Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

simple-oauth2

Package Overview
Dependencies
Maintainers
2
Versions
53
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

simple-oauth2 - npm Package Compare versions

Comparing version 4.3.0 to 5.0.0

24

CHANGELOG.md
# Changelog
## Next
### New features
- [#332](https://github.com/lelylan/simple-oauth2/pull/332) Preserve query params on authorizePath on authorizeURL method
### Maintainance
- [#341](https://github.com/lelylan/simple-oauth2/pull/341) Rewrite integration tests
- [#382](https://github.com/lelylan/simple-oauth2/pull/382) Update eslint parser dependencies
- [#390](https://github.com/lelylan/simple-oauth2/pull/390) Add Node 16 to test matrix
- [#404](https://github.com/lelylan/simple-oauth2/pull/404) Update `ava` to v4.x
- [#405](https://github.com/lelylan/simple-oauth2/pull/405) Update `@hapi/hoek` to v10.0.0
- [#406](https://github.com/lelylan/simple-oauth2/pull/406) Update `@hapi/wreck` to v18.0.0
- [#407](https://github.com/lelylan/simple-oauth2/pull/407) Update `@hapi/boom` to v10.0.0
- [#407](https://github.com/lelylan/simple-oauth2/pull/407) Update `doctoc` to v2.x
- [#408](https://github.com/lelylan/simple-oauth2/pull/408) Add Node 18 to test matrix
## Documentation
- [#403](https://github.com/lelylan/simple-oauth2/pull/402) Add LinkedIn example
### Breaking changes
- [340](https://github.com/lelylan/simple-oauth2/pull/340) Accept only options available per grant type
- [#403](https://github.com/lelylan/simple-oauth2/pull/403) Drop support for Node 12. Require at least Node 14
- [#406](https://github.com/lelylan/simple-oauth2/pull/406) Disable redirects by default
## 4.3.0

@@ -4,0 +28,0 @@

9

index.js
'use strict';
const Config = require('./lib/config');
const Joi = require('joi');
const { Client } = require('./lib/client');

@@ -8,6 +8,7 @@ const AuthorizationCodeGrantType = require('./lib/authorization-code-grant-type');

const ClientCredentialsGrantType = require('./lib/client-credentials-grant-type');
const { AuthorizationCodeSchema, ClientCredentialsSchema, ResourceOwnerPasswordSchema } = require('./lib/config');
class AuthorizationCode extends AuthorizationCodeGrantType {
constructor(options) {
const config = Config.apply(options);
const config = Joi.attempt(options, AuthorizationCodeSchema, 'Invalid options provided to simple-oauth2');
const client = new Client(config);

@@ -21,3 +22,3 @@

constructor(options) {
const config = Config.apply(options);
const config = Joi.attempt(options, ClientCredentialsSchema, 'Invalid options provided to simple-oauth2');
const client = new Client(config);

@@ -31,3 +32,3 @@

constructor(options) {
const config = Config.apply(options);
const config = Joi.attempt(options, ResourceOwnerPasswordSchema, 'Invalid options provided to simple-oauth2');
const client = new Client(config);

@@ -34,0 +35,0 @@

'use strict';
const { URL } = require('url');
const querystring = require('querystring');
const AccessToken = require('./access-token');

@@ -36,3 +35,7 @@ const GrantTypeParams = require('./grant-type-params');

return `${url}?${querystring.stringify(parameters.toObject())}`;
Object
.entries(parameters.toObject())
.forEach(([parameterName, value]) => url.searchParams.set(parameterName, value));
return url.toString();
}

@@ -39,0 +42,0 @@

@@ -14,3 +14,2 @@ 'use strict';

json: 'strict',
redirects: 20,
headers: defaultHttpHeaders,

@@ -17,0 +16,0 @@ };

@@ -14,2 +14,9 @@ 'use strict';

*
* Following characters are not-escaped by encodeURIComponent but {@link https://tools.ietf.org/html/rfc3986 RFC 3986}
* lists them as 'reserved' and hence needs to be percent encoded, though they have no formalized URI delimiting cases
*
* > ! ' ( ) *
*
* Percent encoding needs to be uppercase hexadecimal as per {@link https://tools.ietf.org/html/rfc3986#section-2.1 RFC 3986 - Percent Encoding}
*
* @see https://tools.ietf.org/html/rfc6749#appendix-B

