🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
oauth2-mock-server
Advanced tools
oauth2-mock-server - npm Package Compare versions
Comparing version 7.2.0 to 7.2.1
@@ -7,2 +7,12 @@ # Changelog | ||
| ## [7.2.1](https://github.com/axa-group/oauth2-mock-server/compare/v7.2.0...v7.2.1) — 2025-04-30 | ||
| ### Fixed | ||
| - Fix paths of well known endpoints when issuer ends with a forward slash (reported in [#331](https://github.com/axa-group/oauth2-mock-server/issues/331) by [kikisaeba](https://github.com/kikisaeba)) | ||
| ### Changed | ||
| - Update dependencies | ||
| ## [7.2.0](https://github.com/axa-group/oauth2-mock-server/compare/v7.1.2...v7.2.0) — 2024-11-25 | ||
@@ -9,0 +19,0 @@ |
@@ -70,9 +70,10 @@ "use strict"; | ||
| (0, helpers_1.assertIsString)(this.issuer.url, 'Unknown issuer url.'); | ||
| const normalizedIssuerUrl = trimPotentialTrailingSlash(this.issuer.url); | ||
| const openidConfig = { | ||
| issuer: this.issuer.url, | ||
| token_endpoint: `${this.issuer.url}${this.#endpoints.token}`, | ||
| authorization_endpoint: `${this.issuer.url}${this.#endpoints.authorize}`, | ||
| userinfo_endpoint: `${this.issuer.url}${this.#endpoints.userinfo}`, | ||
| token_endpoint: `${normalizedIssuerUrl}${this.#endpoints.token}`, | ||
| authorization_endpoint: `${normalizedIssuerUrl}${this.#endpoints.authorize}`, | ||
| userinfo_endpoint: `${normalizedIssuerUrl}${this.#endpoints.userinfo}`, | ||
| token_endpoint_auth_methods_supported: ['none'], | ||
| jwks_uri: `${this.issuer.url}${this.#endpoints.jwks}`, | ||
| jwks_uri: `${normalizedIssuerUrl}${this.#endpoints.jwks}`, | ||
| response_types_supported: ['code'], | ||
@@ -87,6 +88,6 @@ grant_types_supported: [ | ||
| id_token_signing_alg_values_supported: ['RS256'], | ||
| revocation_endpoint: `${this.issuer.url}${this.#endpoints.revoke}`, | ||
| revocation_endpoint: `${normalizedIssuerUrl}${this.#endpoints.revoke}`, | ||
| subject_types_supported: ['public'], | ||
| end_session_endpoint: `${this.issuer.url}${this.#endpoints.endSession}`, | ||
| introspection_endpoint: `${this.issuer.url}${this.#endpoints.introspect}`, | ||
| end_session_endpoint: `${normalizedIssuerUrl}${this.#endpoints.endSession}`, | ||
| introspection_endpoint: `${normalizedIssuerUrl}${this.#endpoints.introspect}`, | ||
| code_challenge_methods_supported: helpers_1.supportedPkceAlgorithms, | ||
@@ -102,6 +103,3 @@ }; | ||
| const tokenTtl = helpers_1.defaultTokenTtl; | ||
| res.set({ | ||
| 'Cache-Control': 'no-store', | ||
| Pragma: 'no-cache', | ||
| }); | ||
| res.set({ 'Cache-Control': 'no-store', Pragma: 'no-cache' }); | ||
| let xfn; | ||
@@ -115,5 +113,3 @@ (0, helpers_1.assertIsValidTokenRequest)(req.body); | ||
| if (savedCodeChallenge === undefined) { | ||
| throw new node_assert_1.AssertionError({ | ||
| message: 'code_challenge required', | ||
| }); | ||
| throw new node_assert_1.AssertionError({ message: 'code_challenge required' }); | ||
| } | ||
@@ -161,7 +157,3 @@ this.#codeChallenges.delete(code); | ||
| xfn = (_header, payload) => { | ||
| Object.assign(payload, { | ||
| sub: 'johndoe', | ||
| amr: ['pwd'], | ||
| scope, | ||
| }); | ||
| Object.assign(payload, { sub: 'johndoe', amr: ['pwd'], scope }); | ||
| }; | ||
@@ -172,13 +164,7 @@ break; | ||
| xfn = (_header, payload) => { | ||
| Object.assign(payload, { | ||
| sub: 'johndoe', | ||
| amr: ['pwd'], | ||
| scope, | ||
| }); | ||
| Object.assign(payload, { sub: 'johndoe', amr: ['pwd'], scope }); | ||
| }; | ||
| break; | ||
| default: | ||
| return res.status(400).json({ | ||
| error: 'invalid_grant', | ||
| }); | ||
| return res.status(400).json({ error: 'invalid_grant' }); | ||
| } | ||
@@ -196,10 +182,5 @@ const token = await this.buildToken(req, tokenTtl, xfn); | ||
