openid-client
Advanced tools
Comparing version 1.14.0 to 1.15.0
@@ -28,2 +28,7 @@ # openid-client CHANGELOG | ||
## Version 1.15.0 | ||
- [DIFF](https://github.com/panva/node-openid-client/compare/v1.14.0...v1.15.0) | ||
- added support for Request Objects encrypted with symmetrical keys | ||
- fixed PBES2 encryption to use client_secret derived symmetrical key instead of its full octet value | ||
## Version 1.14.0 | ||
@@ -30,0 +35,0 @@ - [DIFF](https://github.com/panva/node-openid-client/compare/v1.13.0...v1.14.0) |
@@ -626,4 +626,4 @@ 'use strict'; | ||
joseSecret(alg) { | ||
if (String(alg).match(/^A(128|192|256)(GCM)?KW$/)) { | ||
return this.derivedKey(RegExp.$1); | ||
if (String(alg).match(/^(?:A|PBES2.+)(\d{3})(GCM)?KW$/)) { | ||
return this.derivedKey(parseInt(RegExp.$1, 10)); | ||
} | ||
@@ -944,10 +944,22 @@ | ||
let keystoreOrSecret; | ||
if (fields.alg.match(/^(RSA|ECDH)/)) { | ||
keystoreOrSecret = this.issuer.key({ | ||
alg: fields.alg, | ||
enc: fields.enc, | ||
use: 'enc', | ||
}, true); | ||
} else { | ||
keystoreOrSecret = this.joseSecret(fields.alg); | ||
} | ||
if (fields.alg.startsWith('PBES2')) { | ||
fields.p2s = base64url(uuid()); | ||
fields.p2c = 4096; | ||
} | ||
/* eslint-disable arrow-body-style */ | ||
return this.issuer.key({ | ||
alg: algs.encrypt.alg, | ||
enc: algs.encrypt.enc, | ||
use: 'enc', | ||
}, true).then((key) => { | ||
return keystoreOrSecret.then((key) => { | ||
return signed.then((cleartext) => { | ||
return jose.JWE.createEncrypt({ format, fields }, { key }) | ||
return jose.JWE.createEncrypt({ format, fields }, { key, reference: key.kty !== 'oct' }) | ||
.update(cleartext) | ||
@@ -954,0 +966,0 @@ .final(); |
{ | ||
"name": "openid-client", | ||
"version": "1.14.0", | ||
"version": "1.15.0", | ||
"description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js servers, supports passportjs", | ||
@@ -5,0 +5,0 @@ "main": "lib/index.js", |
@@ -173,10 +173,10 @@ # openid-client | ||
// koa v1.x w/ koa-body | ||
// example koa v2.x w/ koa-body | ||
app.use(bodyParser({ patchNode: true })); | ||
app.use(function* (next) { | ||
const params = client.callbackParams(this.request.req); // => parsed url query, url fragment or body object | ||
app.use(async function (ctx, next) { | ||
const params = client.callbackParams(ctx.request.req); // => parsed url query, url fragment or body object | ||
// ... | ||
}); | ||
// express w/ bodyParser | ||
// example express w/ bodyParser | ||
app.use(bodyParser.urlencoded({ extended: false })); | ||
@@ -183,0 +183,0 @@ app.use(function (req, res, next) { |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
77286
1390