@sap/xssec - npm Package Compare versions

Comparing version 4.2.3 to 4.2.4

CHANGELOG.md

 # Change Log
 All notable changes to this project will be documented in this file.
 
+## 4.2.4 - 2024-09-05
+- fix missing x-zid header in XSUAA token fetches via v3 compatibility requests with zoneId parameter
+- add clientsecret as optional property to type XsuaaServiceCredentials
+
 ## 4.2.3 - 2024-09-03
 - bugfix passport v3 wrapper so it does not call the error callback twice in specific scenario
+- add certurl as optional property to type XsuaaServiceCredentials
 
@@ -7,0 +12,0 @@ ## 4.2.2 - 2024-08-29

package.json

 {
   "name": "@sap/xssec",
-  "version": "4.2.3",
+  "version": "4.2.4",
   "description": "XS Advanced Container Security API for node.js",
@@ -5,0 +5,0 @@ "main": "./src",

README.md

@@ -662,3 +662,3 @@ @sap/xssec: SAP BTP Security Services Node.js Integration Library
 ### Debug Logs
-To enable debug logging, set the environment variable DEBUG as follows when starting your application: `DEBUG=xssec:*`.
+To enable debug logging, set the environment variable DEBUG as follows when starting your application: `DEBUG=xssec`. Note that `DEBUG=xssec:*` works only for xssec 3.
 
@@ -679,2 +679,2 @@
 
-Unfortunately, we can *NOT* offer consulting via support channels.
+Unfortunately, we can *NOT* offer consulting via support channels.

src/util/Types.js

@@ -10,2 +10,3 @@ /** @typedef {import('crypto').X509Certificate} X509Certificate */
  * @property {string} [key] PEM-encoded client key
+ * @property {string} [clientsecret] to be used as alternative authentication method to mTLS-based authentication. Must be defined when `certificate` is NOT defined.
  */
@@ -12,0 +13,0 @@

src/v3/requestsV3.js

@@ -70,3 +70,4 @@ const IdentityService = require("../service/IdentityService");
         timeout: config.timeout,
-        app_tid: zoneId
+        app_tid: zoneId,
+        zid: zoneId
     };
@@ -73,0 +74,0 @@

types/util/Types.d.ts

@@ -13,2 +13,6 @@ export type X509Certificate = import("crypto").X509Certificate;
     key?: string;
+    /**
+     * to be used as alternative authentication method to mTLS-based authentication. Must be defined when `certificate` is NOT defined.
+     */
+    clientsecret?: string;
 };
@@ -15,0 +19,0 @@ export type IdentityServiceCredentials = {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

259520

increased by0.27%

Lines of code

4234

increased by0.14%

Number of lines in readme file

679

increased by0.15%

No dependency changes