Skip to content

Development #260

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 135 commits into from
Nov 7, 2023
Merged

Development #260

Changes from 1 commit
Commits
Show all changes
135 commits
Select commit Hold shift + click to select a range
3a7e198
refactor: Remove util.inherits #70
Dec 18, 2021
9460888
refactor: Remove util.inherits #70
Dec 18, 2021
60afc18
refactor: Remove util.inherits #70
Dec 19, 2021
c73b5b2
change Object.assign to spread operator
Dec 19, 2021
1d7b401
captureStackTrace removed from OAuthError constructor
Dec 19, 2021
186d85f
fix super constructor call OAuthError
Dec 21, 2021
ab48e15
OAuthError unit test
Dec 21, 2021
c2e6409
revert package.json
Feb 1, 2022
6536fe2
Merge branch 'development-upstream' into development
Jul 22, 2022
bb96022
Merge branch 'development' into development
jankapunkt Mar 21, 2023
f2f6c21
Merge branch 'master' into development
jankapunkt Jun 6, 2023
e00a630
Update authorization-code-grant-type.js
jankapunkt Jun 8, 2023
9fd04f6
refactor(deps): remove util.inherits #70
jankapunkt Jun 8, 2023
126ceff
breaking(deps): remove bluebird and promisify-any
jankapunkt Jun 9, 2023
5454497
docs: add 5.0.0 to changelog
jankapunkt Jun 9, 2023
085b13d
docs: add 5.x note to readme
jankapunkt Jun 9, 2023
2627848
docs: add 5.x to security policy
jankapunkt Jun 9, 2023
cf2adba
build(core): bump node 14 to 16
jankapunkt Jun 9, 2023
2563e7b
fix: replace Promise. calls in async functions with native behaviour
jankapunkt Jun 13, 2023
e1fdc23
fix(tests): replace Promise. calls with native async behaviour where …
jankapunkt Jun 13, 2023
18c6663
build(deps-dev): bump sinon from 15.1.0 to 15.2.0
dependabot[bot] Jun 20, 2023
0448856
Merge branch 'development' into dependabot/npm_and_yarn/sinon-15.2.0
jankapunkt Jun 22, 2023
3d766a7
refactor: use native promises and async/await, drop bluebird and prom…
jankapunkt Jun 22, 2023
9b68723
relase(pre): 5.0.0-rc.0
jankapunkt Jun 22, 2023
1e8a156
build(deps-dev): bump eslint from 8.42.0 to 8.44.0
dependabot[bot] Jul 3, 2023
8dd11fe
fix(pkce): get code_challenge and _method from query if not present i…
jankapunkt Jul 10, 2023
cc643fe
fix(pkce): get code_challenge and _method from query if not present i…
jankapunkt Jul 12, 2023
64da4eb
Merge branch 'development' into dependabot/npm_and_yarn/sinon-15.2.0
jankapunkt Jul 13, 2023
ececdd1
Merge branch 'development' into dependabot/npm_and_yarn/eslint-8.44.0
jankapunkt Jul 13, 2023
7b940ec
Merge pull request #195 from node-oauth/dependabot/npm_and_yarn/eslin…
jankapunkt Jul 15, 2023
7ca480e
build(deps-dev): bump eslint from 8.42.0 to 8.46.0
dependabot[bot] Jul 28, 2023
69cdd2c
Fix generateAuthorizationCode not being awaited
MaximilianGaedig Aug 2, 2023
f198623
Update authorization_code test
MaximilianGaedig Aug 2, 2023
47916a7
fix: await generateAuthorizationCode in authorize-handler
jankapunkt Aug 2, 2023
dd2f9b8
Merge branch 'development' into dependabot/npm_and_yarn/eslint-8.46.0
jankapunkt Aug 2, 2023
18caaba
Merge branch 'development' into dependabot/npm_and_yarn/sinon-15.2.0
jankapunkt Aug 2, 2023
f869d39
fix(ci): install oauth2-server from current ref in actions
jankapunkt Aug 2, 2023
35a02b9
Merge pull request #205 from node-oauth/fix-ci-release-tests
jankapunkt Aug 2, 2023
35e056d
Merge pull request #201 from node-oauth/dependabot/npm_and_yarn/eslin…
jankapunkt Aug 2, 2023
4b0459e
Merge pull request #193 from node-oauth/dependabot/npm_and_yarn/sinon…
jankapunkt Aug 2, 2023
aeffa48
docs: update changelog
jankapunkt Aug 2, 2023
7ebf3aa
types: update supported version to 5.0.0
jankapunkt Aug 2, 2023
471af88
release: 5.0.0-rc.1
jankapunkt Aug 2, 2023
bf2dae9
build(deps-dev): bump sinon from 15.1.0 to 15.2.0
dependabot[bot] Aug 2, 2023
68d01ad
Marked verifyScope function as optional in model types.
shrihari-prakash Aug 4, 2023
6c4f73a
Fix PR comments.
shrihari-prakash Aug 4, 2023
1718df3
Merge branch 'development' into verify-scope-fix
jankapunkt Aug 4, 2023
e29410b
types: marked verifyScope function as optional #209 fix #202
jankapunkt Aug 4, 2023
