OAuth 2 / OpenID Connect for JavaScript Runtimes
MIT License
Bot releases are visible (Hide)
Published by github-actions[bot] 10 months ago
Revert "fix: encode client_secret_basic - _ . ! ~ * ' ( ) characters"
This reverts commit f926175cdf6caa467029a57e76375054fff7c57b, even though it is the correct implementation some of the most widely used identity providers don't follow the specification.
Published by github-actions[bot] 10 months ago
Published by panva over 1 year ago
This release was merely to test release automation. NPM releases now include provenance statements.
Published by github-actions[bot] over 1 year ago
// client's local clock is mistakenly 1 hour in the past
const client: oauth.Client = {
client_id: 'abc4ba37-4ab8-49b5-99d4-9441ba35d428',
// ... other metadata
[oauth.clockSkew]: +(60 * 60),
}
// client's local clock is mistakenly 1 hour in the future
const client: oauth.Client = {
client_id: 'abc4ba37-4ab8-49b5-99d4-9441ba35d428',
// ... other metadata
[oauth.clockSkew]: -(60 * 60),
}
// Tolerate 30 seconds clock skew when validating JWT claims like `exp` or `nbf`.
const client: oauth.Client = {
client_id: 'abc4ba37-4ab8-49b5-99d4-9441ba35d428',
// ... other metadata
[oauth.clockTolerance]: 30,
}
processAuthorizationCodeOpenIDResponse
to validate the issuer instead of checking the ID Token's signature. The function's options
argument was removed.processDeviceCodeResponse
to validate the issuer instead of checking the optional ID Token's signature. The function's options
argument was removed.processIntrospectionResponse
to validate the issuer instead of checking the optional JWT Introspection Response signature. The function's options
argument was removed.processRefreshTokenResponse
to validate the issuer instead of checking the optional ID Token's signature. The function's options
argument was removed.processUserInfoResponse
to validate the issuer instead of checking the optional JWT UserInfo Response signature. The function's options
argument was removed.dpop_jkt
to the authorization request.calculateJwkThumbprint
function export.jwksRequest
function export.processJwksResponse
function export.