		@@ -11,4 +11,3 @@ 'use strict';
		<title>Session Management - OP iframe</title>
		<script src="//cdnjs.cloudflare.com/ajax/libs/jsSHA/2.0.2/sha256.js">
		</script>
		<script src="//cdnjs.cloudflare.com/ajax/libs/jsSHA/2.0.2/sha256.js"></script>
		</head>
		@@ -22,5 +21,5 @@ <body>
		var clientId = message_parts[0];
		var sessionState = message_parts[1];
		console.log('OP recv session state: ' + sessionState);
		var salt = sessionState.split('.')[1];
		var actual = message_parts[1];
		if (console) console.log('OP recv session state: ' + actual);
		var salt = actual.split('.')[1];

		@@ -30,7 +29,7 @@ var opbs = getOPBrowserState(clientId);
		shaObj.update(clientId + ' ' + e.origin + ' ' + opbs + ' ' + salt);
		var ss = shaObj.getHash('HEX') + ['.' + salt];
		console.log('OP computed session state: ' + ss);
		var expected = shaObj.getHash('HEX') + ['.' + salt];
		if (console) console.log('OP computed session state: ' + expected);

		var stat;
		if (sessionState === ss) {
		if (actual === expected) {
		stat = 'unchanged';
		@@ -41,3 +40,3 @@ } else {

		console.log('OP status: ' + stat);
		if (console) console.log('OP status: ' + stat);

		@@ -52,3 +51,3 @@ e.source.postMessage(stat, e.origin);
		var cookie = readCookie('_session_states');
		console.log('_session_states cookie: ' + cookie);
		if (console) console.log('_session_states cookie: ' + cookie);

		@@ -55,0 +54,0 @@ if (cookie !== null) {

lib/actions/registration.js

		@@ -32,3 +32,3 @@ 'use strict';

		const client = yield provider.Client.add(params);
		const client = yield provider.addClient(params);

		@@ -35,0 +35,0 @@ const response = Object.assign({

lib/actions/token.js

		@@ -78,4 +78,7 @@ 'use strict';
		let refreshToken;
		if (provider.configuration.features.refreshToken \|\|
		code.scope.split(' ').indexOf('offline_access') !== -1) {
		const clientAllowed = this.oidc.client.grantTypes.indexOf('refresh_token') !== -1;
		const grantAllowed = provider.configuration.features.refreshToken \|\|
		code.scope.split(' ').indexOf('offline_access') !== -1;

		if (clientAllowed && grantAllowed) {
		const rt = new provider.RefreshToken({
		@@ -82,0 +85,0 @@ accountId: account.accountId,

lib/index.js

		@@ -40,3 +40,3 @@ 'use strict';
		class Provider extends events.EventEmitter {
		constructor(issuer, options) {
		constructor(issuer, setup) {
		super();
		@@ -46,5 +46,2 @@

		const opts = options \|\| {};
		const setup = opts.config;

		Object.defineProperty(this, 'configuration', {
		@@ -233,3 +230,8 @@ value: getConfiguration(setup),

		Provider.prototype.addClient = function addClient(client) {
		return this.Client.add(client);
		};

		Provider.prototype.addKey = function addKey(key) {
		// TODO: validate only private keys are added
		return this.keystore.add(key).then((jwk) => {
		@@ -236,0 +238,0 @@ if (this.configuration.features.encryption) {

lib/models/client.js

		@@ -73,9 +73,6 @@ 'use strict';
		application_type: Joi.string().valid('web', 'native').default('web'),
		client_id: Joi.required(),
		client_id: Joi.string().required(),
		client_name: Joi.string(),
		// TODO: validate secret length
		client_secret: Joi.string().when('token_endpoint_auth_method', {
		is: 'private_key_jwt',
		otherwise: Joi.required(),
		}),
		client_secret: Joi.string().required(),
		client_uri: webUri,
		@@ -82,0 +79,0 @@ contacts: Joi.array().items(Joi.string().email()),

package.json

oidc-provider - npm Package Compare versions

New alerts