3bffe8b
Removed callback support in typings.
shrihari-prakash Aug 4, 2023
6cfb8f0
Merge pull request #211 from shrihari-prakash/release-5.0.0
jankapunkt Aug 4, 2023
320f947
Merge pull request #206 from node-oauth/dependabot/npm_and_yarn/sinon…
jankapunkt Aug 7, 2023
f6db51a
Fixed getUserFromClient not awaited.
shrihari-prakash Aug 15, 2023
fc8f4dc
Merge branch 'node-oauth:release-5.0.0' into release-5.0.0
shrihari-prakash Aug 15, 2023
bfc4e8f
Added tests.
shrihari-prakash Aug 15, 2023
204aa1d
Merge branch 'release-5.0.0' of https://github.com/node-oauth/node-oa…
shrihari-prakash Aug 15, 2023
76c1c62
Merge branch 'release-5.0.0' of https://github.com/shrihari-prakash/n…
shrihari-prakash Aug 15, 2023
c299425
fix: await getUserFromClient in client credentials grant
jankapunkt Aug 15, 2023
c6682a6
publish 5.0.0-rc.2
jankapunkt Aug 15, 2023
e4e2834
Convert TokenModel to an ES6 class and extract utils function for cal…
menewman Aug 16, 2023
74f07c3
refactor: convert TokenModel to an ES6 class and extract utils functi…
jankapunkt Aug 17, 2023
704d917
tests(compliance): added client credential workflow compliance tests
jankapunkt Aug 17, 2023
f0259db
tests(integration): grant types integration tests model integration c…
jankapunkt Aug 17, 2023
0d142f0
Convert Request, Response, CodeResponseType, TokenResponseType to ES6…
menewman Aug 17, 2023
9bf64c4
tests(integration): deep cover refresh-token grant type
jankapunkt Aug 22, 2023
92cc613
tests(integration): deep cover authenticte handler
jankapunkt Aug 22, 2023
323c91b
tests(unit): improve coverage for TokenModel
jankapunkt Aug 22, 2023
fde0915
tests(unit): improve coverage for crypto util
jankapunkt Aug 22, 2023
c0593ef
tests(integration): deep-cover model integration in AuthorizeHandler …
jankapunkt Aug 22, 2023
d3c68d3
refactored abstract-grant-type
jorenvandeweyer Aug 26, 2023
9cbe92e
refactored authenticate-handler
jorenvandeweyer Aug 26, 2023
900dff5
refactored authorize-handler
jorenvandeweyer Aug 26, 2023
cc99be5
refactored token-handler
jorenvandeweyer Aug 26, 2023
d38b75c
refactored bearer-token-type
jorenvandeweyer Aug 26, 2023
8984d59
refactored mac-token-type
jorenvandeweyer Aug 26, 2023
65c5f17
refactored server
jorenvandeweyer Aug 26, 2023
fc403c3
fix critical bug for scope validation
jorenvandeweyer Aug 26, 2023
c1fb9d4
tests: add deep integration tests (part I)
jankapunkt Aug 26, 2023
f460371
fix: critical scope validation bug resolved
jankapunkt Aug 26, 2023
a23d682
Use types.flat() to handle 'is' arguments
menewman Aug 26, 2023
4c7927a
Merge branch 'development' into fix-convert-request-response-classes-…
menewman Aug 26, 2023
8ea6699
Push unit tests that verify that prototype methods can't be overwritten
menewman Aug 26, 2023
0f8c792
revoke code before validating redirect uri
jorenvandeweyer Aug 26, 2023
45eef09
refactor: convert Request, Response, CodeResponseType, TokenResponseT…
jankapunkt Aug 26, 2023
2b559ab
Merge branch 'development' into feature/refactor-to-es6
jankapunkt Aug 26, 2023
6f8d0d6
Merge branch 'development' into bugfix/revoke-authorization-code-earlier
jankapunkt Aug 26, 2023
aaf28b4
refactor: convert remaining grant-types, handlers and token types to…
jankapunkt Aug 26, 2023
8dfd3cc
Merge branch 'development' into bugfix/revoke-authorization-code-earlier
jankapunkt Aug 26, 2023
48baa8b
fix: revoke code before validating redirect uri
jankapunkt Aug 26, 2023
39fbe66
improve bearer validation
jorenvandeweyer Aug 27, 2023
5ce41cc
Merge branch 'development' into bugfix/bearer-validation
jankapunkt Aug 28, 2023
6758bff
Merge branch 'development' into release-5.0.0
jankapunkt Aug 29, 2023
51f85c9
changed \s to space
jorenvandeweyer Aug 29, 2023
028e020
update minimum nodejs version in release test workflow
jorenvandeweyer Aug 29, 2023
a6bccbe
made badges clickable
jorenvandeweyer Aug 29, 2023
b9d4093
docs: made badges clickable
jankapunkt Aug 29, 2023
a42dc06
rewrote the scope validation
jorenvandeweyer Sep 9, 2023
2221751
removed callbacks from docs
jorenvandeweyer Sep 9, 2023
