Skip to content

Releases: panva/oauth4webapi

v2.0.6

16 Dec 10:17
Compare
Choose a tag to compare

Fixes

  • build: fixup user agent version after version bump (e1c3ed8)

v2.0.5

11 Dec 20:58
Compare
Choose a tag to compare

This release contains only code refactoring and documentation updates.

v2.0.4

27 Nov 20:51
Compare
Choose a tag to compare

Refactor

  • weak maps instead of symbols (e551edc)

v2.0.3

25 Nov 08:40
Compare
Choose a tag to compare

Fixes

  • omit zealous response cloning() to reduce edge compute memory bills (a785223), closes #37

v2.0.1

21 Nov 11:56
Compare
Choose a tag to compare

Fixes

  • claims parameter encoding in issued request objects (3eb165a)

Performance

  • cache public DPoP CryptoKey's JWK representation for re-use (2858d06)

v2.0.0

20 Nov 19:45
Compare
Choose a tag to compare

⚠ BREAKING CHANGES

  • Use the TLS server validation in processAuthorizationCodeOpenIDResponse to validate the issuer instead of checking the ID Token's signature. The function's options argument was removed.
  • Use the TLS server validation in processDeviceCodeResponse to validate the issuer instead of checking the optional ID Token's signature. The function's options argument was removed.
  • Use the TLS server validation in processIntrospectionResponse to validate the issuer instead of checking the optional JWT Introspection Response signature. The function's options argument was removed.
  • Use the TLS server validation in processRefreshTokenResponse to validate the issuer instead of checking the optional ID Token's signature. The function's options argument was removed.
  • Use the TLS server validation in processUserInfoResponse to validate the issuer instead of checking the optional JWT UserInfo Response signature. The function's options argument was removed.
  • PAR w/ DPoP no longer automatically adds dpop_jkt to the authorization request.
  • Removed calculateJwkThumbprint function export.
  • Removed jwksRequest function export.
  • Removed processJwksResponse function export.

Refactor

  • remove ignored and unused exports (4a545df)
  • use TLS server validation instead of jwt signature validations (f728110)

v1.4.1

20 Nov 18:37
Compare
Choose a tag to compare

Refactor

  • deno: add mod.ts to deno.land/x (0778278)
  • use RsaHashedKeyAlgorithm in checkRsaKeyAlgorithm (94aa31c)

v1.4.0

08 Nov 08:51
Compare
Choose a tag to compare

Features

  • add bun as a supported runtime (707efd1)

v1.3.0

31 Oct 09:35
Compare
Choose a tag to compare

Features

  • allow to skip JWT signature validation on select responses (44d9114)

v1.2.2

04 Nov 16:34
Compare
Choose a tag to compare

Refactor

  • add a type check on AbortSignal (b013fef)
  • align argument and function names in assert functions (8ea65f6)
  • update "as" error messages (3e894f5)