google-auth-library
Advanced tools
Comparing version 0.9.6 to 0.9.7
@@ -0,1 +1,11 @@ | ||
## 0.9.7 (11/06/2015) | ||
### Changes | ||
* Accept either "accounts.google.com" or "https://accounts.google.com" as the issuer of the ID token issued by Google. ([@mcduan][]) | ||
* Update to prevent status code 200 messages from being flagged as errors. ([@ryan-devrel][]) | ||
* Update async & request ([@josephpage][]) | ||
* Update oauthclient2.js ([@riblee][]) | ||
* Update README.md ([@ofrobots][]) | ||
## 0.9.6 (05/21/2015) | ||
@@ -27,3 +37,8 @@ | ||
[@jasonall]: https://github.com/jasonall | ||
[@josephpage]: https://github.com/josephpage | ||
[@mcduan]: https://github.com/mcduan | ||
[@ofrobots]: https://github.com/ofrobots | ||
[@riblee]: https://github.com/riblee | ||
[@ryan-devrel]: https://github.com/ryan-devrel | ||
[@stephenplusplus]: https://github.com/stephenplusplus | ||
[@tbetbetbe]: https://github.com/tbetbetbe |
@@ -35,3 +35,3 @@ /** | ||
* @param {string} redirectUri The URI to redirect to after completing the auth request. | ||
* @param {Object} opt_options optional options for overriding the given parameters. | ||
* @param {Object} opt_opts optional options for overriding the given parameters. | ||
* @constructor | ||
@@ -101,7 +101,7 @@ */ | ||
/** | ||
* The oauth token issuer. | ||
* The allowed oauth token issuers. | ||
* @const | ||
* @private | ||
*/ | ||
OAuth2Client.ISSUER_ = 'accounts.google.com'; | ||
OAuth2Client.ISSUERS_ = ['accounts.google.com', 'https://accounts.google.com']; | ||
@@ -405,3 +405,3 @@ /** | ||
login = this.verifySignedJwtWithCerts(idToken, certs, audience, | ||
OAuth2Client.ISSUER_); | ||
OAuth2Client.ISSUERS_); | ||
} catch (err) { | ||
@@ -463,3 +463,3 @@ callback(err); | ||
* @param {string} requiredAudience The audience to test the jwt against. | ||
* @param {string} issuer The issuer of the jwt (Optional). | ||
* @param {array} issuers The allowed issuers of the jwt (Optional). | ||
* @param {string} maxExpiry The max expiry the certificate can be (Optional). | ||
@@ -469,3 +469,3 @@ * @return {LoginTicket} Returns a LoginTicket on verification. | ||
OAuth2Client.prototype.verifySignedJwtWithCerts = | ||
function(jwt, certs, requiredAudience, issuer, maxExpiry) { | ||
function(jwt, certs, requiredAudience, issuers, maxExpiry) { | ||
@@ -538,4 +538,5 @@ if (!maxExpiry) { | ||
if (issuer && issuer !== payload.iss) { | ||
throw new Error('Invalid issuer, ' + issuer + ' != ' + payload.iss); | ||
if (issuers && issuers.indexOf(payload.iss) < 0) { | ||
throw new Error('Invalid issuer, expected one of [' + issuers + | ||
'], but got ' + payload.iss); | ||
} | ||
@@ -542,0 +543,0 @@ |
@@ -76,3 +76,3 @@ /** | ||
if (body && body.error) { | ||
if (body && body.error && res.statusCode !== 200) { | ||
if (typeof body.error === 'string') { | ||
@@ -79,0 +79,0 @@ err = new Error(body.error); |
{ | ||
"name": "google-auth-library", | ||
"version": "0.9.6", | ||
"version": "0.9.7", | ||
"author": "Google Inc.", | ||
