node-openid-client
OAuth 2 / OpenID Connect Client API for JavaScript Runtimes
MIT License
Bot releases are visible (Hide)
Published by github-actions[bot] 12 days ago
⚠ BREAKING CHANGES
- openid-client v6.x is a complete rewrite of the openid-client module, this is the first time since 0.1.0 (8 years ago) that the API has drastically changed. The new module structure and API focuses on three core principles:
- runtime compatibility (adding support for Deno, Cloudflare Workers, Bun, and other Web API interoperable runtimes)
- tree-shakeability (bundles should not contain features that don't end up being used)
- less options (removing support for processing deprecated response types, cutting down on the number of combinations that need to handled)
To that end openid-client@6 no longer supports the full cartesian matrix of response types and response modes, it no longer supports issuing encrypted assertions, decrypting assertions is limited to only a few algorithms, it no longer supports Dynamic Client Registration or Management, and Self-Issued OpenID Provider responses are also not supported.
The new API makes basic setups simple while allowing some degree of complexity where needed.
openid-client@6 is an ESM module using ES2022 syntax and it depends on WebCryptoAPI and Fetch API globals being available in the JS runtime.
openid-client@6 is written in TypeScript and its exported types come with comment annotations.
(Node.js) Versions 20.x and newer have all the necessary globals.
(Node.js) CJS style let client = require('openid-client') is possible in versions where process.features.require_module is true. This is a new Node.js feature slated to be released without a CLI flag in 23.x and 22.x
Published by panva 20 days ago
⚠ BREAKING CHANGES
openid-client v6.x is a complete rewrite of the openid-client module, this is the first time since 0.1.0 (8 years ago) that the API has drastically changed. The new module structure and API focuses on three core principles:
- runtime compatibility (adding support for Deno, Cloudflare Workers, Bun, and other Web API interoperable runtimes)
- tree-shakeability (bundles should not contain features that don't end up being used)
- less options (removing support for processing deprecated response types, cutting down on the number of combinations that need to handled)
To that end openid-client@6 no longer supports the full cartesian matrix of response types and response modes, it no longer supports issuing encrypted assertions, decrypting assertions is limited to only a few algorithms, it no longer supports Dynamic Client Registration or Management, and Self-Issued OpenID Provider responses are also not supported.
The new API makes basic setups simple while allowing some degree of complexity where needed.
openid-client@6 is an ESM module using ES2022 syntax and it depends on WebCryptoAPI and Fetch API globals being available in the JS runtime.
openid-client@6 is written in TypeScript and its exported types come with comment annotations.
(Node.js) Versions 20.x and newer have all the necessary globals. v18.x is being tested in CI as well with the --experimental-global-webcrypto CLI flag.
(Node.js) CJS style let client = require('openid-client') is possible in versions where process.features.require_module is true. This is a new Node.js feature slated to be released without a CLI flag in 23.x and 22.x
Published by github-actions[bot] 10 months ago
Revert "fix: encode client_secret_basic - _ . ! ~ * ' ( ) characters"
This reverts commit 5a2ea80ef5e59ec0c03dbd97d82f551e24a9d348, even though it is the correct implementation some of the most widely used identity providers don't follow the specification.
This release contains only code refactoring, dependency, or documentation updates. The release process now also uses provenance statements.
Features
- JARM is now a stable feature (10e3a37)