openid-client - npm Package Compare versions

Comparing version 4.2.1 to 4.2.2

CHANGELOG.md

@@ -5,2 +5,9 @@ # Changelog
 
+## [4.2.2](https://github.com/panva/node-openid-client/compare/v4.2.1...v4.2.2) (2020-11-30)
+
+
+### Bug Fixes
+
+* push pkce <> response type resolution to the authenticate function ([1970af4](https://github.com/panva/node-openid-client/commit/1970af41dc0cd62d44efb1f0a48bdc2a70bcd608)), closes [#312](https://github.com/panva/node-openid-client/issues/312)
+
 ## [4.2.1](https://github.com/panva/node-openid-client/compare/v4.2.0...v4.2.1) (2020-10-27)
@@ -7,0 +14,0 @@

lib/passport_strategy.js

@@ -32,3 +32,3 @@ /* eslint-disable no-underscore-dangle */
   sessionKey,
-  usePKCE,
+  usePKCE = true,
   extras = {},
@@ -61,3 +61,3 @@ } = {}, verify) {
 
-  if (this._usePKCE === true || (typeof this._usePKCE === 'undefined' && this._params.response_type.includes('code'))) {
+  if (this._usePKCE === true) {
     const supportedMethods = Array.isArray(this._issuer.code_challenge_methods_supported)
@@ -106,3 +106,3 @@ ? this._issuer.code_challenge_methods_supported : false;
 
-      if (this._usePKCE) {
+      if (this._usePKCE && params.response_type.includes('code')) {
         const verifier = random();
@@ -109,0 +109,0 @@ req.session[sessionKey].code_verifier = verifier;

package.json

 {
   "name": "openid-client",
-  "version": "4.2.1",
+  "version": "4.2.2",
   "description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js runtime, supports passportjs",
@@ -5,0 +5,0 @@ "keywords": [

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

171393

increased by0.18%

No dependency changes