openid-client - npm Package Compare versions

Comparing version 0.5.0 to 0.5.1

CHANGELOG.md

		Following semver, 1.0.0 will mark the first API stable release and commence of this file,
		until then please use the compare views of github for reference.

		- https://github.com/panva/node-openid-client/compare/v0.5.0...v0.5.1
		- fix: handle refresh w/o id_token
		- fix: ignore nonce values when refreshing w/ id_token
		- fix: validateIdToken only checks at_hash and c_hash values when TokenSet is passed in
		- https://github.com/panva/node-openid-client/compare/v0.4.1...v0.5.0
		- aggregated and distributed claim handling
		- https://github.com/panva/node-openid-client/compare/v0.3.0...v0.4.1
		@@ -5,0 +11,0 @@ - fix: issuer with path component discovery

lib/base_client.js

		@@ -147,3 +147,3 @@ 'use strict';
		) {
		return token;
		return Promise.resolve(token);
		}
		@@ -197,3 +197,5 @@

		if (idToken instanceof TokenSet) {
		const isTokenSet = idToken instanceof TokenSet;

		if (isTokenSet) {
		if (!idToken.id_token) {
		@@ -234,3 +236,3 @@ throw new Error('id_token not present in TokenSet');

		if (payloadObject.nonce \|\| (nonce !== undefined \|\| nonce !== null)) {
		if (nonce !== null && (payloadObject.nonce \|\| nonce !== undefined)) {
		assert.equal(payloadObject.nonce, nonce, 'nonce mismatch');
		@@ -254,3 +256,3 @@ }

		if (payloadObject.at_hash) {
		if (isTokenSet && payloadObject.at_hash) {
		assert.equal(payloadObject.at_hash, tokenHash(token.access_token, headerObject.alg),
		@@ -260,3 +262,3 @@ 'at_hash mismatch');

		if (payloadObject.c_hash) {
		if (isTokenSet && payloadObject.c_hash) {
		assert.equal(payloadObject.c_hash, tokenHash(token.code, headerObject.alg),
		@@ -289,4 +291,9 @@ 'c_hash mismatch');
		})
		.then(tokenset => this.decryptIdToken(tokenset, 'id_token'))
		.then(tokenset => this.validateIdToken(tokenset, undefined, 'id_token'));
		.then(tokenset => {
		if (!tokenset.id_token) {
		return tokenset;
		}
		return this.decryptIdToken(tokenset, 'id_token')
		.then(() => this.validateIdToken(tokenset, null, 'id_token'));
		});
		}
		@@ -363,2 +370,3 @@
		const endpoint = this.issuer.revocation_endpoint \|\| this.issuer.token_revocation_endpoint;

		return this.authenticatedPost(endpoint, { body: { token } },
		@@ -365,0 +373,0 @@ response => JSON.parse(response.body));

package.json

		{
		"name": "openid-client",
		"version": "0.5.0",
		"version": "0.5.1",
		"description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js",
		@@ -5,0 +5,0 @@ "main": "lib/index.js",

README.md

		@@ -121,4 +121,4 @@ # openid-client
		client.authorizationCallback('https://client.example.com/callback', request.query) // => Promise
		.then(function (tokens) {
		console.log('received tokens %j', tokens);
		.then(function (tokenSet) {
		console.log('received tokens %j', tokenSet);
		});
		@@ -133,4 +133,4 @@ ```
		client.authorizationCallback('https://client.example.com/callback', request.query, { state, nonce }) // => Promise
		.then(function (tokens) {
		console.log('received tokens %j', tokens);
		.then(function (tokenSet) {
		console.log('received tokens %j', tokenSet);
		});
		@@ -142,6 +142,7 @@ ```
		client.refresh(refreshToken) // => Promise
		.then(function (tokens) {
		console.log('refreshed tokens %j', tokens);
		.then(function (tokenSet) {
		console.log('refreshed tokens %j', tokenSet);
		});
		```
		Tip: accepts TokenSet as well as direct refresh token values;

		@@ -151,4 +152,4 @@ ### Revoke a token
		client.revoke(token) // => Promise
		.then(function () {
		console.log('revoked token %s', token);
		.then(function (response) {
		console.log('revoked token %s', token, response);
		});
		@@ -160,4 +161,4 @@ ```
		client.introspect(token) // => Promise
		.then(function (details) {
		console.log('token details %j', details);
		.then(function (response) {
		console.log('token details %j', response);
		});
		@@ -173,2 +174,3 @@ ```
		```
		Tip: accepts TokenSet as well as direct access token values;

		@@ -175,0 +177,0 @@ via POST

New alerts