169aa12fccf9e5b4048bc7f43d2926f" | ||
| } | ||
| } |
@@ -17,3 +17,3 @@ [<img src="https://devforum.okta.com/uploads/oktadev/original/1X/bf54a16b5fda189e4ad2706fb57cbb7a1e5b8deb.png" align="right" width="256px"/>](https://devforum.okta.com/) | ||
| This package makes it easy to get your users logged in with Okta using OpenId Connect (OIDC). It enables your Express application to participate in the [authorization code flow][auth-code-docs] flow by redirecting the user to Okta for authentication and handling the callback from Okta. Once this flow is complete, a local session is created and the user context is saved for the duration of the session. | ||
| This package makes it easy to get your users logged in with Okta using OpenId Connect (OIDC). It enables your Express application to participate in the [authorization code flow][auth-code-docs] by redirecting the user to Okta for authentication and handling the callback from Okta. Once this flow is complete, a local session is created and the user context is saved for the duration of the session. | ||
@@ -20,0 +20,0 @@ ## Release status |
@@ -16,3 +16,2 @@ /*! | ||
| const { Router } = require('express'); | ||
| const querystring = require('querystring'); | ||
| const uuid = require('uuid'); | ||
@@ -36,4 +35,4 @@ const bodyParser = require('body-parser'); | ||
| oidcRouter.use(loginCallbackPath, connectUtil.createLoginCallbackHandler(context)); | ||
| oidcRouter.use(loginPath, bodyParser.urlencoded({ extended: false}), connectUtil.createLoginHandler(context)); | ||
| oidcRouter.use(loginCallbackPath, connectUtil.createLoginCallbackHandler(context)); | ||
| oidcRouter.post(logoutPath, connectUtil.createLogoutHandler(context)); | ||
@@ -78,4 +77,4 @@ | ||
| }; | ||
| const url = `${context.options.issuer}/v1/authorize?${querystring.stringify(params)}`; | ||
| return res.redirect(url); | ||
| const authorizationUrl = context.client.authorizationUrl(params); | ||
| return res.redirect(authorizationUrl); | ||
| }); | ||
@@ -106,2 +105,9 @@ } | ||
| return (req, res, next) => { | ||
| const afterCustomNextHandler = (err) => { | ||
| if (err) { | ||
| next(err); | ||
| } else if (!res.headersSent) { | ||
| res.redirect(routes.loginCallback.afterCallback || req.session.returnTo || '/'); | ||
| } | ||
| }; | ||
| const nextHandler = err => { | ||
@@ -111,6 +117,6 @@ if (err && customHandlerArity < 4) return next(err); | ||
| case 4: | ||
| customHandler(err, req, res, next); | ||
| customHandler(err, req, res, afterCustomNextHandler); | ||
| break; | ||
| case 3: | ||
| customHandler(req, res, next); | ||
| customHandler(req, res, afterCustomNextHandler); | ||
| break; | ||
@@ -117,0 +123,0 @@ default: |
@@ -58,2 +58,6 @@ /*! | ||
| return async (req, res /*, next */) => { | ||
| if (!req.userContext) { | ||
| return res.sendStatus(401); | ||
| } | ||
| const tokens = req.userContext.tokens; | ||
@@ -75,7 +79,5 @@ const revokeIfExists = token_hint => tokens[token_hint] ? revokeToken({token_hint, token: tokens[token_hint]}) : null; | ||
| // redirect to Okta to clear SSO session | ||
| const endOktaSessionEndpoint = `${issuer}/v1/logout?${querystring.stringify(params)}`; | ||
| const endOktaSessionEndpoint = context.client.endSessionUrl(params); | ||
| return res.redirect(endOktaSessionEndpoint); | ||
| }; | ||
| }; | ||
No alert changes
Improved metrics
- Total package byte prevSize
- increased by1.13%
60737
- Lines of code
- increased by1.85%
496
Dependency changes
Updatedlodash@^4.17.21