openid-client
Advanced tools
Comparing version 0.5.0 to 0.5.1
| Following semver, 1.0.0 will mark the first API stable release and commence of this file, | ||
| until then please use the compare views of github for reference. | ||
| - https://github.com/panva/node-openid-client/compare/v0.5.0...v0.5.1 | ||
| - fix: handle refresh w/o id_token | ||
| - fix: ignore nonce values when refreshing w/ id_token | ||
| - fix: validateIdToken only checks at_hash and c_hash values when TokenSet is passed in | ||
| - https://github.com/panva/node-openid-client/compare/v0.4.1...v0.5.0 | ||
| - aggregated and distributed claim handling | ||
| - https://github.com/panva/node-openid-client/compare/v0.3.0...v0.4.1 | ||
@@ -5,0 +11,0 @@ - fix: issuer with path component discovery |
@@ -147,3 +147,3 @@ 'use strict'; | ||
| ) { | ||
| return token; | ||
| return Promise.resolve(token); | ||
| } | ||
@@ -197,3 +197,5 @@ | ||
| if (idToken instanceof TokenSet) { | ||
| const isTokenSet = idToken instanceof TokenSet; | ||
| if (isTokenSet) { | ||
| if (!idToken.id_token) { | ||
@@ -234,3 +236,3 @@ throw new Error('id_token not present in TokenSet'); | ||
| if (payloadObject.nonce || (nonce !== undefined || nonce !== null)) { | ||
| if (nonce !== null && (payloadObject.nonce || nonce !== undefined)) { | ||
| assert.equal(payloadObject.nonce, nonce, 'nonce mismatch'); | ||
@@ -254,3 +256,3 @@ } | ||
| if (payloadObject.at_hash) { | ||
| if (isTokenSet && payloadObject.at_hash) { | ||
| assert.equal(payloadObject.at_hash, tokenHash(token.access_token, headerObject.alg), | ||
@@ -260,3 +262,3 @@ 'at_hash mismatch'); | ||
| if (payloadObject.c_hash) { | ||
| if (isTokenSet && payloadObject.c_hash) { | ||
| assert.equal(payloadObject.c_hash, tokenHash(token.code, headerObject.alg), | ||
@@ -289,4 +291,9 @@ 'c_hash mismatch'); | ||
| }) | ||
| .then(tokenset => this.decryptIdToken(tokenset, 'id_token')) | ||
| .then(tokenset => this.validateIdToken(tokenset, undefined, 'id_token')); | ||
| .then(tokenset => { | ||
| if (!tokenset.id_token) { | ||
| return tokenset; | ||
| } | ||
| return this.decryptIdToken(tokenset, 'id_token') | ||
| .then(() => this.validateIdToken(tokenset, null, 'id_token')); | ||
| }); | ||
| } | ||
@@ -363,2 +370,3 @@ | ||
| const endpoint = this.issuer.revocation_endpoint || this.issuer.token_revocation_endpoint; | ||
| return this.authenticatedPost(endpoint, { body: { token } }, | ||
@@ -365,0 +373,0 @@ response => JSON.parse(response.body)); |
| { | ||
| "name": "openid-client", | ||
| "version": "0.5.0", | ||
| "version": "0.5.1", | ||
| "description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js", | ||
@@ -5,0 +5,0 @@ "main": "lib/index.js", |
@@ -121,4 +121,4 @@ # openid-client | ||
| client.authorizationCallback('https://client.example.com/callback', request.query) // => Promise | ||
| .then(function (tokens) { | ||
| console.log('received tokens %j', tokens); | ||
| .then(function (tokenSet) { | ||
| console.log('received tokens %j', tokenSet); | ||
| }); | ||
@@ -133,4 +133,4 @@ ``` | ||
| client.authorizationCallback('https://client.example.com/callback', request.query, { state, nonce }) // => Promise | ||
| .then(function (tokens) { | ||
| console.log('received tokens %j', tokens); | ||
| .then(function (tokenSet) { | ||
| console.log('received tokens %j', tokenSet); | ||
| }); | ||
@@ -142,6 +142,7 @@ ``` | ||
| client.refresh(refreshToken) // => Promise | ||
| .then(function (tokens) { | ||
| console.log('refreshed tokens %j', tokens); | ||
| .then(function (tokenSet) { | ||
| console.log('refreshed tokens %j', tokenSet); | ||
| }); | ||
| ``` | ||
| Tip: accepts TokenSet as well as direct refresh token values; | ||
@@ -151,4 +152,4 @@ ### Revoke a token | ||
| client.revoke(token) // => Promise | ||
| .then(function () { | ||
| console.log('revoked token %s', token); | ||
| .then(function (response) { | ||
| console.log('revoked token %s', token, response); | ||
| }); | ||
@@ -160,4 +161,4 @@ ``` | ||
| client.introspect(token) // => Promise | ||
| .then(function (details) { | ||
| console.log('token details %j', details); | ||
| .then(function (response) { | ||
| console.log('token details %j', response); | ||
| }); | ||
@@ -173,2 +174,3 @@ ``` | ||
| ``` | ||
| Tip: accepts TokenSet as well as direct access token values; | ||
@@ -175,0 +177,0 @@ via POST |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by1.76%
40097
- Lines of code
- increased by0.8%
760
- Number of lines in readme file
- increased by0.66%
306
No dependency changes