simple-oauth2
Advanced tools
Comparing version 4.3.0 to 5.0.0
# Changelog | ||
## Next | ||
### New features | ||
- [#332](https://github.com/lelylan/simple-oauth2/pull/332) Preserve query params on authorizePath on authorizeURL method | ||
### Maintainance | ||
- [#341](https://github.com/lelylan/simple-oauth2/pull/341) Rewrite integration tests | ||
- [#382](https://github.com/lelylan/simple-oauth2/pull/382) Update eslint parser dependencies | ||
- [#390](https://github.com/lelylan/simple-oauth2/pull/390) Add Node 16 to test matrix | ||
- [#404](https://github.com/lelylan/simple-oauth2/pull/404) Update `ava` to v4.x | ||
- [#405](https://github.com/lelylan/simple-oauth2/pull/405) Update `@hapi/hoek` to v10.0.0 | ||
- [#406](https://github.com/lelylan/simple-oauth2/pull/406) Update `@hapi/wreck` to v18.0.0 | ||
- [#407](https://github.com/lelylan/simple-oauth2/pull/407) Update `@hapi/boom` to v10.0.0 | ||
- [#407](https://github.com/lelylan/simple-oauth2/pull/407) Update `doctoc` to v2.x | ||
- [#408](https://github.com/lelylan/simple-oauth2/pull/408) Add Node 18 to test matrix | ||
## Documentation | ||
- [#403](https://github.com/lelylan/simple-oauth2/pull/402) Add LinkedIn example | ||
### Breaking changes | ||
- [340](https://github.com/lelylan/simple-oauth2/pull/340) Accept only options available per grant type | ||
- [#403](https://github.com/lelylan/simple-oauth2/pull/403) Drop support for Node 12. Require at least Node 14 | ||
- [#406](https://github.com/lelylan/simple-oauth2/pull/406) Disable redirects by default | ||
## 4.3.0 | ||
@@ -4,0 +28,0 @@ |
'use strict'; | ||
const Config = require('./lib/config'); | ||
const Joi = require('joi'); | ||
const { Client } = require('./lib/client'); | ||
@@ -8,6 +8,7 @@ const AuthorizationCodeGrantType = require('./lib/authorization-code-grant-type'); | ||
const ClientCredentialsGrantType = require('./lib/client-credentials-grant-type'); | ||
const { AuthorizationCodeSchema, ClientCredentialsSchema, ResourceOwnerPasswordSchema } = require('./lib/config'); | ||
class AuthorizationCode extends AuthorizationCodeGrantType { | ||
constructor(options) { | ||
const config = Config.apply(options); | ||
const config = Joi.attempt(options, AuthorizationCodeSchema, 'Invalid options provided to simple-oauth2'); | ||
const client = new Client(config); | ||
@@ -21,3 +22,3 @@ | ||
constructor(options) { | ||
const config = Config.apply(options); | ||
const config = Joi.attempt(options, ClientCredentialsSchema, 'Invalid options provided to simple-oauth2'); | ||
const client = new Client(config); | ||
@@ -31,3 +32,3 @@ | ||
constructor(options) { | ||
const config = Config.apply(options); | ||
const config = Joi.attempt(options, ResourceOwnerPasswordSchema, 'Invalid options provided to simple-oauth2'); | ||
const client = new Client(config); | ||
@@ -34,0 +35,0 @@ |
'use strict'; | ||
const { URL } = require('url'); | ||
const querystring = require('querystring'); | ||
const AccessToken = require('./access-token'); | ||
@@ -36,3 +35,7 @@ const GrantTypeParams = require('./grant-type-params'); | ||
return `${url}?${querystring.stringify(parameters.toObject())}`; | ||
Object | ||
.entries(parameters.toObject()) | ||
.forEach(([parameterName, value]) => url.searchParams.set(parameterName, value)); | ||
return url.toString(); | ||
} | ||
@@ -39,0 +42,0 @@ |
@@ -14,3 +14,2 @@ 'use strict'; | ||
json: 'strict', | ||
redirects: 20, | ||
headers: defaultHttpHeaders, | ||
@@ -17,0 +16,0 @@ }; |
@@ -14,2 +14,9 @@ 'use strict'; | ||
* | ||
* Following characters are not-escaped by encodeURIComponent but {@link https://tools.ietf.org/html/rfc3986 RFC 3986} | ||
* lists them as 'reserved' and hence needs to be percent encoded, though they have no formalized URI delimiting cases | ||
* | ||
* > ! ' ( ) * | ||
* | ||
* Percent encoding needs to be uppercase hexadecimal as per {@link https://tools.ietf.org/html/rfc3986#section-2.1 RFC 3986 - Percent Encoding} | ||
* | ||
* @see https://tools.ietf.org/html/rfc6749#appendix-B | ||
