Skip to content

Latest commit

 

History

History
346 lines (234 loc) · 14.7 KB

CHANGELOG.md

File metadata and controls

346 lines (234 loc) · 14.7 KB

Change Log

v3.1.0 (2023-10-05)

Full Changelog

Added

  • feat: resolve bun/deno compat issues #374 (panva)

v3.0.1 (2023-01-12)

Full Changelog

Fixed

v3.0.0 (2022-11-01)

Full Changelog

⚠️ BREAKING CHANGES

This release drops support for Node 10 and 12

v2.1.5 (2022-10-10)

Full Changelog

Fixed

  • Fix GetVerificationKey typing to include undefined #329 (AaronMoat)

v2.1.4 (2022-06-07)

Full Changelog

Fixed

v2.1.3 (2022-05-20)

Full Changelog

Fixed

v2.1.2 (2022-05-12)

Full Changelog

Fixed

v2.1.1 (2022-05-06)

Full Changelog

Fixed

v2.1.0 (2022-04-26)

Full Changelog

Added

Fixed

  • fix(type): correct the wrong type of the getSigningKey function arg… #289 (stegano)

v2.0.5 (2021-10-15)

Full Changelog

Fixed

[2.0.4] - (2021-07-16)

Fixed

[2.0.3] - (2021-04-20)

Fixed

Security

[2.0.2] - (2021-03-24)

Fixed

[2.0.1] - (2021-03-12)

Added

Fixed

[2.0.0] - (2021-03-01)

With version 2 we have added full JWK/JWS support. With this we have bumped the node version to minimum 10. We have also removed Axios and exposed a fetcher option to allow user's to completely override how the request to the jwksUri endpoint is made.

Breaking Changes

  • Drops support for Node < 10
  • No more callbacks, using async/await(promises)
  • Removed Axios and changed the API to JwksClient

Changes

Added

Changed

Migration Guide from v1 to v2

Proxies

The proxy option has been removed from the JwksClient. Support for it was a little spotty through Axios, and we wanted to allow users to have more control over the flow. Now you can specify your proxy by overriding the requestAgent used with an agent with built-in proxy support, or by completely overriding the request library with the fetcher option.

// OLD
const oldClient = jwksClient({
  jwksUri: 'https://sandrino.auth0.com/.well-known/jwks.json',
  proxy: 'https://username:pass@address:port'
});

// NEW
const HttpsProxyAgent = require('https-proxy-agent');
const newClient = jwksClient({
  jwksUri: 'https://sandrino.auth0.com/.well-known/jwks.json',
  requestAgent: new HttpsProxyAgent('https://username:pass@address:port')
});

Request Agent Options

The library no longer gates what http(s) Agent is used, so we have removed requestAgentOptions and now expose the requestAgent option when creating a jwksClient.

// OLD
const oldClient = jwksClient({
  jwksUri: 'https://sandrino.auth0.com/.well-known/jwks.json',
  requestAgentOptions: {
    ca: fs.readFileSync(caFile)
  }
});

// NEW
const newClient = jwksClient({
  jwksUri: 'https://sandrino.auth0.com/.well-known/jwks.json',
  requestAgent: new https.Agent({
    ca: fs.readFileSync(caFile)
  })
});

Migrated Callbacks to Async/Await

The library no longer supports callbacks. We have migrated to async/await(promises).

// OLD
client.getSigningKey(kid, (err, key) => {
  const signingKey = key.getPublicKey();
});

// NEW
const key = await client.getSigningKey(kid);
const signingKey = key.getPublicKey();

[1.12.3] - (2021-02-25)

Added

  • Add alg to SigningKey types #220 (okko)

Fixed

[1.12.2] - (2021-01-07)

Fixed

  • Added coverage folders to .npmignore

[1.12.1] - (2020-12-29)

Security

[1.12.0] - (2020-12-08)

Added

Deprecation We are deprecating passing in a jwksObject to the client for reasons laid out in #202. In order to load keys from anything other than the jwksUri, please use the getKeysInterceptor.

  const client = new JwksClient({ 
    jwksUri: 'https://my-enterprise-id-provider/.well-known/jwks.json',
    getKeysInterceptor: (cb) => {
      const file = fs.readFileSync(jwksFile);
      return cb(null, file.keys);
    }
  });

[1.11.0] - (2020-10-23)

Added

[1.10.1] - (2020-09-24)

Fixed

[1.10.0] - (2020-09-23)

Added

Fixed

[1.9.0] - (2020-08-18)

Added

Fixed

Security

[1.8.1] - (2020-06-18)

Fixed

  • Fix #139 strictSsl: false option being ignored #146 (kopancek)

Security

[1.8.0] - (2020-04-12)

Added

  • Added timeout with default value of 30s #132 (Cooke)

Changed

Fixed

[1.7.0] - (2020-02-18)

This release includes a change to the default caching mechanism. Caching is on now by default, with the decrease of the default time of 10hours to 10minutes. This change introduces better support for signing key rotation.

Added

Changed

Fixed

[1.6.2] - (2020-01-21)

This patch release includes an alias for accessing the public key of a given JSON Web Key (JWK). This is in response to an unintended breaking change that was introduced as part of the last Typescript definitions change, included in the release with version 1.6.0.

Now, no matter what the public key algorithm is, you can obtain it like this:

client.getSigningKey(kid, (err, jwk) => {
  const publicKey = jwk.getPublicKey();
});

Fixed

[1.6.1] - (2020-01-13)

Changed

[1.6.0] - (2019-07-09)

Added

[1.5.1] - (2019-05-21)

Changed

  • Now includes the jsonwebtoken as a runtime dependency not dev to avoid breaks with 1.5.0 installs
  • Various dependencies in both the library and samples updated

[1.5.0] - (2019-05-09)

Added

[1.4.0] - (2019-02-07)

Added

[1.3.0] - (2018-06-20)

Added

Fixed

[1.2.1] - 2017-10-19

Changed

  • Fixed TypeScript definition

[1.2.0] - 2017-06-27

Added

  • Koa integration

Changed

  • ms updated to v2.0.0