716b52e
forgot a single scope
jorenvandeweyer Sep 10, 2023
3e30107
release 5.0.0-rc,3
jankapunkt Sep 18, 2023
9c8c05b
Merge branch 'development' into release-5.0.0
jankapunkt Sep 18, 2023
4962cd9
Merge branch 'development' into bugfix/bearer-validation
jankapunkt Sep 27, 2023
45eb687
Merge branch 'release-5.0.0' into feature/scope-validation
jankapunkt Sep 27, 2023
8ce21a4
Merge branch 'feature/scope-validation' of github.com:jorenvandeweyer…
jorenvandeweyer Sep 27, 2023
0d4e5f3
added extra test for coverage
jorenvandeweyer Sep 27, 2023
d50cb2d
fix: use array scope and do not ignore scope on refresh token call
jankapunkt Sep 28, 2023
be1602f
fix: use improved bearer token vlaidation regex
jankapunkt Sep 28, 2023
ed1f8a3
Merge branch 'development' into release-5.0.0
jankapunkt Sep 28, 2023
6d7a990
remove invalid bearer token that was used in test
jorenvandeweyer Sep 28, 2023
85d0a79
Merge pull request #243 from jorenvandeweyer/bugfix/invalid-bearer
jankapunkt Sep 28, 2023
1c40926
publish 5.0.0-rc.4
jankapunkt Sep 29, 2023
da3dc54
fix typing of revokeToken
jorenvandeweyer Oct 7, 2023
782af2a
Merge pull request #247 from jorenvandeweyer/bugfix/revoke-token-typing
jankapunkt Oct 8, 2023
d41585b
pass client to model function
jorenvandeweyer Oct 25, 2023
d012193
fixed typo
jorenvandeweyer Oct 26, 2023
b97f6c7
Merge pull request #256 from jorenvandeweyer/feature/pass-client-to-g…
jankapunkt Oct 26, 2023
ca43d4a
fix(pkce): get code challenge and method from either body or query (r…
jankapunkt Nov 1, 2023
eb9f123
build: publish release 5.0.0-rc.5
jankapunkt Nov 1, 2023
7e2abee
docs: add readthedocs v2 config file
jankapunkt Nov 6, 2023
f3e2438
docs: sphinx conf updated to v2 compatible
jankapunkt Nov 6, 2023
6d27e3f
docs: merged master docs into 5.0.0
jankapunkt Nov 6, 2023
1da9837
docs: add migrating to v5 topic
jankapunkt Nov 6, 2023
ff8cdad
docs: add missing adapters and getting started guide
jankapunkt Nov 6, 2023
f06f2fd
docs: update sphinx conf and index toc
jankapunkt Nov 6, 2023
7f18e08
docs: use requirements files to install themes and plugins
jankapunkt Nov 6, 2023
da9ce1a
docs: update rtd config
jankapunkt Nov 6, 2023
3991a8c
docs: remove requirements
jankapunkt Nov 6, 2023
72f3675
docs: remove build using requirements files
jankapunkt Nov 6, 2023
fb59e30
docs: add multiple documentation links
jankapunkt Nov 6, 2023
937d9a7
docs: fix table of contents
jankapunkt Nov 6, 2023
a4f2145
docs: add sphinx rtd theme
jankapunkt Nov 6, 2023
1858669
docs: install sphinx theme with python
jankapunkt Nov 6, 2023
a7a1b25
published release 5.0.0
jankapunkt Nov 6, 2023
ca71f60
Merge pull request #194 from node-oauth/release-5.0.0
jankapunkt Nov 6, 2023
05c4dfc
Merge branch 'master' into development
jankapunkt Nov 6, 2023
9515530
refactor: readd removed files after merge-override
jankapunkt Nov 7, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
fix(pkce): get code_challenge and _method from query if not present i… 
…n body
  • Loading branch information
@jankapunkt
jankapunkt committed Jul 10, 2023
commit 8dd11feddd63c653a5a5b357a3ee4b5b9fa59b58
4 changes: 2 additions & 2 deletions lib/handlers/authorize-handler.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -369,7 +369,7 @@ AuthorizeHandler.prototype.updateResponse = function(response, redirectUri, stat
};

AuthorizeHandler.prototype.getCodeChallenge = function(request) {
return request.body.code_challenge;
return request.body.code_challenge || request.query.code_challenge;
};

/**
Expand All @@ -380,7 +380,7 @@ AuthorizeHandler.prototype.getCodeChallenge = function(request) {
* (see https://www.rfc-editor.org/rfc/rfc7636#section-4.4)
*/
AuthorizeHandler.prototype.getCodeChallengeMethod = function(request) {
const algorithm = request.body.code_challenge_method;
const algorithm = request.body.code_challenge_method || request.query.code_challenge_method;

if (algorithm && !pkce.isValidMethod(algorithm)) {
throw new InvalidRequestError(`Invalid request: transform algorithm '${algorithm}' not supported`);
Expand Down