@@ -21,3 +28,5 @@ * @see https://tools.ietf.org/html/rfc6749#section-2.3.1 | ||
function useFormURLEncode(value) { | ||
return encodeURIComponent(value).replace(/%20/g, '+'); | ||
return encodeURIComponent(value) | ||
.replace(/%20/g, '+') | ||
.replace(/[!'()*]/g, (c) => `%${c.charCodeAt(0).toString(16).toUpperCase()}`); | ||
} | ||
@@ -24,0 +33,0 @@ |
@@ -9,47 +9,101 @@ 'use strict'; | ||
const clientSchema = Joi.object().keys({ | ||
id: Joi.string().pattern(vsCharRegEx).allow(''), | ||
secret: Joi.string().pattern(vsCharRegEx).allow(''), | ||
secretParamName: Joi.string().default('client_secret'), | ||
idParamName: Joi.string().default('client_id'), | ||
}).required(); | ||
const ClientSchema = Joi | ||
.object({ | ||
id: Joi | ||
.string() | ||
.pattern(vsCharRegEx) | ||
.allow(''), | ||
secret: Joi | ||
.string() | ||
.pattern(vsCharRegEx) | ||
.allow(''), | ||
secretParamName: Joi | ||
.string() | ||
.default('client_secret'), | ||
idParamName: Joi | ||
.string() | ||
.default('client_id'), | ||
}) | ||
.required(); | ||
const authSchema = Joi.object().keys({ | ||
tokenHost: Joi.string().required().uri({ scheme: ['http', 'https'] }), | ||
tokenPath: Joi.string().default('/oauth/token'), | ||
refreshPath: Joi.string().default(Joi.ref('tokenPath')), | ||
revokePath: Joi.string().default('/oauth/revoke'), | ||
authorizeHost: Joi.string().uri({ scheme: ['http', 'https'] }).default(Joi.ref('tokenHost')), | ||
authorizePath: Joi.string().default('/oauth/authorize'), | ||
}).required(); | ||
const optionsSchema = Joi.object().keys({ | ||
scopeSeparator: Joi.string().default(' '), | ||
credentialsEncodingMode: Joi | ||
const AuthSchema = Joi.object().keys({ | ||
tokenHost: Joi | ||
.string() | ||
.valid(...Object.values(credentialsEncodingModeEnum)) | ||
.default(credentialsEncodingModeEnum.STRICT), | ||
bodyFormat: Joi | ||
.required() | ||
.uri({ scheme: ['http', 'https'] }), | ||
tokenPath: Joi | ||
.string() | ||
.valid(...Object.values(bodyFormatEnum)) | ||
.default(bodyFormatEnum.FORM), | ||
authorizationMethod: Joi | ||
.default('/oauth/token'), | ||
refreshPath: Joi | ||
.string() | ||
.valid(...Object.values(authorizationMethodEnum)) | ||
.default(authorizationMethodEnum.HEADER), | ||
}).default(); | ||
.default(Joi.ref('tokenPath')), | ||
revokePath: Joi | ||
.string() | ||
.default('/oauth/revoke'), | ||
}) | ||
.required(); | ||
const ModuleSchema = Joi.object().keys({ | ||
client: clientSchema, | ||
auth: authSchema, | ||
http: Joi.object().unknown(true), | ||
options: optionsSchema, | ||
}); | ||
const OptionsSchema = Joi | ||
.object({ | ||
scopeSeparator: Joi | ||
.string() | ||
.default(' '), | ||
credentialsEncodingMode: Joi | ||
.string() | ||
.valid(...Object.values(credentialsEncodingModeEnum)) | ||
.default(credentialsEncodingModeEnum.STRICT), | ||
bodyFormat: Joi | ||
.string() | ||
.valid(...Object.values(bodyFormatEnum)) | ||
.default(bodyFormatEnum.FORM), | ||
authorizationMethod: Joi | ||
.string() | ||
.valid(...Object.values(authorizationMethodEnum)) | ||
.default(authorizationMethodEnum.HEADER), | ||
}) | ||
.default(); | ||
const Config = { | ||
apply(options) { | ||
return Joi.attempt(options, ModuleSchema, 'Invalid options provided to simple-oauth2'); | ||
}, | ||
const HttpOptionsSchema = Joi | ||
.object({ | ||
baseUrl: Joi.string().forbidden(), | ||
}) | ||
.unknown(true); | ||
const AuthorizationCodeSchema = Joi | ||
.object({ | ||
client: ClientSchema, | ||
auth: AuthSchema | ||
.keys({ | ||
authorizeHost: Joi | ||
.string() | ||
.uri({ scheme: ['http', 'https'] }) | ||
.default(Joi.ref('tokenHost')), | ||
authorizePath: Joi | ||
.string() | ||
.default('/oauth/authorize'), | ||
}), | ||
http: HttpOptionsSchema, | ||
options: OptionsSchema, | ||
}); | ||
const ClientCredentialsSchema = Joi | ||
.object({ | ||
client: ClientSchema, | ||
auth: AuthSchema, | ||
http: HttpOptionsSchema, | ||
options: OptionsSchema, | ||
}); | ||
const ResourceOwnerPasswordSchema = Joi | ||
.object({ | ||
client: ClientSchema, | ||
