openid-client - npm Package Compare versions

Comparing version 3.9.1 to 3.9.2

CHANGELOG.md

@@ -5,2 +5,11 @@ # Change Log
 
+## [3.9.2](https://github.com/panva/node-openid-client/compare/v3.9.1...v3.9.2) (2019-12-17)
+
+
+### Bug Fixes
+
+* skip validating iat is in the past ([0791001](https://github.com/panva/node-openid-client/commit/0791001a6e0244ac3fbde8b9e6cf206d97f82fbe))
+
+
+
 ## [3.9.1](https://github.com/panva/node-openid-client/compare/v3.9.0...v3.9.1) (2019-12-15)
@@ -7,0 +16,0 @@

lib/client.js

@@ -694,8 +694,2 @@ /* eslint-disable max-classes-per-file */
       }
-      if (payload.iat > timestamp + this[CLOCK_TOLERANCE]) {
-        throw new RPError({
-          printf: ['id_token issued in the future, now %i, iat %i', timestamp + this[CLOCK_TOLERANCE], payload.iat],
-          jwt: idToken,
-        });
-      }
     }
@@ -702,0 +696,0 @@

package.json

 {
   "name": "openid-client",
-  "version": "3.9.1",
+  "version": "3.9.2",
   "description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js runtime, supports passportjs",
@@ -46,3 +46,3 @@ "keywords": [
     "got": "^9.6.0",
-    "jose": "^1.16.2",
+    "jose": "^1.17.2",
     "lodash": "^4.17.15",
@@ -63,3 +63,3 @@ "lru-cache": "^5.1.1",
     "eslint-config-airbnb-base": "^14.0.0",
-    "eslint-plugin-import": "^2.18.2",
+    "eslint-plugin-import": "^2.19.1",
     "husky": "^3.1.0",
@@ -66,0 +66,0 @@ "mocha": "^6.2.2",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

147758

Worsened metrics

Lines of code

2903

decreased by-0.21%

Dependency changes

• Updatedjose@^1.17.2