openid-client - npm Package Compare versions

Comparing version 4.7.5 to 4.8.0

lib/client.js

@@ -1554,2 +1554,53 @@ /* eslint-disable max-classes-per-file */
   /**
+   * @name pushedAuthorizationRequest
+   * @api public
+   */
+  async pushedAuthorizationRequest(params = {}, { clientAssertionPayload } = {}) {
+    assertIssuerConfiguration(this.issuer, 'pushed_authorization_request_endpoint');
+
+    const body = {
+      ...('request' in params ? params : authorizationParams.call(this, params)),
+      client_id: this.client_id,
+    };
+
+    const response = await authenticatedPost.call(
+      this,
+      'pushed_authorization_request',
+      {
+        responseType: 'json',
+        form: body,
+      },
+      { clientAssertionPayload, endpointAuthMethod: 'token' },
+    );
+    const responseBody = processResponse(response, { statusCode: 201 });
+
+    if (!('expires_in' in responseBody)) {
+      throw new RPError({
+        message: 'expected expires_in in Pushed Authorization Successful Response',
+        response,
+      });
+    }
+    if (typeof responseBody.expires_in !== 'number') {
+      throw new RPError({
+        message: 'invalid expires_in value in Pushed Authorization Successful Response',
+        response,
+      });
+    }
+    if (!('request_uri' in responseBody)) {
+      throw new RPError({
+        message: 'expected request_uri in Pushed Authorization Successful Response',
+        response,
+      });
+    }
+    if (typeof responseBody.request_uri !== 'string') {
+      throw new RPError({
+        message: 'invalid request_uri value in Pushed Authorization Successful Response',
+        response,
+      });
+    }
+
+    return responseBody;
+  }
+
+  /**
    * @name issuer
@@ -1664,70 +1715,2 @@ * @api public
 
-/**
- * @name pushedAuthorizationRequest
- * @api public
- */
-async function pushedAuthorizationRequest(params = {}, { clientAssertionPayload } = {}) {
-  assertIssuerConfiguration(this.issuer, 'pushed_authorization_request_endpoint');
-
-  const body = {
-    ...('request' in params ? params : authorizationParams.call(this, params)),
-    client_id: this.client_id,
-  };
-
-  const response = await authenticatedPost.call(
-    this,
-    'pushed_authorization_request',
-    {
-      responseType: 'json',
-      form: body,
-    },
-    { clientAssertionPayload, endpointAuthMethod: 'token' },
-  );
-  const responseBody = processResponse(response, { statusCode: 201 });
-
-  if (!('expires_in' in responseBody)) {
-    throw new RPError({
-      message: 'expected expires_in in Pushed Authorization Successful Response',
-      response,
-    });
-  }
-  if (typeof responseBody.expires_in !== 'number') {
-    throw new RPError({
-      message: 'invalid expires_in value in Pushed Authorization Successful Response',
-      response,
-    });
-  }
-  if (!('request_uri' in responseBody)) {
-    throw new RPError({
-      message: 'expected request_uri in Pushed Authorization Successful Response',
-      response,
-    });
-  }
-  if (typeof responseBody.request_uri !== 'string') {
-    throw new RPError({
-      message: 'invalid request_uri value in Pushed Authorization Successful Response',
-      response,
-    });
-  }
-
-  return responseBody;
-}
-
-Object.defineProperty(BaseClient.prototype, 'pushedAuthorizationRequest', {
-  enumerable: true,
-  configurable: true,
-  value(...args) {
-    process.emitWarning(
-      'The Pushed Authorization Requests APIs implements an IETF draft. Breaking draft implementations are included as minor versions of the openid-client library, therefore, the ~ semver operator should be used and close attention be payed to library changelog as well as the drafts themselves.',
-      'DraftWarning',
-    );
-    Object.defineProperty(BaseClient.prototype, 'pushedAuthorizationRequest', {
-      enumerable: true,
-      configurable: true,
-      value: pushedAuthorizationRequest,
-    });
-    return this.pushedAuthorizationRequest(...args);
-  },
-});
-
 module.exports.BaseClient = BaseClient;

package.json

 {
   "name": "openid-client",
-  "version": "4.7.5",
+  "version": "4.8.0",
   "description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js runtime, supports passportjs",
@@ -46,3 +46,2 @@ "keywords": [
     "lint-fix": "eslint lib test --fix",
-    "lint-ts": "npx typescript@~3.6.0 --build types",
     "test": "mocha test/**/*.test.js"
@@ -49,0 +48,0 @@ },

README.md

@@ -45,2 +45,4 @@ # openid-client
     - self_signed_tls_client_auth
+- [RFC9101 - OAuth 2.0 JWT-Secured Authorization Request (JAR)][feature-jar]
+- [RFC9126 - OAuth 2.0 Pushed Authorization Requests (PAR)][feature-par]
 - [OpenID Connect Session Management 1.0 - draft 28][feature-rp-logout]
@@ -51,3 +53,2 @@ - RP-Initiated Logout
 - [OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer (DPoP) - draft 01][feature-dpop]
-- [OAuth 2.0 Pushed Authorization Requests (PAR) - draft 06][feature-par]
 
@@ -302,3 +303,4 @@ Updates to draft specifications (DPoP, JARM, and FAPI) are released as MINOR library versions,
 [feature-dpop]: https://tools.ietf.org/html/draft-ietf-oauth-dpop-01
-[feature-par]: https://tools.ietf.org/html/draft-ietf-oauth-par-06
+[feature-par]: https://www.rfc-editor.org/rfc/rfc9126.html
+[feature-jar]: https://www.rfc-editor.org/rfc/rfc9101.html
 [openid-certified-link]: https://openid.net/certification/
@@ -305,0 +307,0 @@ [passport-url]: http://passportjs.org

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Number of lines in readme file

318

increased by0.63%

Worsened metrics

Total package byte prevSize

133547

decreased by-0.43%

Lines of code

3452

decreased by-0.46%

No dependency changes