openid-client - npm Package Compare versions

		@@ -11,4 +11,2 @@ # openid-client CHANGELOG
		- [Version 1.1.0](#version-110)
		- [Version 1.0.2](#version-102)
		- [Version 1.0.1](#version-101)
		- [Version 1.0.0](#version-100)
		@@ -21,2 +19,7 @@ - [Migrating from 0.x to 1.0](#migrating-from-0x-to-10)
		## Version 1.3.0
		### Version 1.3.1
		- [DIFF](https://github.com/panva/node-openid-client/compare/v1.3.0...v1.3.1)
		- added error messages when expected response is missing

		### Version 1.3.0
		- [DIFF](https://github.com/panva/node-openid-client/compare/v1.2.0...v1.3.0)
		@@ -34,11 +37,12 @@ - added `#requestObject` method to Client to return signed and/or encrypted Request Object

		## Version 1.0.2
		## Version 1.0.0
		### Version 1.0.2
		- [DIFF](https://github.com/panva/node-openid-client/compare/v1.0.1...v1.0.2)
		- fixed signed userinfo response validation in case iss, aud and similar ID Token claims are missing

		## Version 1.0.1
		### Version 1.0.1
		- [DIFF](https://github.com/panva/node-openid-client/compare/v1.0.0...v1.0.1)
		- Updated uuid dependency

		## Version 1.0.0
		### Version 1.0.0
		RP test tools are passing, no changes required from the library, API is declared stable, hence 1.0.0
		@@ -45,0 +49,0 @@ release.

lib/client.js

		@@ -17,2 +17,3 @@ 'use strict';
		const gotErrorHandler = require('./got_error_handler');
		const expectResponse = require('./expect_response');
		const TokenSet = require('./token_set');
		@@ -135,6 +136,9 @@ const OpenIdConnectError = require('./open_id_connect_error');
		constructor(metadata, keystore) {
		_.forEach(_.defaults(_.pick(metadata, CLIENT_METADATA), CLIENT_DEFAULTS), (value, key) => {
		instance(this)[key] = value;
		});
		const recognized = _.chain(metadata)
		.pick(CLIENT_METADATA)
		.defaults(CLIENT_DEFAULTS)
		.value();

		_.forEach(recognized, (value, key) => { instance(this)[key] = value; });

		if (keystore !== undefined) {
		@@ -467,2 +471,3 @@ assert(jose.JWK.isKeyStore(keystore), 'keystore must be an instance of jose.JWK.KeyStore');
		return got[verb](this.issuer.userinfo_endpoint, this.issuer.httpOptions(httpOptions))
		.then(expectResponse(200))
		.then((response) => {
		@@ -586,4 +591,4 @@ if (JWT_CONTENT.exec(response.headers['content-type'])) {
		return Promise.resolve(this.grantAuth())
		.then(auth => got.post(endpoint, this.issuer.httpOptions(_.merge(httpOptions, auth)))
		.then(success, gotErrorHandler));
		.then(auth => got.post(endpoint, this.issuer.httpOptions(_.merge(httpOptions, auth)))
		.then(success, gotErrorHandler));
		}
		@@ -608,3 +613,8 @@
		if (!alg) {
		const algz = _.uniq(_.flatten(_.map(instance(this).keystore.all(), key => key.algorithms('sign'))));
		const algz = _.chain(instance(this).keystore.all())
		.map(key => key.algorithms('sign'))
		.flatten()
		.uniq()
		.value();

		alg = _.find(this.issuer.token_endpoint_auth_signing_alg_values_supported,
		@@ -685,7 +695,9 @@ signAlg => algz.indexOf(signAlg) !== -1);
		headers: { 'Content-Type': 'application/json' },
		})).then(response => new this(JSON.parse(response.body), keystore), gotErrorHandler);
		}))
		.then(expectResponse(201))
		.then(response => new this(JSON.parse(response.body), keystore), gotErrorHandler);
		}

		get metadata() {
		return _.omitBy(_.pick(this, CLIENT_METADATA), _.isUndefined);
		return _.chain(this).pick(CLIENT_METADATA).omitBy(_.isUndefined).value();
		}
		@@ -696,3 +708,5 @@
		headers: { Authorization: bearer(token) },
		})).then(response => new this(JSON.parse(response.body)), gotErrorHandler);
		}))
		.then(expectResponse(200))
		.then(response => new this(JSON.parse(response.body)), gotErrorHandler);
		}
		@@ -699,0 +713,0 @@

