passport-tequila - npm Package Compare versions

Comparing version 0.2.0 to 1.0.0

CHANGES.md

@@ -0,3 +1,9 @@
+# Version 1.0.0
+
+## Breaking change
+- `protocol.fetchattributes` parameters signature goes from `(key, done)` to `(key, auth_key, done)`
+- Add protocol 2.1 support
+
 # Version 0.2.0
 
 - Introduce configuration file for the `requestauth` form in the fake Tequila server

lib/passport-tequila/protocol.js

@@ -71,3 +71,4 @@ /**
         service: this.service || ("Document " + req.originalUrl),
-        ca: this.ca
+        ca: this.ca,
+        mode_auth_check: "1"
     };
@@ -110,6 +111,12 @@ if (this.require) {
  * @param key The Tequila key (passed as key= URI parameter when redirected back from Tequila)
+ * @param auth_check The Tequila auth_check (passed as auth_check= URI parameter when redirected back from Tequila)
  * @param {Function} done Called either as done(error), or done(null, raw_tequila_result_object)
  */
-Protocol.prototype.fetchattributes = function (key, done) {
-    this._teqRequest(this.tequila_fetchattributes_path,  {key: key}, function (error, result) {
+Protocol.prototype.fetchattributes = function (key, auth_check, done) {
+    if ( auth_check instanceof Function ) {
+        const typeErrorMsg = "auth_check argument should not be a function since version 1.0.0. Please check the usage of the fetchattributes method."
+        throw new TypeError(errorMsg)
+    }
+
+    this._teqRequest(this.tequila_fetchattributes_path,  {key: key, auth_check: auth_check}, function (error, result) {
         if (error) {
@@ -116,0 +123,0 @@ debug("fetchattributes: Tequila error.");

lib/passport-tequila/strategy.js

@@ -47,5 +47,5 @@ /**
         debug("Not authenticated at " + req.originalUrl);
-        if (req.query && req.query.key) {
-            debug("Looks like user is back from Tequila, with key=" + req.query.key);
-            protocol.fetchattributes(req.query.key, function (error, results) {
+        if (req.query && req.query.key && req.query.auth_check) {
+            debug("Looks like user is back from Tequila, with key=" + req.query.key + ', auth_check=' + req.query.auth_check);
+            protocol.fetchattributes(req.query.key, req.query.auth_check, function (error, results) {
                 if (error) {
@@ -59,4 +59,4 @@ next(error);
                             res.redirect(self.protocol.redirectUrl(req, url.parse(req.originalUrl).pathname));
-                        } else if(req.query.key){
-                            res.redirect(removeParam("key",self.protocol.redirectUrl(req, req.originalUrl)));
+                        } else if(req.query.key || req.query.auth_check){
+                            res.redirect(removeParam("auth_check", removeParam("key",self.protocol.redirectUrl(req, req.originalUrl))));
                         } else {
@@ -63,0 +63,0 @@ next();

package.json

 {
   "name": "passport-tequila",
-  "version": "0.2.0",
+  "version": "1.0.0",
   "private": false,
@@ -5,0 +5,0 @@ "scripts": {

test/fakes.js

@@ -107,3 +107,4 @@ 'use strict';
 TequilaServer.prototype.do_requestauth = function(req, res, next) {
-    const opts = this.opts
+    const defaultGroups = process.env.FAKE_TEQUILA_GROUPS || '';
+    const opts = this.opts;
 
@@ -110,0 +111,0 @@ res.send(`<html>

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

48980

increased by33.52%

Number of package files

14

increased by7.69%

Lines of code

795

increased by0.89%

Number of low quality alerts

1

decreased by-50%

Worsened metrics

Number of low supply chain risk alerts

2

increased by100%

No dependency changes