oauth4webapi - npm Package Versions

2.12.2 (2024-09-09)

Refactor

• error msg when ID Token aud is an array and azp is missing (68e0338)
• remove redundant checks (763b3d0)

Documentation

• remove non-described parameter JSDoc tags (b1507b9)
• update README.md (9d1377b)

2.12.1 (2024-09-03)

Fixes

• use correct "htm" in DPoP Proof via protectedResourceRequest (3ce3be2), closes #132

2.12.0 (2024-08-19)

Features

• graduate jwksCache to stable API (0e0e1d2)

Documentation

• move clockSkew and clockTolerance docs to the symbol (3b5d2ea)
• update clockSkew and clockTolerance docs (c97313a)

2.11.1 (2024-06-20)

Fixes

• allow ID Token auth_time to be present even if client.require_auth_time is false (caa9ab3)

2.11.0 (2024-06-19)

Features

• add experimental support for edge compute runtimes JWKS caching (15b7aff)

Refactor

• update maxAge option type check error message (7fe3454)

Documentation

• clarify documentation is more an API Reference (c96c8e0)
• update example import (651e8ea)
• updates for readability and consistency (b1b8b7d)

2.10.4 (2024-03-29)

Refactor

• types: add explicit type to all exported functions (76e8d19)
• types: add explicit type to all exported symbols (c66c595)
• types: protectedResourceRequest method argument is just a string (a15d76c)

Documentation

• mention RFC 6750 in validateJwtAccessToken (f61b68e), closes #115

2.10.3 (2024-02-07)

Refactor

• make protectedResourceRequest headers argument optional (bcbc872)

Documentation

• update all examples (cdcbbde)

2.10.2 (2024-02-05)

Fixes

• normalize authorization_details and max_age in issueRequestObject (f8d267e)

2.10.0 (2024-02-04)

Features

• types: add interfaces for RFC 9396 (Rich Authorization Requests) (1c606ea)

Refactor

• some biome identified smells and less non-null assertions (bc508f6)

Documentation

• update customFetch and useMtlsAlias a bit (627e716)

Fixes

• types: add missing and optional scope to interfaces (5dc6d17)