Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

oauth2-pkce

Package Overview
Dependencies
Maintainers
1
Versions
13
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

oauth2-pkce - npm Package Compare versions

Comparing version 1.0.2 to 1.1.0

2

index.d.ts

@@ -17,2 +17,3 @@ export * from './errors';

extraRefreshParams?: ObjStringDict;
storeRefreshToken?: boolean;
}

@@ -38,2 +39,3 @@ export declare type Scopes = string[];

private refreshTokenForAccessTokenPromise?;
private refreshToken;
constructor(config: Configuration);

@@ -40,0 +42,0 @@ reset(): void;

31

index.js

@@ -10,3 +10,3 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {

};
import { ErrorInvalidReturnedStateParam, ErrorInvalidToken, ErrorNoAccessToken, ErrorNoAuthCode, toErrorObject } from './errors';
import { ErrorInvalidReturnedStateParam, ErrorNoAccessToken, ErrorNoAuthCode, toErrorObject } from './errors';
import { extractParamFromUrl, generatePKCECodeChallengeAndVerifier, generateRandomState, objectToQueryString, parseWwwAuthenticateHeader } from './helpers';

@@ -189,12 +189,15 @@ export * from './errors';

return (input, ...rest) => __awaiter(this, void 0, void 0, function* () {
try {
return fetchFunc(input, ...rest);
}
catch (e) {
if (e instanceof ErrorInvalidToken) {
yield this.exchangeRefreshTokenForAccessToken();
return fetchFunc(input, ...rest);
const response = yield fetchFunc(input, ...rest);
if (response.status === 401) {
const authenticateHeader = response.headers.get(HEADER_WWW_AUTHENTICATE.toLowerCase());
if (authenticateHeader) {
const error = parseWwwAuthenticateHeader(authenticateHeader).error;
if (error === 'invalid_token') {
yield this.exchangeRefreshTokenForAccessToken();
input = yield this.requestInterceptor(input);
return fetchFunc(input, ...rest);
}
}
throw e;
}
return response;
});

@@ -250,6 +253,14 @@ }

this.state = JSON.parse(localStorage.getItem(LOCALSTORAGE_STATE) || '{}');
if (!this.config.storeRefreshToken) {
this.state.refreshToken = this.refreshToken;
}
}
saveState() {
localStorage.setItem(LOCALSTORAGE_STATE, JSON.stringify(this.state));
this.refreshToken = this.state.refreshToken;
const state = Object.assign({}, this.state);
if (!this.config.storeRefreshToken) {
delete state.refreshToken;
}
localStorage.setItem(LOCALSTORAGE_STATE, JSON.stringify(state));
}
}

33

index.ts

@@ -32,2 +32,3 @@ import {

extraRefreshParams?: ObjStringDict;
storeRefreshToken?: boolean;
}

@@ -90,2 +91,3 @@

private refreshTokenForAccessTokenPromise?: Promise<TokenResponse>;
private refreshToken: string;

@@ -328,12 +330,17 @@ constructor (config: Configuration) {

return async (input: Request | string, ...rest): Promise<Response> => {
try {
return fetchFunc(input, ...rest);
}
catch (e) {
if (e instanceof ErrorInvalidToken) {
await this.exchangeRefreshTokenForAccessToken();
return fetchFunc(input, ...rest);
const response = await fetchFunc(input, ...rest);
if (response.status === 401) {
const authenticateHeader = response.headers.get(
HEADER_WWW_AUTHENTICATE.toLowerCase()
);
if (authenticateHeader) {
const error = parseWwwAuthenticateHeader(authenticateHeader).error;
if (error === 'invalid_token') {
await this.exchangeRefreshTokenForAccessToken();
input = await this.requestInterceptor(input as Request);
return fetchFunc(input, ...rest);
}
}
throw e;
}
return response;
};

