openid-client - npm Package Compare versions

Comparing version 1.19.3 to 1.19.4

CHANGELOG.md

		@@ -34,2 +34,6 @@ # openid-client CHANGELOG
		## Version 1.19.x
		### Version 1.19.4
		- [DIFF](https://github.com/panva/node-openid-client/compare/v1.19.3...v1.19.4)
		- fixed edge cases of (and simplified) private id token decryption method

		### Version 1.19.3
		@@ -36,0 +40,0 @@ - [DIFF](https://github.com/panva/node-openid-client/compare/v1.19.2...v1.19.3)

lib/client.js

		@@ -320,3 +320,3 @@ 'use strict';
		promise = Promise.resolve(new TokenSet(params))
		.then(tokenset => this.decryptIdToken(tokenset, 'id_token'))
		.then(tokenset => this.decryptIdToken(tokenset))
		.then(tokenset => this.validateIdToken(tokenset, toCheck.nonce, 'authorization', toCheck.max_age, toCheck.state));
		@@ -333,3 +333,3 @@ }
		})
		.then(tokenset => this.decryptIdToken(tokenset, 'id_token'))
		.then(tokenset => this.decryptIdToken(tokenset))
		.then(tokenset => this.validateIdToken(tokenset, toCheck.nonce, 'token', toCheck.max_age))
		@@ -384,6 +384,5 @@ .then((tokenset) => {
		decryptIdToken(token, use) {
		if (
		(use === 'userinfo' && !this.userinfo_encrypted_response_alg) \|\|
		(use === 'id_token' && !this.id_token_encrypted_response_alg)
		) {
		if (!use) use = 'id_token'; // eslint-disable-line no-param-reassign

		if (!this[`${use}_encrypted_response_alg`]) {
		return Promise.resolve(token);
		@@ -399,13 +398,5 @@ }

		let expectedAlg;
		let expectedEnc;
		const expectedAlg = this[`${use}_encrypted_response_alg`];
		const expectedEnc = this[`${use}_encrypted_response_enc`];

		if (use === 'userinfo') {
		expectedAlg = this.userinfo_encrypted_response_alg;
		expectedEnc = this.userinfo_encrypted_response_enc;
		} else {
		expectedAlg = this.id_token_encrypted_response_alg;
		expectedEnc = this.id_token_encrypted_response_enc;
		}

		const header = JSON.parse(base64url.decode(idToken.split('.')[0]));
		@@ -566,3 +557,3 @@
		}
		return this.decryptIdToken(tokenset, 'id_token')
		return this.decryptIdToken(tokenset)
		.then(() => this.validateIdToken(tokenset, null, 'token', null));
		@@ -569,0 +560,0 @@ });

package.json

		{
		"name": "openid-client",
		"version": "1.19.3",
		"version": "1.19.4",
		"description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js servers, supports passportjs",
		"main": "lib/index.js",
		"scripts": {
		"coverage": "nyc mocha",
		"test": "mocha",
		"lint": "eslint lib example test",
		"lint-fix": "eslint lib example test --fix"
		},
		"repository": "panva/node-openid-client",
		"engines": {
		"node": ">=4"
		},
		"homepage": "https://github.com/panva/node-openid-client",
		"keywords": [
		"openid",
		"connect",
		"client",
		"relying",
		"party",
		"oidc",
		"auth",
		"authentication",
		"basic",
		"certified",
		"client",
		"config",
		"connect",
		"dynamic",
		"hybrid",
		"identity",
		"implicit",
		"oauth",
		"oauth2",
		"oidc",
		"openid",
		"party",
		"passport",
		"passportjs",
		"strategy",
		"certified",
		"dynamic",
		"config",
		"basic",
		"hybrid",
		"implicit",
		"oauth2"
		"relying",
		"strategy"
		],
		"homepage": "https://github.com/panva/node-openid-client",
		"license": "MIT",
		"author": "Filip Skokan <panva.ip@gmail.com>",
		"license": "MIT",
		"files": [
		"lib"
		],
		"main": "lib/index.js",
		"repository": "panva/node-openid-client",
		"scripts": {
		"coverage": "nyc mocha",
		"lint": "eslint lib example test",
		"lint-fix": "eslint lib example test --fix",
		"test": "mocha"
		},
		"pre-commit": [
		"coverage",
		"lint"
		],
		"dependencies": {
		"base64url": "^2.0.0",
		"create-error-class": "^3.0.2",
		"got": "^8.0.0",
		"lodash": "^4.13.1",
		"lru-cache": "^4.0.1",
		"node-jose": "^0.11.0",
		"oidc-token-hash": "^2.0.0",
		"uuid": "^3.0.0"
		},
		"devDependencies": {
		@@ -63,11 +74,4 @@ "chai": "^4.0.0",
		},
		"dependencies": {
		"base64url": "^2.0.0",
		"create-error-class": "^3.0.2",
		"got": "^8.0.0",
		"lodash": "^4.13.1",
		"lru-cache": "^4.0.1",
		"node-jose": "^0.11.0",
		"oidc-token-hash": "^2.0.0",
		"uuid": "^3.0.0"
		"engines": {
		"node": ">=4"
		},
		@@ -74,0 +78,0 @@ "nyc": {

README.md

		@@ -10,3 +10,2 @@ # openid-client

		<!-- TOC START min:2 max:2 link:true update:true -->
		- [Implemented specs & features](#implemented-specs--features)
		@@ -20,5 +19,3 @@ - [Certification](#certification)

		<!-- TOC END -->


		## Implemented specs & features
		@@ -47,3 +44,3 @@
		- Discovery of OpenID Provider (Issuer) Metadata
		- Discovery of OpenID Provider (Issuer) Metadata via user provided inputs (see #WebFinger)
		- Discovery of OpenID Provider (Issuer) Metadata via user provided inputs (see [WebFinger](#webfinger-discovery))
		- [OpenID Connect Dynamic Client Registration 1.0 incorporating errata set 1][feature-registration]
		@@ -66,2 +63,18 @@ - Dynamic Client Registration request


		## Sponsor
		<table>
		<tbody>
		<tr>
		<td>
		<img alt="auth0-logo" src="https://avatars.githubusercontent.com/u/2824157?s=75&v=4" style="max-width:100%;">
		</td>
		<td colspan="2">
		If you want to quickly add OpenID Connect authentication to Node.js apps, feel free to check out Auth0's Node.js SDK and free plan at <a href="https://auth0.com/overview?utm_source=GHsponsor&utm_medium=GHsponsor&utm_campaign=openid-client&utm_content=auth">auth0.com/overview</a>.
		</td>
		</tr>
		</tbody>
		</table>


		## Example
		@@ -68,0 +81,0 @@ Head over to the example folder to see the library in use. This example is deployed and configured

openid-client - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics