nativescript-oauth2 - npm Package Compare versions

Comparing version 1.5.3 to 2.0.0

index.d.ts

@@ -33,3 +33,5 @@ /// <reference path="./providers/providers.d.ts" />
   tokenResult: ITnsOAuthTokenResult;
-  constructor(providerType: TnsOaProviderType);
+  codeVerifier?: string;
+  pkce?: boolean;
+  constructor(providerType: TnsOaProviderType, pkce?: boolean);
   loginWithCompletion(completion?: TnsOAuthClientLoginBlock): void;
@@ -36,0 +38,0 @@ refreshTokenWithCompletion(completion?: TnsOAuthClientLoginBlock): void;

oauth.js

@@ -12,3 +12,5 @@ "use strict";
 var TnsOAuthClient = (function () {
-    function TnsOAuthClient(providerType) {
+    function TnsOAuthClient(providerType, pkce) {
+        if (pkce === void 0) { pkce = true; }
+        this.pkce = pkce;
         this.provider = null;
@@ -121,5 +123,13 @@ this.provider = exports.tnsOauthProviderMap.providerMap.get(providerType);
         }
+        if (!this.tokenResult) {
+            return;
+        }
         var connection = tns_oauth_client_connection_1.TnsOAuthClientConnection.initWithRequestClientCompletion(this, function (data, result, error) {
             if (result) {
-                _this.tokenResult = tns_oauth_utils_1.httpResponseToToken(result);
+                var tokenResult = tns_oauth_utils_1.httpResponseToToken(result);
+                if (!tokenResult.refreshToken && _this.tokenResult) {
+                    tokenResult.refreshToken = _this.tokenResult.refreshToken;
+                    tokenResult.refreshTokenExpiration = _this.tokenResult.refreshTokenExpiration;
+                }
+                _this.tokenResult = tokenResult;
             }
@@ -126,0 +136,0 @@ completion(_this.tokenResult, error);

package.json

 {
   "name": "nativescript-oauth2",
-  "version": "1.5.3",
+  "version": "2.0.0",
   "description": "OAuth 2 generic authorization plugin for NativeScript that doesn't install third party native libraries",
@@ -5,0 +5,0 @@ "main": "oauth",

providers/providers.d.ts

@@ -39,2 +39,4 @@ import { ITnsOAuthTokenResult } from "../index";
 
+  usePKCE?: true;
+
   getAuthUrlStr?(): string;
@@ -41,0 +43,0 @@ getAccessTokenUrlWithCodeStr?(authCode: string): string;

README.md

 # OAuth 2 Plugin for NativeScript
 
-![npm-downloads-per-week](https://img.shields.io/npm/dw/nativescript-oauth2.svg) [![Build Status](https://travis-ci.org/alexziskind1/nativescript-oauth2.svg?branch=master)](https://travis-ci.org/alexziskind1/nativescript-oauth2)
+[![Build Status][build-status]][build-url]
+[![NPM version][npm-image]][npm-url]
+[![Downloads][downloads-image]][npm-url]
+[![Twitter Follow][twitter-image]][twitter-url]
 
+[build-status]:https://travis-ci.org/alexziskind1/nativescript-oauth2.svg?branch=master
+[build-url]:https://travis-ci.org/alexziskind1/nativescript-oauth2
+[npm-image]:http://img.shields.io/npm/v/nativescript-oauth2.svg
+[npm-url]:https://npmjs.org/package/nativescript-oauth2
+[downloads-image]:http://img.shields.io/npm/dm/nativescript-oauth2.svg
+[twitter-image]:https://img.shields.io/twitter/follow/digitalix.svg?style=social&label=Follow%20me
+[twitter-url]:https://twitter.com/digitalix
 
@@ -177,2 +187,5 @@ Library for interacting with OAuth 2.0 in NativeScript applications that provides simplified direct client access with a OAuth providers that support the OAuth 2.0 protocol such as Microsoft, Facebook, and Google, but not limited to any login providers, and even allows you to plug in your own. This library doesn't use any native libraries and relies only on what comes in the box - making it really lightweight.
 
