passport-auth0
Advanced tools
passport-auth0 - npm Package Compare versions
Comparing version 1.4.0 to 1.4.1
| # Change Log | ||
| ## [v1.4.1](https://github.com/auth0/passport-auth0/tree/v1.4.1) (2020-10-22) | ||
| [Full Changelog](https://github.com/auth0/passport-auth0/compare/v1.4.1...v1.4.0) | ||
| **Changed** | ||
| Replace request with axios [\#144](https://github.com/auth0/passport-auth0/pull/144) ([frederikprijck](https://github.com/frederikprijck)) | ||
| ## [v1.4.0](https://github.com/auth0/passport-auth0/tree/v1.4.0) (2020-10-22) | ||
@@ -4,0 +10,0 @@ [Full Changelog](https://github.com/auth0/passport-auth0/compare/v1.4.0...v1.3.3) |
@@ -6,5 +6,6 @@ /** | ||
| OAuth2Strategy = require('passport-oauth').OAuth2Strategy, | ||
| request = require('request'), | ||
| axios = require('axios'), | ||
| pkg = require('../package.json') | ||
| crypto = require('crypto'); | ||
| crypto = require('crypto') | ||
| querystring = require('querystring'); | ||
@@ -163,3 +164,3 @@ function encodeClientInfo(obj) { | ||
| /** | ||
| * TODO: Deprecate | ||
| * @deprecated An Access Token is already included as part of the verify callback passed to Auth0Strategy. | ||
| */ | ||
@@ -174,19 +175,12 @@ Strategy.prototype._getAccessToken = function(done){ | ||
| request({ | ||
| axios({ | ||
| method: 'POST', | ||
| url: this.options.tokenURL, | ||
| form: body, | ||
| headers: { | ||
| data: querystring.stringify(body), | ||
| headers: { | ||
| 'Auth0-Client': clientInfoHeader | ||
| } | ||
| }, function (err, resp, body) { | ||
| if(err) return done(err); | ||
| var result = JSON.parse(body); | ||
| var accessToken = result['access_token']; | ||
| var idToken = result['id_token']; | ||
| done(null, accessToken, idToken); | ||
| }); | ||
| }) | ||
| .then((response) => done(null, response.data['access_token'], response.data['id_token'])) | ||
| .catch((err) => done(err)); | ||
| }; | ||
@@ -193,0 +187,0 @@ |
| { | ||
| "name": "passport-auth0", | ||
| "version": "1.4.0", | ||
| "version": "1.4.1", | ||
| "description": "Auth0 platform authentication strategy for Passport.js", | ||
@@ -20,6 +20,6 @@ "main": "lib/index.js", | ||
| "dependencies": { | ||
| "axios": "^0.21.4", | ||
| "passport-oauth": "^1.0.0", | ||
| "passport-oauth2": "^1.5.0", | ||
| "request": "^2.88.0" | ||
| "passport-oauth2": "^1.6.0" | ||
| } | ||
| } |
| # passport-auth0 | ||
| > :information_source: **Maintenance Advisory:** With the release of https://github.com/auth0/express-openid-connect, we will no longer be adding new features to this library, however we will continue to maintain this library and fix issues. You can read more about the release of our new library at https://auth0.com/blog/auth0-s-express-openid-connect-sdk/ | ||
@@ -9,3 +10,3 @@ | ||
| [](https://travis-ci.org/auth0/passport-auth0) | ||
| [](https://circleci.com/gh/auth0/passport-auth0/tree/master) | ||
| [](https://npmjs.org/package/passport-auth0) | ||
@@ -161,2 +162,2 @@ [](https://npmjs.org/package/passport-auth0) | ||
| [](https://app.fossa.com/projects/git%2Bgithub.com%2Fauth0%2Fpassport-auth0?ref=badge_large) | ||
| [](https://app.fossa.com/projects/git%2Bgithub.com%2Fauth0%2Fpassport-auth0?ref=badge_large) |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by9.81%
61893
- Number of package files
- increased by16.67%
21
- Number of lines in readme file
- increased by1.25%
162
Worsened metrics
- Lines of code
- decreased by-0.29%
1045
- Number of medium supply chain risk alerts
- increased byInfinity%
1
Dependency changes
+ Addedaxios@^0.21.4
+ Addedaxios@0.21.4(transitive)
+ Addedfollow-redirects@1.15.9(transitive)
- Removedrequest@^2.88.0
- Removedajv@6.12.6(transitive)
- Removedasn1@0.2.6(transitive)
- Removedassert-plus@1.0.0(transitive)
- Removedasynckit@0.4.0(transitive)
- Removedaws-sign2@0.7.0(transitive)
- Removedaws4@1.13.2(transitive)
- Removedbcrypt-pbkdf@1.0.2(transitive)
- Removedcaseless@0.12.0(transitive)
- Removedcombined-stream@1.0.8(transitive)
- Removedcore-util-is@1.0.2(transitive)
- Removeddashdash@1.14.1(transitive)
- Removeddelayed-stream@1.0.0(transitive)
- Removedecc-jsbn@0.1.2(transitive)
- Removedextend@3.0.2(transitive)
- Removedextsprintf@1.3.0(transitive)
- Removedfast-deep-equal@3.1.3(transitive)
- Removedfast-json-stable-stringify@2.1.0(transitive)
- Removedforever-agent@0.6.1(transitive)
- Removedform-data@2.3.3(transitive)
- Removedgetpass@0.1.7(transitive)
- Removedhar-schema@2.0.0(transitive)
- Removedhar-validator@5.1.5(transitive)
- Removedhttp-signature@1.2.0(transitive)
- Removedis-typedarray@1.0.0(transitive)
- Removedisstream@0.1.2(transitive)
- Removedjsbn@0.1.1(transitive)
- Removedjson-schema@0.4.0(transitive)
- Removedjson-schema-traverse@0.4.1(transitive)
- Removedjson-stringify-safe@5.0.1(transitive)
- Removedjsprim@1.4.2(transitive)
- Removedmime-db@1.52.0(transitive)
- Removedmime-types@2.1.35(transitive)
- Removedoauth-sign@0.9.0(transitive)
- Removedperformance-now@2.1.0(transitive)
- Removedpsl@1.10.0(transitive)
- Removedpunycode@2.3.1(transitive)
- Removedqs@6.5.3(transitive)
- Removedrequest@2.88.2(transitive)
- Removedsafe-buffer@5.2.1(transitive)
- Removedsafer-buffer@2.1.2(transitive)
- Removedsshpk@1.18.0(transitive)
- Removedtough-cookie@2.5.0(transitive)
- Removedtunnel-agent@0.6.0(transitive)
- Removedtweetnacl@0.14.5(transitive)
- Removeduri-js@4.4.1(transitive)
- Removeduuid@3.4.0(transitive)
- Removedverror@1.10.0(transitive)
Updatedpassport-oauth2@^1.6.0