openid-client
Advanced tools
Comparing version 1.5.2 to 1.5.3
@@ -20,2 +20,6 @@ # openid-client CHANGELOG | ||
## Version 1.5.0 | ||
### Version 1.5.3 | ||
- [DIFF](https://github.com/panva/node-openid-client/compare/v1.5.2...v1.5.3) | ||
- fixed an ID Token validation for ID Token returned by Token Endpoint that includes c_hash | ||
### Version 1.5.2 | ||
@@ -22,0 +26,0 @@ - [DIFF](https://github.com/panva/node-openid-client/compare/v1.5.1...v1.5.2) |
@@ -421,3 +421,3 @@ 'use strict'; | ||
if (isTokenSet && payloadObject.c_hash !== undefined) { | ||
if (isTokenSet && payloadObject.c_hash !== undefined && token.code) { | ||
assert(tokenHash(payloadObject.c_hash, token.code), 'c_hash mismatch'); | ||
@@ -424,0 +424,0 @@ } |
@@ -44,3 +44,4 @@ 'use strict'; | ||
this._verify = verify; | ||
const params = this._params = opts.params || {}; | ||
this._params = opts.params || {}; | ||
const params = this._params; | ||
@@ -47,0 +48,0 @@ this.name = url.parse(client.issuer.issuer).hostname; |
{ | ||
"name": "openid-client", | ||
"version": "1.5.2", | ||
"version": "1.5.3", | ||
"description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js servers, supports passportjs", | ||
@@ -5,0 +5,0 @@ "main": "lib/index.js", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
67836
1209