oidc-provider
Advanced tools
Comparing version 0.10.1 to 0.10.2
Following semver, 1.0.0 will mark the first API stable release and commence of this file, | ||
until then please use the compare views of github for reference. | ||
- https://github.com/panva/node-oidc-provider/compare/v0.10.0...0.10.1 | ||
- https://github.com/panva/node-oidc-provider/compare/v0.10.0...0.10.2 | ||
- fix: push nonce from code to refresh token and then id_token upon refresh | ||
- fix: RFC6749 4.1.2.1 - missing, unrecognized, invalid clientid and redirect_uri handling (consistent no redirect) | ||
- https://github.com/panva/node-oidc-provider/compare/v0.9.0...v0.10.0 | ||
@@ -7,0 +8,0 @@ - added: custom discovery property config |
@@ -144,6 +144,8 @@ 'use strict'; | ||
// Validate: client_id param | ||
this.assert(clientId, new errors.InvalidRequestError('missing required parameter client_id')); | ||
const Client = provider.get('Client'); | ||
const client = yield Client.find(clientId); | ||
const client = yield Client.find(String(clientId)); | ||
this.assert(client, new errors.InvalidRequestError('unrecognized client_id')); | ||
this.assert(client, new errors.InvalidClientError()); | ||
@@ -159,2 +161,9 @@ return client; | ||
function * checkClient(next) { | ||
// Validate: client_id param | ||
this.oidc.client = yield loadClient.call(this, this.oidc.params.client_id); | ||
yield next; | ||
}, | ||
rejectDupes, | ||
@@ -234,9 +243,2 @@ | ||
function * checkClient(next) { | ||
// Validate: client_id param | ||
this.oidc.client = yield loadClient.call(this, this.oidc.params.client_id); | ||
yield next; | ||
}, | ||
function * noRedirectUriClients(next) { | ||
@@ -432,5 +434,7 @@ const oidc = this.oidc; | ||
this.oidc.redirectUriCheckPerformed = true; | ||
this.assert(this.oidc.client.redirectUriAllowed(this.oidc.params.redirect_uri), | ||
new errors.RedirectUriMismatchError()); | ||
yield next; | ||
@@ -437,0 +441,0 @@ }, |
@@ -21,2 +21,3 @@ 'use strict'; | ||
Object.defineProperty(this, 'authorization', { writable: true }); | ||
Object.defineProperty(this, 'redirectUriCheckPerformed', { writable: true }); | ||
this.uuid = uuid(); | ||
@@ -23,0 +24,0 @@ } |
'use strict'; | ||
const errors = require('../helpers/errors'); | ||
const formPost = require('../helpers/form_post'); | ||
@@ -10,4 +11,17 @@ const redirectUri = require('../helpers/redirect_uri'); | ||
yield next; | ||
} catch (err) { | ||
} catch (caught) { | ||
let err = caught; | ||
const out = {}; | ||
let params; | ||
params = this.oidc.params; | ||
params = params || (this.method === 'POST' ? this.request.body : this.query) || | ||
/* istanbul ignore next */ {}; | ||
if (this.oidc.client && params.redirect_uri && !this.oidc.redirectUriCheckPerformed) { | ||
if (!this.oidc.client.redirectUriAllowed(params.redirect_uri)) { | ||
err = new errors.RedirectUriMismatchError(); | ||
} | ||
} | ||
this.status = err.statusCode || 500; | ||
@@ -27,10 +41,2 @@ | ||
provider.emit(out.error === 'server_error' ? | ||
'server_error' : 'authorization.error', err, this); | ||
let params; | ||
params = this.oidc.params; | ||
params = params || (this.method === 'POST' ? this.request.body : this.query) || | ||
/* istanbul ignore next */ {}; | ||
if (params.state !== undefined) { | ||
@@ -40,4 +46,8 @@ out.state = params.state; | ||
provider.emit(out.error === 'server_error' ? | ||
'server_error' : 'authorization.error', err, this); | ||
// redirect uri error should render instead of redirect to uri | ||
if (err.message === 'redirect_uri_mismatch' || !params.redirect_uri) { | ||
if (!params.client_id || !params.redirect_uri || | ||
err.message === 'redirect_uri_mismatch' || err.message === 'invalid_client') { | ||
const renderError = provider.configuration('renderError'); | ||
@@ -44,0 +54,0 @@ return renderError(this, out); |
@@ -60,3 +60,3 @@ { | ||
}, | ||
"version": "0.10.1", | ||
"version": "0.10.2", | ||
"files": [ | ||
@@ -63,0 +63,0 @@ "lib" |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
161372
3738