lib/got_error_handler.js

		@@ -7,4 +7,4 @@ 'use strict';
		module.exports = function gotErrorHandler(err) {
		if (isStandardError(err)) throw new OpenIdConnectError(err.response.body);
		if (isStandardError(err)) throw new OpenIdConnectError(err.response.body, err.response);
		throw err;
		};

lib/issuer.js

		@@ -21,2 +21,3 @@ 'use strict';
		const registry = require('./issuer_registry');
		const expectResponse = require('./expect_response');
		const webfingerNormalize = require('./webfinger_normalize');
		@@ -42,6 +43,9 @@
		constructor(metadata) {
		_.forEach(_.defaults(_.pick(metadata, ISSUER_METADATA), ISSUER_DEFAULTS), (value, key) => {
		instance(this)[key] = value;
		});
		const recognized = _.chain(metadata)
		.pick(ISSUER_METADATA)
		.defaults(ISSUER_DEFAULTS)
		.value();

		_.forEach(recognized, (value, key) => { instance(this)[key] = value; });

		instance(this).cache = new LRU({ max: 100 });
		@@ -77,9 +81,10 @@
		return got(this.jwks_uri, this.httpOptions())
		.then(response => JSON.parse(response.body), gotErrorHandler)
		.then(jwks => jose.JWK.asKeyStore(jwks))
		.then((joseKeyStore) => {
		lookupCache.set('throttle', true, 60 * 1000);
		instance(this).keystore = joseKeyStore;
		return joseKeyStore;
		});
		.then(expectResponse(200))
		.then(response => JSON.parse(response.body), gotErrorHandler)
		.then(jwks => jose.JWK.asKeyStore(jwks))
		.then((joseKeyStore) => {
		lookupCache.set('throttle', true, 60 * 1000);
		instance(this).keystore = joseKeyStore;
		return joseKeyStore;
		});
		}
		@@ -117,4 +122,6 @@
		const opts = { query, followRedirect: true };
		const webfingerUrl = `https://${host}${WEBFINGER}`;

		return got(`https://${host}${WEBFINGER}`, this.httpOptions(opts))
		return got(webfingerUrl, this.httpOptions(opts))
		.then(expectResponse(200))
		.then(response => JSON.parse(response.body))
		@@ -145,2 +152,3 @@ .then((body) => {
		return got(wellKnownUri, this.httpOptions())
		.then(expectResponse(200))
		.then(response => new this(JSON.parse(response.body)), gotErrorHandler);
		@@ -147,0 +155,0 @@ }

lib/open_id_connect_error.js

		@@ -5,10 +5,15 @@ 'use strict';

		module.exports = createErrorClass('OpenIdConnectError', function stdError(response) {
		module.exports = createErrorClass('OpenIdConnectError', function stdError(body, response) {
		if (response) {
		Object.defineProperty(this, 'response', {
		value: response,
		});
		}
		Object.assign(this, {
		message: response.error,
		error: response.error,
		error_description: response.error_description,
		state: response.state,
		scope: response.scope,
		message: body.error,
		error: body.error,
		error_description: body.error_description,
		state: body.state,
		scope: body.scope,
		});
		});

package.json

		{
		"name": "openid-client",
		"version": "1.3.0",
		"version": "1.3.1",
		"description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js",
		@@ -24,3 +24,7 @@ "main": "lib/index.js",
		"oidc",
		"auth",
		"authentication",
		"identity",
		"oauth",
		"certified",
		"oauth2"
		@@ -27,0 +31,0 @@ ],

README.md

		@@ -12,2 +12,3 @@ # openid-client
		- [Implemented specs & features](#implemented-specs--features)
		- [Certification](#certification)
		- [Example](#example)
		@@ -53,2 +54,10 @@ - [Get started](#get-started)


		## Certification
		[![OpenId Certification][openid-certified-logo]][openid-certified-link]

		[OpenID Certified™][openid-certified-link] by Filip Skokan to the RP Basic, RP Implicit, RP Hybrid,
		RP Config and RP Dynamic profiles of the OpenID Connect™ protocol.


		## Example
		@@ -384,1 +393,3 @@ Head over to the example folder to see the library in use. This example is deployed and configured
		[signed-userinfo]: http://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse
		[openid-certified-link]: http://openid.net/certification/
		[openid-certified-logo]: https://cdn.rawgit.com/panva/node-openid-client/master/OpenID_Certified.png

Improved metrics

Worsened metrics