+By default, this plugin enables [PKCE (Proof Key for Code Exchange)](https://oauth.net/2/pkce/) since version 2.0.0.
+If you want to disable it, pass in `false` as the second argument of the `TnsOAuthClient` constructor.
+
 ```typescript
@@ -179,0 +192,0 @@ import { TnsOAuthClient, ITnsOAuthTokenResult } from "nativescript-oauth2";

tns-oauth-client-connection.js

@@ -163,2 +163,5 @@ "use strict";
         params[codeParam] = code;
+        if (client.codeVerifier) {
+            params["code_verifier"] = client.codeVerifier;
+        }
         var post_data = querystring.stringify(params);
@@ -165,0 +168,0 @@ post_data =

tns-oauth-login-sub-controller.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+var pkce_util_1 = require("./pkce-util");
 var tns_oauth_auth_state_1 = require("./tns-oauth-auth-state");
@@ -16,5 +17,9 @@ var tns_oauth_client_connection_1 = require("./tns-oauth-client-connection");
         }
-        this.authState = new tns_oauth_auth_state_1.TnsOAuthState("", completion);
-        var fullUrl = tns_oauth_utils_1.getAuthUrlStr(this.client.provider);
-        return fullUrl;
+        var codeChallenge;
+        if (this.client.pkce) {
+            this.client.codeVerifier = pkce_util_1.getCodeVerifier();
+            codeChallenge = pkce_util_1.sha256base64encoded(this.client.codeVerifier);
+        }
+        this.authState = new tns_oauth_auth_state_1.TnsOAuthState(this.client.codeVerifier, completion);
+        return tns_oauth_utils_1.getAuthUrlStr(this.client.provider, codeChallenge);
     };
@@ -21,0 +26,0 @@ TnsOAuthLoginSubController.prototype.resumeWithUrl = function (url, completion) {

tns-oauth-utils.js

@@ -14,3 +14,3 @@ "use strict";
 }
-function getAuthUrlStr(provider) {
+function getAuthUrlStr(provider, codeChallenge) {
     if (provider.getAuthUrlStr) {
@@ -26,2 +26,6 @@ return provider.getAuthUrlStr();
     params["state"] = "abcd";
+    if (codeChallenge) {
+        params["code_challenge"] = codeChallenge;
+        params["code_challenge_method"] = "S256";
+    }
     addCustomQueryParams(params, provider);
@@ -66,12 +70,7 @@ var pararmsStr = querystring.stringify(params);
     var pararmsStr = querystring.stringify(params);
-    var pararmsWithRedirectStr = pararmsStr + "&redirect_uri=" + provider.options.redirectUri;
-    var retAccessTokenWithCodeUrlStr = getAccessTokenUrlStr(provider) + "?" + pararmsWithRedirectStr;
+    var paramsWithRedirectStr = pararmsStr + "&redirect_uri=" + provider.options.redirectUri;
+    var retAccessTokenWithCodeUrlStr = getAccessTokenUrlStr(provider) + "?" + paramsWithRedirectStr;
     return retAccessTokenWithCodeUrlStr;
 }
 exports.getAccessTokenUrlWithCodeStr = getAccessTokenUrlWithCodeStr;
-function getAccessTokenWithCodeUrl(provider, authCode) {
-    var accessUrlStr = getAccessTokenUrlWithCodeStr(provider, authCode);
-    return accessUrlStr;
-}
-exports.getAccessTokenWithCodeUrl = getAccessTokenWithCodeUrl;
 function newUUID(a, b) {
@@ -78,0 +77,0 @@ for (b = a = ""; a++ < 36; b +=

No alert changes

Improved metrics

Lines of code

1257

increased by5.54%

Number of lines in readme file

380

increased by3.54%

Worsened metrics

Total package byte prevSize

76997

decreased by-26.92%

Number of package files

26

decreased by-10.34%

No dependency changes