@axa-fr/react-oidc 7.13.16 → 7.14.1

package/README.md

@@ -202,11 +202,41 @@ const configuration = {
     onLogoutFromSameTab: Function, // Optional, can be set to override the default behavior, this function is triggered when a user is logged out from the same tab when session_monitor is active
     token_renew_mode: String, // Optional, update tokens based on the selected token(s) lifetime: "access_token_or_id_token_invalid" (default), "access_token_invalid", "id_token_invalid"
     logout_tokens_to_invalidate: Array<string>, // Optional tokens to invalidate during logout, default: ['access_token', 'refresh_token']
-    demonstrating_proof_of_possession: Boolean, // Optional, default is false, if true, the the Demonstrating Proof of Possession will be activated //https://www.rfc-editor.org/rfc/rfc9449.html#name-protected-resource-access
     location: ILOidcLocation, // Optional, default is window.location, you can inject your own location object respecting the ILOidcLocation interface
-  }.isRequired,
+    demonstrating_proof_of_possession: Boolean, // Optional, default is false, if true, the the Demonstrating Proof of Possession will be activated //https://www.rfc-editor.org/rfc/rfc9449.html#name-protected-resource-access
+    demonstrating_proof_of_possession_configuration: DemonstratingProofOfPossessionConfiguration // Optional, more details bellow
+  },
 };
 
+demonstrating_proof_of_possession_configuration: DemonstratingProofOfPossessionConfiguration // Optional, more details bellow
+};
+
+
+interface DemonstratingProofOfPossessionConfiguration {
+  generateKeyAlgorithm:  RsaHashedKeyGenParams | EcKeyGenParams,
+          digestAlgorithm: AlgorithmIdentifier,
+          importKeyAlgorithm: AlgorithmIdentifier | RsaHashedImportParams | EcKeyImportParams | HmacImportParams | AesKeyAlgorithm,
+          signAlgorithm: AlgorithmIdentifier | RsaPssParams | EcdsaParams,
+          jwtHeaderAlgorithm: string
+};
+
+// default value of demonstrating_proof_of_possession_configuration
+const defaultDemonstratingProofOfPossessionConfiguration: DemonstratingProofOfPossessionConfiguration ={
+  importKeyAlgorithm: {
+    name: 'ECDSA',
+    namedCurve: 'P-256',
+    hash: {name: 'ES256'}
+  },
+  signAlgorithm: {name: 'ECDSA', hash: {name: 'SHA-256'}},
+  generateKeyAlgorithm: {
+    name: 'ECDSA',
+    namedCurve: 'P-256'
+  },
+  digestAlgorithm: { name: 'SHA-256' },
+  jwtHeaderAlgorithm : 'ES256'
+};
+
+
 ```
 
 ## How to consume
@@ -590,6 +620,8 @@ More information about OIDC
 
 - [French : Augmentez la sécurité et la simplicité de votre Système d’Information OpenID Connect](https://medium.com/just-tech-it-now/augmentez-la-s%C3%A9curit%C3%A9-et-la-simplicit%C3%A9-de-votre-syst%C3%A8me-dinformation-avec-oauth-2-0-cf0732d71284)
 - [English : Increase the security and simplicity of your information system with openid connect](https://medium.com/just-tech-it-now/increase-the-security-and-simplicity-of-your-information-system-with-openid-connect-fa8c26b99d6d)
+- [English: youtube OIDC](https://www.youtube.com/watch?v=frIJfavZkUE&list=PL8EMdIH6Mzxy2kHtsVOEWqNz-OaM_D_fB&index=1)
+- [French: youtube OIDC](https://www.youtube.com/watch?v=H-mLMGzQ_y0&list=PL8EMdIH6Mzxy2kHtsVOEWqNz-OaM_D_fB&index=2)
 
 ## NextJS
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@axa-fr/react-oidc",
-  "version": "7.13.16",
+  "version": "7.14.1",
   "private": false,
   "type": "module",
   "main": "./dist/index.umd.cjs",
@@ -40,8 +40,8 @@
     "lint": "eslint src"
   },
   "dependencies": {
-    "@axa-fr/oidc-client-service-worker": "7.13.16",
-    "@axa-fr/oidc-client": "7.13.16",
+    "@axa-fr/oidc-client-service-worker": "7.14.1",
+    "@axa-fr/oidc-client": "7.14.1",
     "base64-js": "1.5.1"
   },
   "peerDependencies": {