@okta/oidc-middleware - npm Package Versions

3.0.0

Breaking Changes

See "Updating" in the README for migration steps

• Logout callback route has been removed (/logout/callback). Local session is now cleared before redirect to Okta and the default logout redirect Uri is the app base URL. #644

2.1.0

Features

• Support for Org Authorization Servers. #590 - See composing your base url for more information on Authorization Servers.

Bug Fixes

• Errors during logout would cause the user to receive an empty page and remain logged in. #585 -

  Due to this bug, errors during logout were being incorrectly suppressed and would not have been seen by the server process. Instead, the user would see a blank page. With this fix, the user will be logged out correctly, but the error event will also now be emitted to the server process.

  Your server code should be prepared to either log or ignore this error.

2.0.0

Features

• a4b54f7 - adds Okta logout capability

• a999b95 - adds appBaseUrl, removes redirect_uri

• Adds Okta logout capability (informing Okta that the session is ended rather than just locally forgetting the current session) (#162)

Breaking Changes

See "Updating" in the README for migration steps

• redirect_uri config option is dropped. The value is either automatically derived from the appBaseUrl and the appropriate routes option, or explicitly set as loginRedirectUri
• Two new routes are automatically generated and will override manually created routes of the same path. Unless routes is customized, they are /logout (POST only) and /logout/callback
• routes.callback is renamed to routes.loginCallback
• routes.callback.defaultRedirect is renamed to routes.loginCallback.afterCallback

1.0.2

Other

• 2945461 - Updates @okta/configuration-validation version.

1.0.1

Features

• ed29bf5 - Adds configuration validation for issuer, client_id, client_secret, and redirect_uri when passed into the middleware.

Other

• c37b9cf - Updates the TCK version to support new integration tests.
• 3582f25 - Rely on shared environment configuration from project root.
• c8b7ab5a - Migrate dependencies to project root utilizing yarn workspaces.
• 8494be0 - Migrate mocha tests to jest.

1.0.0

Features

• Attach the requested tokens to the user context object (#226)

  app.get('/', (req, res) => {
    if (req.userContext) {
      const tokenSet = req.userContext.tokens;
      const userinfo = req.userContext.userinfo;
  
      console.log(`Access Token: ${tokenSet.access_token}`);
      console.log(`Id Token: ${tokenSet.id_token}`);
      console.log(`Claims: ${tokenSet.claims}`);
      console.log(`Userinfo Response: ${userinfo}`);
  
      res.send(`Hi ${userinfo.sub}!`);
    } else {
      res.send('Hi!');
    }
  });
  

• Basic configuration validation for catching common input mistakes.

Breaking Changes

• req.userinfo is now nested within req.userContext (#226). Please update any use of req.userinfo to req.userContext.userinfo.

0.1.3

Bug Fixes

• Removed next() in ensureAuthenticated (#224) (592ec42)

Other

• Updating openid-client dependency (#222) (8047386)