@@ -32,7 +32,7 @@ "description": "Google APIs Authentication Client Library for Node.js", | ||
"dependencies": { | ||
"async": "~0.9.0", | ||
"async": "~1.4.2", | ||
"gtoken": "^1.1.0", | ||
"lodash.noop": "~3.0.0", | ||
"jws": "~3.0.0", | ||
"request": "~2.51.0", | ||
"request": "~2.60.0", | ||
"string-template": "~0.2.0" | ||
@@ -39,0 +39,0 @@ }, |
@@ -35,6 +35,6 @@ # Google APIs Node.js Client | ||
``` js | ||
var google = require('googleapis'); | ||
var GoogleAuth = require('google-auth-library'); | ||
// Get the environment configured authorization | ||
google.auth.getApplicationDefault(function(err, authClient) { | ||
(new GoogleAuth).getApplicationDefault(function(err, authClient) { | ||
if (err === null) { | ||
@@ -47,3 +47,3 @@ // Inject scopes if they have not been injected by the environment | ||
]; | ||
authClient = authClient.createScoped(scopes) | ||
authClient = authClient.createScoped(scopes); | ||
} | ||
@@ -50,0 +50,0 @@ |
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
80556
1810
+ Addedansi-regex@2.1.1(transitive)
+ Addedansi-styles@2.2.1(transitive)
+ Addedasync@1.4.22.6.4(transitive)
+ Addedbl@1.0.3(transitive)
+ Addedbluebird@2.11.0(transitive)
+ Addedboom@2.10.1(transitive)
+ Addedcaseless@0.11.0(transitive)
+ Addedchalk@1.1.3(transitive)
+ Addedcommander@2.20.3(transitive)
+ Addedcryptiles@2.0.5(transitive)
+ Addedescape-string-regexp@1.0.5(transitive)
+ Addedform-data@1.0.1(transitive)
+ Addedgenerate-function@2.3.1(transitive)
+ Addedgenerate-object-property@1.2.0(transitive)
+ Addedhar-validator@1.8.0(transitive)
+ Addedhas-ansi@2.0.0(transitive)
+ Addedhawk@3.1.3(transitive)
+ Addedhoek@2.16.3(transitive)
+ Addedhttp-signature@0.11.0(transitive)
+ Addedis-my-ip-valid@1.0.1(transitive)
+ Addedis-my-json-valid@2.20.6(transitive)
+ Addedis-property@1.0.2(transitive)
+ Addedisarray@1.0.0(transitive)
+ Addedjsonpointer@5.0.1(transitive)
+ Addedlodash@4.17.21(transitive)
+ Addedoauth-sign@0.8.2(transitive)
+ Addedprocess-nextick-args@1.0.7(transitive)
+ Addedqs@4.0.0(transitive)
+ Addedreadable-stream@2.0.6(transitive)
+ Addedrequest@2.60.0(transitive)
+ Addedsntp@1.0.9(transitive)
+ Addedstrip-ansi@3.0.1(transitive)
+ Addedsupports-color@2.0.0(transitive)
+ Addedutil-deprecate@1.0.2(transitive)
+ Addedxtend@4.0.2(transitive)
- Removedasync@0.9.2(transitive)
- Removedbl@0.9.5(transitive)
- Removedboom@0.4.2(transitive)
- Removedcaseless@0.8.0(transitive)
- Removedcombined-stream@0.0.7(transitive)
- Removedcryptiles@0.2.2(transitive)
- Removeddelayed-stream@0.0.5(transitive)
- Removedforever-agent@0.5.2(transitive)
- Removedform-data@0.2.0(transitive)
- Removedhawk@1.1.1(transitive)
- Removedhoek@0.9.1(transitive)
- Removedhttp-signature@0.10.1(transitive)
- Removedmime-db@1.12.0(transitive)
- Removedmime-types@1.0.22.0.14(transitive)
- Removedoauth-sign@0.5.0(transitive)
- Removedqs@2.3.3(transitive)
- Removedreadable-stream@1.0.34(transitive)
- Removedrequest@2.51.0(transitive)
- Removedsntp@0.2.4(transitive)
Updatedasync@~1.4.2
Updatedrequest@~2.60.0