openid-client
Advanced tools
Comparing version 4.9.0 to 4.9.1
@@ -128,2 +128,13 @@ /* eslint-disable max-classes-per-file */ | ||
function getKeystore(jwks) { | ||
if (!isPlainObject(jwks) || !Array.isArray(jwks.keys) || jwks.keys.some((k) => !isPlainObject(k) || !('kty' in k))) { | ||
throw new TypeError('jwks must be a JSON Web Key Set formatted object'); | ||
} | ||
// eslint-disable-next-line no-restricted-syntax | ||
for (const jwk of jwks.keys) { | ||
if (jwk.kid === undefined) { | ||
jwk.kid = `DONOTUSE.${random()}`; | ||
} | ||
} | ||
const keystore = jose.JWKS.asKeyStore(jwks); | ||
@@ -1430,2 +1441,8 @@ if (keystore.all().some((key) => key.type !== 'private')) { | ||
metadata.jwks = keystore.toJWKS(false); | ||
// eslint-disable-next-line no-restricted-syntax | ||
for (const jwk of metadata.jwks.keys) { | ||
if (jwk.kid.startsWith('DONOTUSE.')) { | ||
delete jwk.kid; | ||
} | ||
} | ||
} | ||
@@ -1530,3 +1547,3 @@ | ||
...header, | ||
kid: symmetric ? undefined : key.kid, | ||
kid: symmetric || key.kid.startsWith('DONOTUSE.') ? undefined : key.kid, | ||
}); | ||
@@ -1690,11 +1707,6 @@ } | ||
let ath; | ||
if (accessToken) { | ||
ath = base64url.encode(crypto.createHash('sha256').update(accessToken).digest()); | ||
} | ||
return jose.JWS.sign({ | ||
iat: now(), | ||
jti: random(), | ||
ath, | ||
ath: accessToken ? base64url.encode(crypto.createHash('sha256').update(accessToken).digest()) : undefined, | ||
...payload, | ||
@@ -1701,0 +1713,0 @@ }, jwk, { |
@@ -50,3 +50,3 @@ const jose = require('jose'); | ||
} | ||
return jose.JWS.sign(payload, key, { alg, typ: 'JWT', kid: key.kid }); | ||
return jose.JWS.sign(payload, key, { alg, typ: 'JWT', kid: key.kid.startsWith('DONOTUSE.') ? undefined : key.kid }); | ||
} | ||
@@ -53,0 +53,0 @@ |
{ | ||
"name": "openid-client", | ||
"version": "4.9.0", | ||
"version": "4.9.1", | ||
"description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js runtime, supports passportjs", | ||
@@ -5,0 +5,0 @@ "keywords": [ |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
134485
3470