auth: AuthSchema, | ||
http: HttpOptionsSchema, | ||
options: OptionsSchema, | ||
}); | ||
module.exports = { | ||
AuthorizationCodeSchema, | ||
ClientCredentialsSchema, | ||
ResourceOwnerPasswordSchema, | ||
}; | ||
module.exports = Config; |
{ | ||
"name": "simple-oauth2", | ||
"version": "4.3.0", | ||
"version": "5.0.0", | ||
"support": true, | ||
@@ -21,3 +21,3 @@ "description": "Node.js client for OAuth2", | ||
"engine": { | ||
"node": ">=12" | ||
"node": ">=14" | ||
}, | ||
@@ -50,23 +50,23 @@ "scripts": { | ||
"dependencies": { | ||
"@hapi/hoek": "^9.0.4", | ||
"@hapi/wreck": "^17.0.0", | ||
"debug": "^4.1.1", | ||
"joi": "^17.3.0" | ||
"@hapi/hoek": "^10.0.1", | ||
"@hapi/wreck": "^18.0.0", | ||
"debug": "^4.3.4", | ||
"joi": "^17.6.4" | ||
}, | ||
"devDependencies": { | ||
"@hapi/boom": "^9.1.0", | ||
"ava": "^3.15.0", | ||
"c8": "^7.8.0", | ||
"chance": "^1.1.7", | ||
"@hapi/boom": "^10.0.0", | ||
"ava": "^4.3.3", | ||
"c8": "^7.12.0", | ||
"chance": "^1.1.9", | ||
"chance-access-token": "^2.1.0", | ||
"date-fns": "^2.14.0", | ||
"doctoc": "^1.4.0", | ||
"eslint": "^8.2.0", | ||
"date-fns": "^2.29.3", | ||
"doctoc": "^2.2.1", | ||
"eslint": "^8.26.0", | ||
"eslint-config-airbnb-base": "^15.0.0", | ||
"eslint-plugin-import": "^2.25.3", | ||
"nock": "^13.1.2" | ||
"eslint-plugin-import": "^2.26.0", | ||
"nock": "^13.2.9" | ||
}, | ||
"volta": { | ||
"node": "14.15.1" | ||
"node": "16.13.1" | ||
} | ||
} |
@@ -14,23 +14,20 @@ # Simple OAuth2 | ||
- [Requirements](#requirements) | ||
- [Usage](#usage) | ||
- [Supported Grant Types](#supported-grant-types) | ||
- [Authorization Code Grant](#authorization-code-grant) | ||
- [Resource Owner Password Credentials Grant](#resource-owner-password-credentials-grant) | ||
- [Client Credentials Grant](#client-credentials-grant) | ||
- [Access Token](#access-token) | ||
- [Refresh an access token](#refresh-an-access-token) | ||
- [Revoke an access or refresh token](#revoke-an-access-or-refresh-token) | ||
- [Errors](#errors) | ||
- [Debugging the module](#debugging-the-module) | ||
- [Contributing](#contributing) | ||
- [Authors](#authors) | ||
- [Contributors](#contributors) | ||
- [Changelog](#changelog) | ||
- [License](#license) | ||
- [Thanks to Open Source](#thanks-to-open-source) | ||
- [Simple OAuth2](#simple-oauth2) | ||
- [Table of Contents](#table-of-contents) | ||
- [Requirements](#requirements) | ||
- [Usage](#usage) | ||
- [Supported Grant Types](#supported-grant-types) | ||
- [Authorization Code Grant](#authorization-code-grant) | ||
- [Resource Owner Password Credentials Grant](#resource-owner-password-credentials-grant) | ||
- [Client Credentials Grant](#client-credentials-grant) | ||
- [Access Token](#access-token) | ||
- [Refresh an access token](#refresh-an-access-token) | ||
- [Revoke an access or refresh token](#revoke-an-access-or-refresh-token) | ||
- [Errors](#errors) | ||
- [Debugging the module](#debugging-the-module) | ||
- [Contributing](#contributing) | ||
- [Authors](#authors) | ||
- [Contributors](#contributors) | ||
- [Changelog](#changelog) | ||
- [License](#license) | ||
- [Thanks to Open Source](#thanks-to-open-source) | ||
<!-- END doctoc generated TOC please keep comment here to allow auto update --> | ||
@@ -42,4 +39,4 @@ | ||
|----------------------------------------------------------------------------------|---------------------| | ||
| [4.x](https://github.com/lelylan/simple-oauth2/tree/4.x) | Node 12.x or higher | | ||
| [5.x (Development)](https://github.com/lelylan/simple-oauth2/tree/master) | Node 14.x or higher | | ||
| [5.x](https://github.com/lelylan/simple-oauth2/tree/5.x) | Node 14.x or higher | | ||
| [6.x (Development)](https://github.com/lelylan/simple-oauth2/tree/master) | Node 16.x or higher | | ||
@@ -46,0 +43,0 @@ Older node versions are unsupported. |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
48282
210830
567
327
+ Added@hapi/hoek@10.0.1(transitive)
Updated@hapi/hoek@^10.0.1
Updated@hapi/wreck@^18.0.0
Updateddebug@^4.3.4
Updatedjoi@^17.6.4