openid-client
Advanced tools
openid-client - npm Package Compare versions
Comparing version 1.12.1 to 1.13.0
@@ -8,2 +8,3 @@ # openid-client CHANGELOG | ||
| <!-- TOC START min:2 max:2 link:true update:true --> | ||
| - [Version 1.13.0](#version-1130) | ||
| - [Version 1.12.0](#version-1120) | ||
@@ -27,2 +28,9 @@ - [Version 1.11.0](#version-1110) | ||
| ## Version 1.13.0 | ||
| - [DIFF](https://github.com/panva/node-openid-client/compare/v1.12.1...v1.13.0) | ||
| - added an optional keystore argument to `Client#fromUri(uri, token, [keystore])` to pass a keystore | ||
| with private asymmetrical keys | ||
| - fixed keystore check during constructor `Client#new` calls to check that only private asymmetrical | ||
| keys are added | ||
| ## Version 1.12.0 | ||
@@ -29,0 +37,0 @@ ### Version 1.12.1 |
@@ -134,2 +134,13 @@ 'use strict'; | ||
| function checkStore(keystore) { | ||
| assert(jose.JWK.isKeyStore(keystore), 'keystore must be an instance of jose.JWK.KeyStore'); | ||
| assert(keystore.all().every((key) => { | ||
| if (key.kty === 'RSA' || key.kty === 'EC') { | ||
| try { key.toPEM(true); } catch (err) { return false; } | ||
| return true; | ||
| } | ||
| return false; | ||
| }), 'keystore must only contain private EC or RSA keys'); | ||
| } | ||
| const deprecatedKeystore = util.deprecate(keystore => keystore, | ||
@@ -173,3 +184,3 @@ 'passing keystore directly is deprecated, pass an object with keystore property instead'); | ||
| if (keystore !== undefined) { | ||
| assert(jose.JWK.isKeyStore(keystore), 'keystore must be an instance of jose.JWK.KeyStore'); | ||
| checkStore.call(this, keystore); | ||
| instance(this).keystore = keystore; | ||
@@ -842,10 +853,3 @@ } | ||
| if (keystore !== undefined && !(properties.jwks || properties.jwks_uri)) { | ||
| assert(jose.JWK.isKeyStore(keystore), 'keystore must be an instance of jose.JWK.KeyStore'); | ||
| assert(keystore.all().every((key) => { | ||
| if (key.kty === 'RSA' || key.kty === 'EC') { | ||
| try { key.toPEM(true); } catch (err) { return false; } | ||
| return true; | ||
| } | ||
| return false; | ||
| }), 'keystore must only contain private EC or RSA keys'); | ||
| checkStore.call(this, keystore); | ||
| properties.jwks = keystore.toJSON(); | ||
@@ -875,3 +879,3 @@ } | ||
| */ | ||
| static fromUri(uri, token) { | ||
| static fromUri(uri, token, keystore) { | ||
| return this.httpClient.get(uri, this.issuer.httpOptions({ | ||
@@ -881,3 +885,3 @@ headers: { Authorization: bearer(token) }, | ||
| .then(expectResponse(200)) | ||
| .then(response => new this(JSON.parse(response.body)), errorHandler.bind(this)); | ||
| .then(response => new this(JSON.parse(response.body), keystore), errorHandler.bind(this)); | ||
| } | ||
@@ -884,0 +888,0 @@ |
| { | ||
| "name": "openid-client", | ||
| "version": "1.12.1", | ||
| "version": "1.13.0", | ||
| "description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js servers, supports passportjs", | ||
@@ -5,0 +5,0 @@ "main": "lib/index.js", |
@@ -97,5 +97,5 @@ # openid-client | ||
| ### manually (recommended) | ||
| You should provide the following metadata; `client_id, client_secret`. You can also provide | ||
| You should provide at least the following metadata; `client_id, client_secret`. You can also provide | ||
| `id_token_signed_response_alg` (defaults to `RS256`) and `token_endpoint_auth_method` (defaults to | ||
| `client_secret_basic`); | ||
| `client_secret_basic`). | ||
@@ -106,5 +106,8 @@ ```js | ||
| client_secret: 'TQV5U29k1gHibH5bx1layBo0OSAvAbRT3UYW3EWrSYBB5swxjVfWUa1BS8lqzxG/0v9wruMcrGadany3' | ||
| }); // => Client | ||
| }, [keystore]); // => Client | ||
| ``` | ||
| `keystore` is an optional argument for instantiating a client with configured asymmetrical | ||
| ID Token or UserInfo response encryption. | ||
| ### via registration client uri | ||
@@ -114,3 +117,3 @@ Should your oidc provider have provided you with a registration client uri and registration access | ||
| ```js | ||
| googleIssuer.Client.fromUri(registration_client_uri, registration_access_token) // => Promise | ||
| googleIssuer.Client.fromUri(registration_client_uri, registration_access_token, [keystore]) // => Promise | ||
| .then(function (client) { | ||
@@ -121,2 +124,5 @@ console.log('Discovered client %s', client); | ||
| `keystore` is an optional argument for instantiating a client through registration client uri | ||
| with configured asymmetrical ID Token or UserInfo response encryption. | ||
| ## Usage | ||
@@ -123,0 +129,0 @@ |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.96%
76118
- Lines of code
- increased by0.22%
1379
- Number of lines in readme file
- increased by1.35%
452