openid-client
Advanced tools
Comparing version 3.0.0 to 3.1.0
@@ -5,2 +5,11 @@ # Change Log | ||
# [3.1.0](https://github.com/panva/node-openid-client/compare/v3.0.0...v3.1.0) (2019-05-13) | ||
### Features | ||
* add helpers for generating secure random values & PKCE challenges ([44f1865](https://github.com/panva/node-openid-client/commit/44f1865)) | ||
# [3.0.0](https://github.com/panva/node-openid-client/compare/v2.5.0...v3.0.0) (2019-05-11) | ||
@@ -7,0 +16,0 @@ |
@@ -15,3 +15,3 @@ const { inspect } = require('util'); | ||
const { assertSigningAlgValuesSupport, assertIssuerConfiguration } = require('./util/assert'); | ||
const { assertSigningAlgValuesSupport, assertIssuerConfiguration } = require('./helpers/assert'); | ||
const pick = require('./helpers/pick'); | ||
@@ -21,5 +21,5 @@ const processResponse = require('./helpers/process_response'); | ||
const { OPError, RPError } = require('./errors'); | ||
const now = require('./util/unix_timestamp'); | ||
const random = require('./util/random'); | ||
const request = require('./util/request'); | ||
const now = require('./helpers/unix_timestamp'); | ||
const { random } = require('./helpers/generators'); | ||
const request = require('./helpers/request'); | ||
const { | ||
@@ -26,0 +26,0 @@ CALLBACK_PROPERTIES, CLIENT_DEFAULTS, JWT_CONTENT, CLOCK_TOLERANCE, |
const { merge } = require('lodash'); | ||
const jose = require('@panva/jose'); | ||
const { assertIssuerConfiguration } = require('../util/assert'); | ||
const random = require('../util/random'); | ||
const now = require('../util/unix_timestamp'); | ||
const request = require('../util/request'); | ||
const { assertIssuerConfiguration } = require('./assert'); | ||
const { random } = require('./generators'); | ||
const now = require('./unix_timestamp'); | ||
const request = require('./request'); | ||
const instance = require('./weak_cache'); | ||
@@ -10,0 +9,0 @@ |
@@ -7,2 +7,3 @@ const Issuer = require('./issuer'); | ||
const { CLOCK_TOLERANCE, HTTP_OPTIONS } = require('./helpers/consts'); | ||
const generators = require('./helpers/generators'); | ||
@@ -22,2 +23,3 @@ module.exports = { | ||
}, | ||
generators, | ||
}; |
@@ -13,6 +13,6 @@ const { inspect } = require('util'); | ||
const processResponse = require('./helpers/process_response'); | ||
const webfingerNormalize = require('./util/webfinger_normalize'); | ||
const webfingerNormalize = require('./helpers/webfinger_normalize'); | ||
const instance = require('./helpers/weak_cache'); | ||
const request = require('./util/request'); | ||
const { assertIssuerConfiguration } = require('./util/assert'); | ||
const request = require('./helpers/request'); | ||
const { assertIssuerConfiguration } = require('./helpers/assert'); | ||
const { | ||
@@ -19,0 +19,0 @@ ISSUER_DEFAULTS, OIDC_DISCOVERY, OAUTH2_DISCOVERY, WEBFINGER, REL, AAD_MULTITENANT_DISCOVERY, |
@@ -11,3 +11,3 @@ /* eslint-disable no-underscore-dangle */ | ||
const { BaseClient } = require('./client'); | ||
const random = require('./util/random'); | ||
const { random, codeChallenge } = require('./helpers/generators'); | ||
const pick = require('./helpers/pick'); | ||
@@ -110,3 +110,3 @@ const { resolveResponseType, resolveRedirectUri } = require('./helpers/client'); | ||
case 'S256': | ||
params.code_challenge = base64url.encode(crypto.createHash('sha256').update(verifier).digest()); | ||
params.code_challenge = codeChallenge(verifier); | ||
params.code_challenge_method = 'S256'; | ||
@@ -113,0 +113,0 @@ break; |
const base64url = require('base64url'); | ||
const now = require('./util/unix_timestamp'); | ||
const now = require('./helpers/unix_timestamp'); | ||
@@ -5,0 +5,0 @@ class TokenSet { |
{ | ||
"name": "openid-client", | ||
"version": "3.0.0", | ||
"version": "3.1.0", | ||
"description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js runtime, supports passportjs", | ||
@@ -5,0 +5,0 @@ "keywords": [ |
@@ -82,2 +82,3 @@ # openid-client | ||
- [Strategy][documentation-strategy] | ||
- [generators][documentation-generators] | ||
- [errors][documentation-errors] | ||
@@ -124,11 +125,8 @@ | ||
```js | ||
const code_verifier = crypto.randomBytes(32).toString('hex'); | ||
const { generators } = require('openid-client'); | ||
const code_verifier = generators.codeVerifier(); | ||
// store the code_verifier in your framework's session mechanism, if it is a cookie based solution | ||
// it should be httpOnly (not readable by javascript) and encrypted. | ||
// sha256 digest of the code_verifier in base64url with no padding | ||
const challenge = crypto.createHash('sha256') | ||
.update(code_verifier) | ||
.digest('base64') | ||
.replace(/=/g, '').replace(/\+/g, '-').replace(/\//g, '_'); | ||
const code_challenge = generators.codeChallenge(verifier); | ||
@@ -138,3 +136,3 @@ client.authorizationUrl({ | ||
resource: 'https://my.api.example.com/resource/32178', | ||
code_challenge: challenge, | ||
code_challenge, | ||
code_challenge_method: 'S256', | ||
@@ -196,5 +194,7 @@ }); | ||
```js | ||
const nonce = crypto.randomBytes(32).toString('hex'); | ||
const { generators } = require('openid-client'); | ||
const nonce = generators.nonce(); | ||
// store the nonce in your framework's session mechanism, if it is a cookie based solution | ||
// it should be httpOnly (not readable by javascript) and encrypted. | ||
client.authorizationUrl({ | ||
@@ -278,2 +278,3 @@ scope: 'openid email profile', | ||
[documentation-errors]: https://github.com/panva/node-openid-client/blob/master/docs/README.md#errors | ||
[documentation-generators]: https://github.com/panva/node-openid-client/blob/master/docs/README.md#generators | ||
[documentation-methods]: https://github.com/panva/node-openid-client/blob/master/docs/README.md#client-authentication-methods |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
105121
2011
276
2