@@ -21,3 +28,5 @@ * @see https://tools.ietf.org/html/rfc6749#section-2.3.1

function useFormURLEncode(value) {
return encodeURIComponent(value).replace(/%20/g, '+');
return encodeURIComponent(value)
.replace(/%20/g, '+')
.replace(/[!'()*]/g, (c) => `%${c.charCodeAt(0).toString(16).toUpperCase()}`);
}

@@ -24,0 +33,0 @@

@@ -9,47 +9,101 @@ 'use strict';

const clientSchema = Joi.object().keys({
id: Joi.string().pattern(vsCharRegEx).allow(''),
secret: Joi.string().pattern(vsCharRegEx).allow(''),
secretParamName: Joi.string().default('client_secret'),
idParamName: Joi.string().default('client_id'),
}).required();
const ClientSchema = Joi
.object({
id: Joi
.string()
.pattern(vsCharRegEx)
.allow(''),
secret: Joi
.string()
.pattern(vsCharRegEx)
.allow(''),
secretParamName: Joi
.string()
.default('client_secret'),
idParamName: Joi
.string()
.default('client_id'),
})
.required();
const authSchema = Joi.object().keys({
tokenHost: Joi.string().required().uri({ scheme: ['http', 'https'] }),
tokenPath: Joi.string().default('/oauth/token'),
refreshPath: Joi.string().default(Joi.ref('tokenPath')),
revokePath: Joi.string().default('/oauth/revoke'),
authorizeHost: Joi.string().uri({ scheme: ['http', 'https'] }).default(Joi.ref('tokenHost')),
authorizePath: Joi.string().default('/oauth/authorize'),
}).required();
const optionsSchema = Joi.object().keys({
scopeSeparator: Joi.string().default(' '),
credentialsEncodingMode: Joi
const AuthSchema = Joi.object().keys({
tokenHost: Joi
.string()
.valid(...Object.values(credentialsEncodingModeEnum))
.default(credentialsEncodingModeEnum.STRICT),
bodyFormat: Joi
.required()
.uri({ scheme: ['http', 'https'] }),
tokenPath: Joi
.string()
.valid(...Object.values(bodyFormatEnum))
.default(bodyFormatEnum.FORM),
authorizationMethod: Joi
.default('/oauth/token'),
refreshPath: Joi
.string()
.valid(...Object.values(authorizationMethodEnum))
.default(authorizationMethodEnum.HEADER),
}).default();
.default(Joi.ref('tokenPath')),
revokePath: Joi
.string()
.default('/oauth/revoke'),
})
.required();
const ModuleSchema = Joi.object().keys({
client: clientSchema,
auth: authSchema,
http: Joi.object().unknown(true),
options: optionsSchema,
});
const OptionsSchema = Joi
.object({
scopeSeparator: Joi
.string()
.default(' '),
credentialsEncodingMode: Joi
.string()
.valid(...Object.values(credentialsEncodingModeEnum))
.default(credentialsEncodingModeEnum.STRICT),
bodyFormat: Joi
.string()
.valid(...Object.values(bodyFormatEnum))
.default(bodyFormatEnum.FORM),
authorizationMethod: Joi
.string()
.valid(...Object.values(authorizationMethodEnum))
.default(authorizationMethodEnum.HEADER),
})
.default();
const Config = {
apply(options) {
return Joi.attempt(options, ModuleSchema, 'Invalid options provided to simple-oauth2');
},
const HttpOptionsSchema = Joi
.object({
baseUrl: Joi.string().forbidden(),
})
.unknown(true);
const AuthorizationCodeSchema = Joi
.object({
client: ClientSchema,
auth: AuthSchema
.keys({
authorizeHost: Joi
.string()
.uri({ scheme: ['http', 'https'] })
.default(Joi.ref('tokenHost')),
authorizePath: Joi
.string()
.default('/oauth/authorize'),
}),
http: HttpOptionsSchema,
options: OptionsSchema,
});
const ClientCredentialsSchema = Joi
.object({
client: ClientSchema,
auth: AuthSchema,
http: HttpOptionsSchema,
options: OptionsSchema,
});
const ResourceOwnerPasswordSchema = Joi
.object({
client: ClientSchema,
auth: AuthSchema,
http: HttpOptionsSchema,
options: OptionsSchema,
});
module.exports = {
AuthorizationCodeSchema,
ClientCredentialsSchema,
ResourceOwnerPasswordSchema,
};
module.exports = Config;
{
"name": "simple-oauth2",
"version": "4.3.0",
"version": "5.0.0",
"support": true,