@@ -421,7 +428,15 @@ }

this.state = JSON.parse(localStorage.getItem(LOCALSTORAGE_STATE) || '{}');
if (!this.config.storeRefreshToken) {
this.state.refreshToken = this.refreshToken;
}
}
private saveState() {
localStorage.setItem(LOCALSTORAGE_STATE, JSON.stringify(this.state));
this.refreshToken = this.state.refreshToken;
const state = { ...this.state };
if (!this.config.storeRefreshToken) {
delete state.refreshToken;
}
localStorage.setItem(LOCALSTORAGE_STATE, JSON.stringify(state));
}
}

36

index.umd.js

@@ -545,12 +545,19 @@ (function(f){if(typeof exports==="object"&&typeof module!=="undefined"){module.exports=f()}else if(typeof define==="function"&&define.amd){define([],f)}else{var g;if(typeof window!=="undefined"){g=window}else if(typeof global!=="undefined"){g=global}else if(typeof self!=="undefined"){g=self}else{g=this}g.OAuth2Pkce = f()}})(function(){var define,module,exports;return (function(){function r(e,n,t){function o(i,f){if(!n[i]){if(!e[i]){var c="function"==typeof require&&require;if(!f&&c)return c(i,!0);if(u)return u(i,!0);var a=new Error("Cannot find module '"+i+"'");throw a.code="MODULE_NOT_FOUND",a}var p=n[i]={exports:{}};e[i][0].call(p.exports,function(r){var n=e[i][1][r];return o(n||r)},p,p.exports,r,e,n,t)}return n[i].exports}for(var u="function"==typeof require&&require,i=0;i<t.length;i++)o(t[i]);return o}return r})()({1:[function(require,module,exports){

return (input, ...rest) => __awaiter(this, void 0, void 0, function* () {
try {
return fetchFunc(input, ...rest);
} catch (e) {
if (e instanceof _errors.ErrorInvalidToken) {
yield this.exchangeRefreshTokenForAccessToken();
return fetchFunc(input, ...rest);
const response = yield fetchFunc(input, ...rest);
if (response.status === 401) {
const authenticateHeader = response.headers.get(HEADER_WWW_AUTHENTICATE.toLowerCase());
if (authenticateHeader) {
const error = (0, _helpers.parseWwwAuthenticateHeader)(authenticateHeader).error;
if (error === 'invalid_token') {
yield this.exchangeRefreshTokenForAccessToken();
input = yield this.requestInterceptor(input);
return fetchFunc(input, ...rest);
}
}
}
throw e;
}
return response;
});

@@ -622,6 +629,17 @@ }

this.state = JSON.parse(localStorage.getItem(LOCALSTORAGE_STATE) || '{}');
if (!this.config.storeRefreshToken) {
this.state.refreshToken = this.refreshToken;
}
}
saveState() {
localStorage.setItem(LOCALSTORAGE_STATE, JSON.stringify(this.state));
this.refreshToken = this.state.refreshToken;
const state = Object.assign({}, this.state);
if (!this.config.storeRefreshToken) {
delete state.refreshToken;
}
localStorage.setItem(LOCALSTORAGE_STATE, JSON.stringify(state));
}

@@ -628,0 +646,0 @@

2

package.json
{
"name": "oauth2-pkce",
"version": "1.0.2",
"version": "1.1.0",
"description": "An OAuth 2.0 client library for the Authorization Code flow with PKCE",

@@ -5,0 +5,0 @@ "main": "index.js",

3

README.md

@@ -26,2 +26,3 @@ # OAuth2PKCE client

redirectUrl: 'https://app.example.com/return/'`,
storeRefreshToken: false,
// optional:

@@ -45,2 +46,4 @@ onAccessTokenExpiry() {

The optional `storeRefreshToken` setting tells the client to store refresh tokens from the auth server in the browser's local storage in order to be logged in indefinitely (until calling `reset()`), defaults to `false`. This is not considered secure, so use cautiously. The refresh token is stored in memory anyway, so the users are logged in as long as they don't refresh/close the page or the access token is valid.
### Authenticate

@@ -47,0 +50,0 @@

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc