oidc-provider - npm Package Compare versions

Comparing version 7.10.2 to 7.10.3

lib/actions/userinfo.js

		@@ -1,2 +0,2 @@
		const { InvalidDpopProof, InvalidToken, InsufficientScope } = require('../helpers/errors');
		const { InvalidToken, InsufficientScope, InvalidDpopProof } = require('../helpers/errors');
		const difference = require('../helpers/_/difference');
		@@ -46,3 +46,4 @@ const setWWWAuthenticate = require('../helpers/set_www_authenticate');
		if (err instanceof InvalidDpopProof) {
		err.error = err.message = 'invalid_token'; // eslint-disable-line no-multi-assign
		// eslint-disable-next-line no-multi-assign
		err.status = err.statusCode = 401;
		}
		@@ -49,0 +50,0 @@

lib/helpers/validate_dpop.js

		@@ -47,11 +47,11 @@ const { createHash } = require('crypto');
		if (typeof payload.jti !== 'string' \|\| !payload.jti) {
		throw new Error('must have a jti string property');
		throw new InvalidDpopProof('DPoP Proof must have a jti string property');
		}

		if (payload.htm !== ctx.method) {
		throw new Error('htm mismatch');
		throw new InvalidDpopProof('DPoP Proof htm mismatch');
		}

		if (payload.htu !== ctx.oidc.urlFor(ctx.oidc.route)) {
		throw new Error('htu mismatch');
		throw new InvalidDpopProof('DPoP Proof htu mismatch');
		}
		@@ -62,3 +62,3 @@
		if (payload.ath !== ath) {
		throw new Error('ath mismatch');
		throw new InvalidDpopProof('DPoP Proof ath mismatch');
		}
		@@ -71,4 +71,7 @@ }
		} catch (err) {
		if (err instanceof InvalidDpopProof) {
		throw err;
		}
		throw new InvalidDpopProof('invalid DPoP key binding', err.message);
		}
		};

package.json

		{
		"name": "oidc-provider",
		"version": "7.10.2",
		"version": "7.10.3",
		"description": "OAuth 2.0 Authorization Server implementation for Node.js with OpenID Connect",
		@@ -5,0 +5,0 @@ "keywords": [

lib/helpers/defaults.js

Sorry, the diff of this file is too big to display

New alerts