fred-jwt - npm Package Compare versions
Comparing version 1.0.7 to 1.0.8
| { | ||
| "name": "fred-jwt", | ||
| "version": "1.0.7", | ||
| "version": "1.0.8", | ||
| "description": "", | ||
@@ -34,4 +34,5 @@ "main": "dist/main.js", | ||
| "node-fetch": "^2.6.1", | ||
| "parseurl": "^1.3.3", | ||
| "querystring": "^0.2.1" | ||
| } | ||
| } |
| import "@babel/polyfill"; | ||
| import { obtainIdToken, createJwtToken } from './tokenService'; | ||
| import { getFredPlan } from './subscriptionService'; | ||
@@ -26,3 +27,3 @@ // test login at https://kyng.us.auth0.com/authorize?client_id=tSQdwW7pLeBimagcXuQZLYtuUUH5mES1&response_type=code&redirect_uri=https://account.sensetecnic.com/auth?connection=oauth2&scope=openid%20profile | ||
| const APP_DOMAIN = domainName.substring(domainPrefix.length + 1); | ||
| const APP_DOMAIN = domainPrefix ? domainName.substring(domainPrefix.length + 1): domainName; | ||
@@ -41,8 +42,2 @@ if (!apps[APP_DOMAIN] || !JWT_SECRET){ | ||
| const AUTH_LOGIN_URL = `${AUTH_ENDPOINT}/authorize?` + | ||
| `client_id=${AUTH_CLIENT_ID}&` + | ||
| `redirect_uri=${AUTH_CALLBACK_URL}&` + | ||
| "response_type=code&" + | ||
| "scope=openid"; | ||
| let AUTH_LOGOUT_URL = `${AUTH_ENDPOINT}/logout?` + | ||
@@ -60,13 +55,5 @@ `client_id=${AUTH_CLIENT_ID}&` + | ||
| const login = { | ||
| statusCode: 307, | ||
| statusDescription: 'Found', | ||
| headers: { | ||
| location: AUTH_LOGIN_URL, | ||
| } | ||
| }; | ||
| const logout = { | ||
| statusCode: 307, | ||
| cookies: [`${FRED_JWT_COOKIE_NAME}=deleted; expires=${new Date(0).toUTCString()}`], | ||
| cookies: [`${FRED_JWT_COOKIE_NAME}=deleted; domain=${FRED_JWT_COOKIE_DOMAIN}; expires=${new Date(0).toUTCString()}`], | ||
| headers: { | ||
@@ -86,5 +73,3 @@ location: AUTH_LOGOUT_URL, | ||
| console.log(decodedId.payload); | ||
| // TODO: vendor specific | ||
| // TODO: vendor specific (auth0, cognito, etc...) | ||
| const { nickname, name, iat, exp } = decodedId.payload; | ||
@@ -101,3 +86,4 @@ | ||
| name: nickname | ||
| } | ||
| }, | ||
| plan: getFredPlan(name) | ||
| }, exp, JWT_SECRET); | ||
@@ -113,3 +99,3 @@ | ||
| headers: { | ||
| location: `${AUTH_PROTOCOL}://fred.${APP_DOMAIN}`, | ||
| location: `${AUTH_PROTOCOL}://${domainPrefix ? domainPrefix + '.' : ''}${APP_DOMAIN}`, | ||
| } | ||
@@ -116,0 +102,0 @@ };; |
@@ -43,3 +43,3 @@ import axios from 'axios'; | ||
| export const createJwtToken = ({user, account}, exp, JWT_SECRET) => { | ||
| export const createJwtToken = ({user, account, plan}, exp, JWT_SECRET) => { | ||
| if (!user) return "missing user in session"; | ||
@@ -55,2 +55,3 @@ | ||
| lastname: lastname, | ||
| plan | ||
| }; | ||
@@ -57,0 +58,0 @@ |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Fixed alerts
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Improved metrics
- Total package byte prevSize
- increased by23.62%
404357
- Number of package files
- increased by20%
12
- Lines of code
- increased by23.92%
316
Worsened metrics
- Dependency count
- increased by20%
6
- Number of medium supply chain risk alerts
- increased by12.5%
9
Dependency changes
+ Addedparseurl@^1.3.3
+ Addedparseurl@1.3.3(transitive)