Comparing version 1.1.3 to 1.2.0
@@ -12,2 +12,3 @@ export declare class OAuth2Client { | ||
codeVerifier?: string; | ||
codeChallengeMethod?: "S256" | "plain"; | ||
scopes?: string[]; | ||
@@ -14,0 +15,0 @@ }): Promise<URL>; |
@@ -29,8 +29,18 @@ import { sha256 } from "../crypto/index.js"; | ||
if (options?.codeVerifier !== undefined) { | ||
const codeChallengeBuffer = await sha256(new TextEncoder().encode(options.codeVerifier)); | ||
const codeChallenge = base64url.encode(new Uint8Array(codeChallengeBuffer), { | ||
includePadding: false | ||
}); | ||
authorizationUrl.searchParams.set("code_challenge_method", "S256"); | ||
authorizationUrl.searchParams.set("code_challenge", codeChallenge); | ||
const codeChallengeMethod = options?.codeChallengeMethod ?? "S256"; | ||
if (codeChallengeMethod === "S256") { | ||
const codeChallengeBuffer = await sha256(new TextEncoder().encode(options.codeVerifier)); | ||
const codeChallenge = base64url.encode(new Uint8Array(codeChallengeBuffer), { | ||
includePadding: false | ||
}); | ||
authorizationUrl.searchParams.set("code_challenge", codeChallenge); | ||
authorizationUrl.searchParams.set("code_challenge_method", "S256"); | ||
} | ||
else if (codeChallengeMethod === "plain") { | ||
authorizationUrl.searchParams.set("code_challenge", options.codeVerifier); | ||
authorizationUrl.searchParams.set("code_challenge_method", "plain"); | ||
} | ||
else { | ||
throw new TypeError(`Invalid value for 'codeChallengeMethod': ${codeChallengeMethod}`); | ||
} | ||
} | ||
@@ -74,5 +84,8 @@ return authorizationUrl; | ||
} | ||
else { | ||
else if (authenticateWith === "request_body") { | ||
body.set("client_secret", options.credentials); | ||
} | ||
else { | ||
throw new TypeError(`Invalid value for 'authenticateWith': ${authenticateWith}`); | ||
} | ||
} | ||
@@ -79,0 +92,0 @@ const request = new Request(this.tokenEndpoint, { |
@@ -64,3 +64,3 @@ import { base64url } from "../encoding/index.js"; | ||
const clientDataChallengeBuffer = base64url.decode(clientData.challenge, { | ||
strict: false, | ||
strict: false | ||
}); | ||
@@ -67,0 +67,0 @@ if (!compareBytes(clientDataChallengeBuffer, challenge)) { |
{ | ||
"name": "oslo", | ||
"type": "module", | ||
"version": "1.1.3", | ||
"version": "1.2.0", | ||
"description": "A collection of auth-related utilities", | ||
@@ -6,0 +6,0 @@ "main": "dist/index.js", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
65755
1718