openid-client
Advanced tools
Comparing version 4.7.5 to 4.8.0
@@ -1554,2 +1554,53 @@ /* eslint-disable max-classes-per-file */ | ||
/** | ||
* @name pushedAuthorizationRequest | ||
* @api public | ||
*/ | ||
async pushedAuthorizationRequest(params = {}, { clientAssertionPayload } = {}) { | ||
assertIssuerConfiguration(this.issuer, 'pushed_authorization_request_endpoint'); | ||
const body = { | ||
...('request' in params ? params : authorizationParams.call(this, params)), | ||
client_id: this.client_id, | ||
}; | ||
const response = await authenticatedPost.call( | ||
this, | ||
'pushed_authorization_request', | ||
{ | ||
responseType: 'json', | ||
form: body, | ||
}, | ||
{ clientAssertionPayload, endpointAuthMethod: 'token' }, | ||
); | ||
const responseBody = processResponse(response, { statusCode: 201 }); | ||
if (!('expires_in' in responseBody)) { | ||
throw new RPError({ | ||
message: 'expected expires_in in Pushed Authorization Successful Response', | ||
response, | ||
}); | ||
} | ||
if (typeof responseBody.expires_in !== 'number') { | ||
throw new RPError({ | ||
message: 'invalid expires_in value in Pushed Authorization Successful Response', | ||
response, | ||
}); | ||
} | ||
if (!('request_uri' in responseBody)) { | ||
throw new RPError({ | ||
message: 'expected request_uri in Pushed Authorization Successful Response', | ||
response, | ||
}); | ||
} | ||
if (typeof responseBody.request_uri !== 'string') { | ||
throw new RPError({ | ||
message: 'invalid request_uri value in Pushed Authorization Successful Response', | ||
response, | ||
}); | ||
} | ||
return responseBody; | ||
} | ||
/** | ||
* @name issuer | ||
@@ -1664,70 +1715,2 @@ * @api public | ||
/** | ||
* @name pushedAuthorizationRequest | ||
* @api public | ||
*/ | ||
async function pushedAuthorizationRequest(params = {}, { clientAssertionPayload } = {}) { | ||
assertIssuerConfiguration(this.issuer, 'pushed_authorization_request_endpoint'); | ||
const body = { | ||
...('request' in params ? params : authorizationParams.call(this, params)), | ||
client_id: this.client_id, | ||
}; | ||
const response = await authenticatedPost.call( | ||
this, | ||
'pushed_authorization_request', | ||
{ | ||
responseType: 'json', | ||
form: body, | ||
}, | ||
{ clientAssertionPayload, endpointAuthMethod: 'token' }, | ||
); | ||
const responseBody = processResponse(response, { statusCode: 201 }); | ||
if (!('expires_in' in responseBody)) { | ||
throw new RPError({ | ||
message: 'expected expires_in in Pushed Authorization Successful Response', | ||
response, | ||
}); | ||
} | ||
if (typeof responseBody.expires_in !== 'number') { | ||
throw new RPError({ | ||
message: 'invalid expires_in value in Pushed Authorization Successful Response', | ||
response, | ||
}); | ||
} | ||
if (!('request_uri' in responseBody)) { | ||
throw new RPError({ | ||
message: 'expected request_uri in Pushed Authorization Successful Response', | ||
response, | ||
}); | ||
} | ||
if (typeof responseBody.request_uri !== 'string') { | ||
throw new RPError({ | ||
message: 'invalid request_uri value in Pushed Authorization Successful Response', | ||
response, | ||
}); | ||
} | ||
return responseBody; | ||
} | ||
Object.defineProperty(BaseClient.prototype, 'pushedAuthorizationRequest', { | ||
enumerable: true, | ||
configurable: true, | ||
value(...args) { | ||
process.emitWarning( | ||
'The Pushed Authorization Requests APIs implements an IETF draft. Breaking draft implementations are included as minor versions of the openid-client library, therefore, the ~ semver operator should be used and close attention be payed to library changelog as well as the drafts themselves.', | ||
'DraftWarning', | ||
); | ||
Object.defineProperty(BaseClient.prototype, 'pushedAuthorizationRequest', { | ||
enumerable: true, | ||
configurable: true, | ||
value: pushedAuthorizationRequest, | ||
}); | ||
return this.pushedAuthorizationRequest(...args); | ||
}, | ||
}); | ||
module.exports.BaseClient = BaseClient; |
{ | ||
"name": "openid-client", | ||
"version": "4.7.5", | ||
"version": "4.8.0", | ||
"description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js runtime, supports passportjs", | ||
@@ -46,3 +46,2 @@ "keywords": [ | ||
"lint-fix": "eslint lib test --fix", | ||
"lint-ts": "npx typescript@~3.6.0 --build types", | ||
"test": "mocha test/**/*.test.js" | ||
@@ -49,0 +48,0 @@ }, |
@@ -45,2 +45,4 @@ # openid-client | ||
- self_signed_tls_client_auth | ||
- [RFC9101 - OAuth 2.0 JWT-Secured Authorization Request (JAR)][feature-jar] | ||
- [RFC9126 - OAuth 2.0 Pushed Authorization Requests (PAR)][feature-par] | ||
- [OpenID Connect Session Management 1.0 - draft 28][feature-rp-logout] | ||
@@ -51,3 +53,2 @@ - RP-Initiated Logout | ||
- [OAuth 2.0 Demonstration of Proof-of-Possession at the Application Layer (DPoP) - draft 01][feature-dpop] | ||
- [OAuth 2.0 Pushed Authorization Requests (PAR) - draft 06][feature-par] | ||
@@ -302,3 +303,4 @@ Updates to draft specifications (DPoP, JARM, and FAPI) are released as MINOR library versions, | ||
[feature-dpop]: https://tools.ietf.org/html/draft-ietf-oauth-dpop-01 | ||
[feature-par]: https://tools.ietf.org/html/draft-ietf-oauth-par-06 | ||
[feature-par]: https://www.rfc-editor.org/rfc/rfc9126.html | ||
[feature-jar]: https://www.rfc-editor.org/rfc/rfc9101.html | ||
[openid-certified-link]: https://openid.net/certification/ | ||
@@ -305,0 +307,0 @@ [passport-url]: http://passportjs.org |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
318
133547
3452