New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
kontist - npm Package Compare versions
Comparing version 0.19.0 to 0.20.0
@@ -9,2 +9,23 @@ # Changelog | ||
| ## [0.20.0] - 2019-11-18 | ||
| ### Added | ||
| - Introduce methods for transfers cancellation (`cancelTransfer` and `confirmCancelTransfer`) | ||
| - Introduce basic CLI to fetch token with `npx kontist token` [#35](https://github.com/kontist/js-sdk/pull/35) | ||
| ### Changed | ||
| - Refactored `Auth` module with separate namespaces: | ||
| - `auth.push` for push notification MFA | ||
| - `auth.device` for device binding MFA | ||
| - `auth.tokenManager` for token management logic and state. *Note:* existing methods on the `auth` namespace (`getAuthUri`, `fetchToken`, `fetchTokenFromCredentials`, `refresh`, `setToken`, and `token`) are deprecated and will be removed in an upcoming major version. They were all moved to this new `auth.tokenManager` namespace. | ||
| ## [0.19.0] - 2019-11-12 | ||
| ### Added | ||
| - Expose Interfaces, Types and Errors [#30](https://github.com/kontist/js-sdk/pull/30) | ||
| - Intergrate basic Code Coverage [#27](https://github.com/kontist/js-sdk/pull/27) | ||
| - Add changelog [#29](https://github.com/kontist/js-sdk/pull/29) | ||
| ### Changed | ||
| - Extended validation of client options [#25](https://github.com/kontist/js-sdk/pull/25) | ||
| ## [0.18.0] - 2019-11-09 | ||
@@ -11,0 +32,0 @@ ### Added |
| { | ||
| "name": "kontist", | ||
| "version": "0.19.0", | ||
| "version": "0.20.0", | ||
| "description": "Kontist client SDK", | ||
| "main": "dist/index.js", | ||
| "types": "dist/index.d.ts", | ||
| "main": "dist/lib/index.js", | ||
| "types": "dist/lib/index.d.ts", | ||
| "repository": "https://github.com/kontist/js-sdk.git", | ||
@@ -12,3 +12,3 @@ "author": "Kontist GmbH", | ||
| "build": "tsc && npx webpack", | ||
| "test": "mocha -r ts-node/register --recursive 'tests/**/*.spec.ts'", | ||
| "test": "npm run build && mocha --recursive 'dist/tests/**/*.spec.js'", | ||
| "cover": "nyc npm run test", | ||
@@ -18,11 +18,13 @@ "schema:generate": "graphql-codegen --config codegen.yml" | ||
| "dependencies": { | ||
| "abab": "^2.0.2", | ||
| "abab": "^2.0.3", | ||
| "client-oauth2": "^4.2.5", | ||
| "graphql-request": "^1.8.2", | ||
| "js-sha256": "^0.9.0" | ||
| "js-sha256": "^0.9.0", | ||
| "dotenv": "^8.2.0" | ||
| }, | ||
| "devDependencies": { | ||
| "@graphql-codegen/cli": "^1.8.1", | ||
| "@graphql-codegen/typescript": "^1.8.1", | ||
| "@types/chai": "^4.2.3", | ||
| "@graphql-codegen/cli": "^1.8.3", | ||
| "@graphql-codegen/typescript": "^1.8.3", | ||
| "@types/chai": "^4.2.5", | ||
| "@types/jsdom": "^12.2.4", | ||
| "@types/mocha": "^5.2.7", | ||
@@ -32,11 +34,14 @@ "@types/sinon": "^7.5.0", | ||
| "graphql": "^14.5.8", | ||
| "mocha": "^6.2.1", | ||
| "jsdom": "^15.2.1", | ||
| "mocha": "^6.2.2", | ||
| "moment": "^2.24.0", | ||
| "nyc": "^14.1.1", | ||
| "sinon": "^7.5.0", | ||
| "ts-node": "^8.4.1", | ||
| "typescript": "^3.7.2", | ||
| "webpack": "^4.41.2", | ||
| "webpack-cli": "^3.3.9" | ||
| "webpack-cli": "^3.3.10" | ||
| }, | ||
| "bin": { | ||
| "kontist": "./cli/index.js" | ||
| } | ||
| } |
@@ -38,3 +38,3 @@ # Kontist SDK | ||
| app.get("/auth", async (req, res) => { | ||
| const uri = await client.auth.getAuthUri(); | ||
| const uri = await client.auth.tokenManager.getAuthUri(); | ||
| res.redirect(uri); | ||
@@ -48,3 +48,3 @@ }); | ||
| try { | ||
| const token = await client.auth.fetchToken(callbackUrl); | ||