@@ -21,3 +21,3 @@ "description": "Node.js client for OAuth2",

"engine": {
"node": ">=12"
"node": ">=14"
},

@@ -50,23 +50,23 @@ "scripts": {

"dependencies": {
"@hapi/hoek": "^9.0.4",
"@hapi/wreck": "^17.0.0",
"debug": "^4.1.1",
"joi": "^17.3.0"
"@hapi/hoek": "^10.0.1",
"@hapi/wreck": "^18.0.0",
"debug": "^4.3.4",
"joi": "^17.6.4"
},
"devDependencies": {
"@hapi/boom": "^9.1.0",
"ava": "^3.15.0",
"c8": "^7.8.0",
"chance": "^1.1.7",
"@hapi/boom": "^10.0.0",
"ava": "^4.3.3",
"c8": "^7.12.0",
"chance": "^1.1.9",
"chance-access-token": "^2.1.0",
"date-fns": "^2.14.0",
"doctoc": "^1.4.0",
"eslint": "^8.2.0",
"date-fns": "^2.29.3",
"doctoc": "^2.2.1",
"eslint": "^8.26.0",
"eslint-config-airbnb-base": "^15.0.0",
"eslint-plugin-import": "^2.25.3",
"nock": "^13.1.2"
"eslint-plugin-import": "^2.26.0",
"nock": "^13.2.9"
},
"volta": {
"node": "14.15.1"
"node": "16.13.1"
}
}

@@ -14,23 +14,20 @@ # Simple OAuth2

- [Requirements](#requirements)
- [Usage](#usage)
- [Supported Grant Types](#supported-grant-types)
- [Authorization Code Grant](#authorization-code-grant)
- [Resource Owner Password Credentials Grant](#resource-owner-password-credentials-grant)
- [Client Credentials Grant](#client-credentials-grant)
- [Access Token](#access-token)
- [Refresh an access token](#refresh-an-access-token)
- [Revoke an access or refresh token](#revoke-an-access-or-refresh-token)
- [Errors](#errors)
- [Debugging the module](#debugging-the-module)
- [Contributing](#contributing)
- [Authors](#authors)
- [Contributors](#contributors)
- [Changelog](#changelog)
- [License](#license)
- [Thanks to Open Source](#thanks-to-open-source)
- [Simple OAuth2](#simple-oauth2)
- [Table of Contents](#table-of-contents)
- [Requirements](#requirements)
- [Usage](#usage)
- [Supported Grant Types](#supported-grant-types)
- [Authorization Code Grant](#authorization-code-grant)
- [Resource Owner Password Credentials Grant](#resource-owner-password-credentials-grant)
- [Client Credentials Grant](#client-credentials-grant)
- [Access Token](#access-token)
- [Refresh an access token](#refresh-an-access-token)
- [Revoke an access or refresh token](#revoke-an-access-or-refresh-token)
- [Errors](#errors)
- [Debugging the module](#debugging-the-module)
- [Contributing](#contributing)
- [Authors](#authors)
- [Contributors](#contributors)
- [Changelog](#changelog)
- [License](#license)
- [Thanks to Open Source](#thanks-to-open-source)
<!-- END doctoc generated TOC please keep comment here to allow auto update -->

@@ -42,4 +39,4 @@

|----------------------------------------------------------------------------------|---------------------|
| [4.x](https://github.com/lelylan/simple-oauth2/tree/4.x) | Node 12.x or higher |
| [5.x (Development)](https://github.com/lelylan/simple-oauth2/tree/master) | Node 14.x or higher |
| [5.x](https://github.com/lelylan/simple-oauth2/tree/5.x) | Node 14.x or higher |
| [6.x (Development)](https://github.com/lelylan/simple-oauth2/tree/master) | Node 16.x or higher |

@@ -46,0 +43,0 @@ Older node versions are unsupported.

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc