openid-client - npm Package Compare versions

Comparing version 3.14.0 to 3.14.1

CHANGELOG.md

		@@ -5,2 +5,11 @@ # Change Log

		## [3.14.1](https://github.com/panva/node-openid-client/compare/v3.14.0...v3.14.1) (2020-03-21)


		### Bug Fixes

		* assert refresh_token grant ID Token sub to equal previous ([23f3f9f](https://github.com/panva/node-openid-client/commit/23f3f9fcb88c157cf9bbfa7cc2444e07f0cedc18))



		# [3.14.0](https://github.com/panva/node-openid-client/compare/v3.13.0...v3.14.0) (2020-02-28)
		@@ -7,0 +16,0 @@

lib/client.js

		@@ -991,2 +991,13 @@ /* eslint-disable max-classes-per-file */
		await this.validateIdToken(tokenset, null, 'token', null);

		if (refreshToken instanceof TokenSet && refreshToken.id_token) {
		const expectedSub = refreshToken.claims().sub;
		const actualSub = tokenset.claims().sub;
		if (actualSub !== expectedSub) {
		throw new RPError({
		printf: ['sub mismatch, expected %s, got: %s', expectedSub, actualSub],
		jwt: tokenset.id_token,
		});
		}
		}
		}
		@@ -993,0 +1004,0 @@

package.json

		{
		"name": "openid-client",
		"version": "3.14.0",
		"version": "3.14.1",
		"description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js runtime, supports passportjs",
		@@ -38,3 +38,4 @@ "keywords": [
		"coverage": "nyc mocha test/*/.test.js",
		"lint": "eslint lib test && dtslint types",
		"lint": "eslint lib test",
		"lint-ts": "npx typescript@~3.6.0 --build types",
		"lint-fix": "eslint lib test --fix",
		@@ -47,6 +48,6 @@ "test": "mocha test/*/.test.js"
		"got": "^9.6.0",
		"jose": "^1.23.0",
		"jose": "^1.25.0",
		"lodash": "^4.17.15",
		"lru-cache": "^5.1.1",
		"make-error": "^1.3.5",
		"make-error": "^1.3.6",
		"object-hash": "^2.0.1",
		@@ -59,14 +60,13 @@ "oidc-token-hash": "^5.0.0",
		"@commitlint/config-conventional": "^8.3.4",
		"@types/passport": "^1.0.2",
		"@types/passport": "^1.0.3",
		"chai": "^4.2.0",
		"dtslint": "^2.0.5",
		"eslint": "^6.8.0",
		"eslint-config-airbnb-base": "^14.0.0",
		"eslint-config-airbnb-base": "^14.1.0",
		"eslint-plugin-import": "^2.19.1",
		"husky": "^4.0.0",
		"mocha": "^7.0.0",
		"nock": "^11.7.1",
		"nock": "^12.0.1",
		"nyc": "^15.0.0",
		"readable-mock-req": "^0.2.2",
		"sinon": "^8.0.4",
		"sinon": "^9.0.0",
		"timekeeper": "^2.2.0"
		@@ -73,0 +73,0 @@ },

README.md

		@@ -39,3 +39,3 @@ # openid-client
		- [RFC8628 - OAuth 2.0 Device Authorization Grant (Device Flow)][feature-device-flow]
		- [draft-ietf-oauth-mtls - OAuth 2.0 Mutual TLS Client Authentication and Certificate-Bound Access Tokens][feature-mtls]
		- [RFC8705 - OAuth 2.0 Mutual TLS Client Authentication and Certificate-Bound Access Tokens][feature-mtls]
		- Mutual TLS Client Certificate-Bound Access Tokens
		@@ -298,3 +298,3 @@ - Metadata for Mutual TLS Endpoint Aliases
		[feature-introspection]: https://tools.ietf.org/html/rfc7662
		[feature-mtls]: https://tools.ietf.org/html/draft-ietf-oauth-mtls-17
		[feature-mtls]: https://tools.ietf.org/html/rfc8705
		[feature-device-flow]: https://tools.ietf.org/html/rfc8628
		@@ -301,0 +301,0 @@ [feature-rp-logout]: https://openid.net/specs/openid-connect-session-1_0.html#RPLogout

types/index.d.ts

		/// <reference types="node" />
		// TypeScript Version: 3.6

		/* tslint:disable:strict-export-declare-modifiers */

		/**
		@@ -7,0 +5,0 @@ * @see https://github.com/panva/node-openid-client/blob/master/docs/README.md

New alerts