oauth4webapi - npm Package Versions

2.0.0 (2022-11-20)

⚠ BREAKING CHANGES

• Use the TLS server validation in processAuthorizationCodeOpenIDResponse to validate the issuer instead of checking the ID Token's signature. The function's options argument was removed.
• Use the TLS server validation in processDeviceCodeResponse to validate the issuer instead of checking the optional ID Token's signature. The function's options argument was removed.
• Use the TLS server validation in processIntrospectionResponse to validate the issuer instead of checking the optional JWT Introspection Response signature. The function's options argument was removed.
• Use the TLS server validation in processRefreshTokenResponse to validate the issuer instead of checking the optional ID Token's signature. The function's options argument was removed.
• Use the TLS server validation in processUserInfoResponse to validate the issuer instead of checking the optional JWT UserInfo Response signature. The function's options argument was removed.
• PAR w/ DPoP no longer automatically adds dpop_jkt to the authorization request.
• Removed calculateJwkThumbprint function export.
• Removed jwksRequest function export.
• Removed processJwksResponse function export.

Refactor

• remove ignored and unused exports (4a545df)
• use TLS server validation instead of jwt signature validations (f728110)

1.4.1 (2022-11-20)

Refactor

• deno: add mod.ts to deno.land/x (0778278)
• use RsaHashedKeyAlgorithm in checkRsaKeyAlgorithm (94aa31c)

1.4.0 (2022-11-08)

Features

• add bun as a supported runtime (707efd1)

1.3.0 (2022-10-31)

Features

• allow to skip JWT signature validation on select responses (44d9114)

1.2.2 (2022-10-20)

Refactor

• add a type check on AbortSignal (b013fef)
• align argument and function names in assert functions (8ea65f6)
• update "as" error messages (3e894f5)

1.2.1 (2022-10-10)