| const token = await client.auth.tokenManager.fetchToken(callbackUrl); | ||
| /* got access token, login successful */ | ||
@@ -66,3 +66,3 @@ res.send("Successful, your token is " + token.accessToken); | ||
| ```typescript | ||
| const token = await client.auth.refresh(); | ||
| const token = await client.auth.tokenManager.refresh(); | ||
| ``` | ||
@@ -74,3 +74,3 @@ | ||
| // abort after 20 seconds | ||
| const token = await client.auth.refresh(20000); | ||
| const token = await client.auth.tokenManager.refresh(20000); | ||
| ``` | ||
@@ -108,3 +108,3 @@ | ||
| // page not called with "code" query parameter, let's redirect the user to the login | ||
| client.auth.getAuthUri().then(function(url) { | ||
| client.auth.tokenManager.getAuthUri().then(function(url) { | ||
| window.location = url; | ||
@@ -114,3 +114,3 @@ }); | ||
| // we have a code, the client now can fetch a token | ||
| client.auth.fetchToken(document.location.href).then(function() { | ||
| client.auth.tokenManager.fetchToken(document.location.href).then(function() { | ||
| // do a simple graphql query and output the account id | ||
@@ -141,3 +141,3 @@ client.graphQL | ||
| ```typescript | ||
| const token = await client.auth.refresh(); | ||
| const token = await client.auth.tokenManager.refresh(); | ||
| ``` | ||
@@ -149,3 +149,3 @@ | ||
| // abort after 20 seconds | ||
| const token = await client.auth.refresh(20000); | ||
| const token = await client.auth.tokenManager.refresh(20000); | ||
| ``` | ||
@@ -248,11 +248,11 @@ | ||
| Kontist SDK exposes a method to initiate the MFA flow after you successfully received the initial access token: | ||
| Kontist SDK exposes a method to initiate the push notification MFA flow after you successfully received the initial access token: | ||
| ```typescript | ||
| // fetch a regular access token | ||
| const token = await client.auth.fetchToken(callbackUrl); | ||
| const token = await client.auth.tokenManager.fetchToken(callbackUrl); | ||
| try { | ||
| // create an MFA challenge and wait for confirmation | ||
| const confirmedToken = await client.auth.getMFAConfirmedToken(); | ||
| // create a push notification challenge and wait for confirmation | ||
| const confirmedToken = await client.auth.push.getConfirmedToken(); | ||
| // once it has been verified, your `client` instance will have a confirmed access token | ||
@@ -269,8 +269,8 @@ // the confirmed token is also returned in case you want to store it | ||
| If you want to cancel a pending MFA confirmation, you can call the following method: | ||
| If you want to cancel a pending push notification confirmation, you can call the following method: | ||
| ```typescript | ||
| client.auth.cancelMFAConfirmation(); | ||
| client.auth.push.cancelConfirmation(); | ||
| ``` | ||
| The Promise returned by `getMFAConfirmedToken` will then reject with a `MFAConfirmationCanceledError`. | ||
| The Promise returned by `getConfirmedToken` will then reject with a `MFAConfirmationCanceledError`. |
| import { expect } from "chai"; | ||
| import { Client } from "../lib"; | ||
| import { Auth } from "../lib/auth"; | ||
| import { GraphQLClient } from "../lib/graphql/client"; | ||
| describe("Client", () => { | ||
| describe("client with mandatory parameters", () => { | ||
| it("should be able to create a client", () => { | ||
| const clientId = "26990216-e340-4f54-b5a5-df9baacc0440"; | ||
| const redirectUri = "https://localhost:3000/auth/callback"; | ||