| const xfn = (_header, payload) => { | ||
| Object.assign(payload, { | ||
| sub: 'johndoe', | ||
| aud: clientId, | ||
| }); | ||
| Object.assign(payload, { sub: 'johndoe', aud: clientId }); | ||
| if (reqBody.code !== undefined && this.#nonce[reqBody.code]) { | ||
| Object.assign(payload, { | ||
| nonce: this.#nonce[reqBody.code], | ||
| }); | ||
| Object.assign(payload, { nonce: this.#nonce[reqBody.code] }); | ||
| delete this.#nonce[reqBody.code]; | ||
@@ -211,6 +192,3 @@ } | ||
| } | ||
| const tokenEndpointResponse = { | ||
| body, | ||
| statusCode: 200, | ||
| }; | ||
| const tokenEndpointResponse = { body, statusCode: 200 }; | ||
| this.emit(types_1.Events.BeforeResponse, tokenEndpointResponse, req); | ||
@@ -268,5 +246,3 @@ return res | ||
| const userInfoResponse = { | ||
| body: { | ||
| sub: 'johndoe', | ||
| }, | ||
| body: { sub: 'johndoe' }, | ||
| statusCode: 200, | ||
@@ -278,5 +254,3 @@ }; | ||
| revokeHandler = (req, res) => { | ||
| const revokeResponse = { | ||
| statusCode: 200, | ||
| }; | ||
| const revokeResponse = { statusCode: 200 }; | ||
| this.emit(types_1.Events.BeforeRevoke, revokeResponse, req); | ||
@@ -295,5 +269,3 @@ return res.status(revokeResponse.statusCode).send(''); | ||
| const introspectResponse = { | ||
| body: { | ||
| active: true, | ||
| }, | ||
| body: { active: true }, | ||
| statusCode: 200, | ||
@@ -308,1 +280,4 @@ }; | ||
| exports.OAuth2Service = OAuth2Service; | ||
| const trimPotentialTrailingSlash = (url) => { | ||
| return url.endsWith('/') ? url.slice(0, -1) : url; | ||
| }; |
| { | ||
| "name": "oauth2-mock-server", | ||
| "version": "7.2.0", | ||
| "version": "7.2.1", | ||
| "description": "OAuth 2 mock server", | ||
| "type": "commonjs", | ||
| "keywords": [ | ||
@@ -10,2 +11,4 @@ "oauth", | ||
| "mock", | ||
| "fake", | ||
| "stub", | ||
| "server", | ||
@@ -15,3 +18,4 @@ "cli", | ||
| "oidc", | ||
| "openid connect" | ||
| "openid", | ||
| "connect" | ||
| ], | ||
@@ -29,3 +33,3 @@ "author": { | ||
| "type": "git", | ||
| "url": "https://github.com/axa-group/oauth2-mock-server.git" | ||
| "url": "git+https://github.com/axa-group/oauth2-mock-server.git" | ||
| }, | ||
@@ -57,5 +61,5 @@ "main": "./dist/index.js", | ||
| "cors": "^2.8.5", | ||
| "express": "^4.21.1", | ||
| "express": "^4.21.2", | ||
| "is-plain-object": "^5.0.0", | ||
| "jose": "^5.9.6" | ||
| "jose": "^5.10.0" | ||
| }, | ||
@@ -66,18 +70,18 @@ "devDependencies": { | ||
| "@types/express": "^4.17.21", | ||
| "@types/node": "^18.19.64", | ||
| "@types/supertest": "^6.0.2", | ||
| "@typescript-eslint/eslint-plugin": "^8.15.0", | ||
| "@typescript-eslint/parser": "^8.15.0", | ||
| "@vitest/coverage-v8": "^2.1.5", | ||
| "@vitest/eslint-plugin": "^1.1.10", | ||
| "@types/node": "^18.19.87", | ||
| "@types/supertest": "^6.0.3", | ||
| "@typescript-eslint/eslint-plugin": "^8.31.1", | ||
| "@typescript-eslint/parser": "^8.31.1", | ||
| "@vitest/coverage-v8": "^3.1.2", | ||
| "@vitest/eslint-plugin": "^1.1.43", | ||
| "eslint": "^8.57.1", | ||
| "eslint-config-prettier": "^9.1.0", | ||
| "eslint-plugin-import": "^2.29.1", | ||
| "eslint-plugin-jsdoc": "^50.5.0", | ||
| "eslint-plugin-prettier": "^5.2.1", | ||
| "prettier": "^3.1.1", | ||
| "eslint-plugin-jsdoc": "^50.6.11", | ||
| "eslint-plugin-prettier": "^5.2.6", | ||
| "prettier": "^3.5.3", | ||
| "rimraf": "^5.0.10", | ||
| "supertest": "^7.0.0", | ||
| "typescript": "^5.3.3", | ||
| "vitest": "^2.1.5" | ||
| "supertest": "^7.1.0", | ||
| "typescript": "^5.8.3", | ||
| "vitest": "^3.1.2" | ||
| }, | ||
@@ -84,0 +88,0 @@ "resolutions": { |
New alerts
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
65495
0.04%Worsened metrics
- Lines of code
1077
-2.27%Dependency changes
Updated
express@^4.21.2Updated
jose@^5.10.0