| const scopes = ["transactions"]; | ||
| const state = "25843739712322056"; | ||
| describe("#constructor", () => { | ||
| it("should be able to create a client with minimal parameters", () => { | ||
| const clientId = "26990216-e340-4f54-b5a5-df9baacc0440"; | ||
| const redirectUri = "https://localhost:3000/auth/callback"; | ||
| const scopes = ["transactions"]; | ||
| const state = "25843739712322056"; | ||
| const client = new Client({ | ||
| clientId, | ||
| redirectUri, | ||
| scopes, | ||
| state | ||
| }); | ||
| expect(client).to.exist; | ||
| }); | ||
| it("should be able to create a client with all parameters", () => { | ||
| // arrange | ||
| const clientId = "26990216-e340-4f54-b5a5-df9baacc0440"; | ||
| const redirectUri = "https://localhost:3000/auth/callback"; | ||
| const scopes = ["transactions"]; | ||
| const state = "25843739712322056"; | ||
| const opts = { | ||
| clientId, | ||
| redirectUri, | ||
| scopes, | ||
| state, | ||
| }; | ||
| const auth = {} as Auth; | ||
| const graphQL = {} as GraphQLClient; | ||
| const models = { | ||
| transaction: {} as any, | ||
| transfer: {} as any, | ||
| account: {} as any, | ||
| user: {} as any, | ||
| }; | ||
| const client = new Client({ | ||
| clientId, | ||
| redirectUri, | ||
| scopes, | ||
| state | ||
| // act | ||
| const client = new Client( | ||
| opts, | ||
| "http://localhost:3000/api/graphql", | ||
| auth, | ||
| graphQL, | ||
| models, | ||
| ); | ||
| // assert | ||
| expect(client).to.exist; | ||
| }); | ||
| expect(client).to.exist; | ||
| }); | ||
| }); | ||
| }); |
@@ -18,3 +18,3 @@ import { expect } from "chai"; | ||
| const client = createClient(); | ||
| client.auth.setToken("dummy-access-token"); | ||
| client.auth.tokenManager.setToken("dummy-access-token"); | ||
@@ -21,0 +21,0 @@ let error; |
| import { TransactionProjectionType, Transaction } from "../lib/graphql/schema"; | ||
| import { Client } from "../lib"; | ||
| export const createClient = () => { | ||
| const clientId = "26990216-e340-4f54-b5a5-df9baacc0440"; | ||
| const redirectUri = "https://localhost:3000/auth/callback"; | ||
| const scopes = ["transactions"]; | ||
| const state = "25843739712322056"; | ||
| export const clientId = "26990216-e340-4f54-b5a5-df9baacc0440"; | ||
| export const redirectUri = "https://localhost:3000/auth/callback"; | ||
| export const scopes = ["transactions"]; | ||
| export const state = "25843739712322056"; | ||
| export const createClient = (opts = {}) => { | ||
| return new Client({ | ||
@@ -14,3 +14,4 @@ clientId, | ||
| scopes, | ||
| state | ||
| state, | ||
| ...opts | ||
| }); | ||
@@ -17,0 +18,0 @@ }; |
| const path = require('path'); | ||
| module.exports = { | ||
| entry: './dist/index.js', | ||
| entry: './dist/lib/index.js', | ||
| resolve: { | ||
@@ -6,0 +6,0 @@ extensions: [ '.tsx', '.ts', '.js' ], |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is too big to display
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 7 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by25.47%
332044
- Number of package files
- increased by32.89%
101
- Lines of code
- increased by34.1%
4876
Worsened metrics
- Dependency count
- increased by25%
5
- Dev dependency count
- increased by6.67%
16
- Number of low supply chain risk alerts
- increased by900%
10
- Number of medium supply chain risk alerts
- increased by25%
5
Dependency changes
+ Addeddotenv@^8.2.0
+ Addeddotenv@8.6.0(transitive)
Updatedabab@^2.0.3