ibm-cloud-sdk-core 4.0.1 → 4.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/.secrets.baseline +13 -3
  2. package/CHANGELOG.md +14 -0
  3. package/auth/token-managers/jwt-token-manager.js +1 -12
  4. package/auth/token-managers/vpc-instance-token-manager.d.ts +1 -1
  5. package/auth/token-managers/vpc-instance-token-manager.js +2 -2
  6. package/es/auth/token-managers/jwt-token-manager.js +2 -13
  7. package/es/auth/token-managers/vpc-instance-token-manager.d.ts +1 -1
  8. package/es/auth/token-managers/vpc-instance-token-manager.js +2 -2
  9. package/package.json +1 -1
package/.secrets.baseline CHANGED
@@ -3,7 +3,7 @@
3
3
  "files": "package-lock.json|^.secrets.baseline$",
4
4
  "lines": null
5
5
  },
6
- "generated_at": "2022-12-20T17:56:56Z",
6
+ "generated_at": "2022-12-31T16:06:01Z",
7
7
  "plugins_used": [
8
8
  {
9
9
  "name": "AWSKeyDetector"
@@ -91,6 +91,16 @@
91
91
  "verified_result": null
92
92
  }
93
93
  ],
94
+ "CHANGELOG.md": [
95
+ {
96
+ "hashed_secret": "bc2f74c22f98f7b6ffbc2f67453dbfa99bce9a32",
97
+ "is_secret": false,
98
+ "is_verified": false,
99
+ "line_number": 6,
100
+ "type": "Secret Keyword",
101
+ "verified_result": null
102
+ }
103
+ ],
94
104
  "README.md": [
95
105
  {
96
106
  "hashed_secret": "32e8612d8ca77c7ea8374aa7918db8e5df9252ed",
@@ -484,7 +494,7 @@
484
494
  "hashed_secret": "a7ef1be18bb8d37af79f3d87761a203378bf26a2",
485
495
  "is_secret": false,
486
496
  "is_verified": false,
487
- "line_number": 145,
497
+ "line_number": 146,
488
498
  "type": "Secret Keyword",
489
499
  "verified_result": null
490
500
  }
@@ -524,7 +534,7 @@
524
534
  }
525
535
  ]
526
536
  },
527
- "version": "0.13.1+ibm.55.dss",
537
+ "version": "0.13.1+ibm.56.dss",
528
538
  "word_list": {
529
539
  "file": null,
530
540
  "hash": null
package/CHANGELOG.md CHANGED
@@ -1,3 +1,17 @@
1
+ ## [4.0.3](https://github.com/IBM/node-sdk-core/compare/v4.0.2...v4.0.3) (2023-01-09)
2
+
3
+
4
+ ### Bug Fixes
5
+
6
+ * **VpcInstanceAuthenticator:** use correct version string ([4a1411a](https://github.com/IBM/node-sdk-core/commit/4a1411a76a09e9b1ade2c94bd98e63f79d845494))
7
+
8
+ ## [4.0.2](https://github.com/IBM/node-sdk-core/compare/v4.0.1...v4.0.2) (2022-12-30)
9
+
10
+
11
+ ### Bug Fixes
12
+
13
+ * **auth:** revert to using decode instead verify for jwt ([#227](https://github.com/IBM/node-sdk-core/issues/227)) ([cf3d641](https://github.com/IBM/node-sdk-core/commit/cf3d64106f35943c34f2a9c5d1b4de63994aed2a))
14
+
1
15
  ## [4.0.1](https://github.com/IBM/node-sdk-core/compare/v4.0.0...v4.0.1) (2022-12-29)
2
16
 
3
17
 
package/auth/token-managers/jwt-token-manager.js CHANGED
@@ -100,18 +100,7 @@ var JwtTokenManager = /** @class */ (function (_super) {
100
100
  logger_1.default.error(err);
101
101
  throw new Error(err);
102
102
  }
103
- var decodedResponse;
104
- try {
105
- decodedResponse = (0, jsonwebtoken_1.verify)(this.accessToken);
106
- }
107
- catch (e) {
108
- // the token is either an invalid JWT or it could not be verified
109
- logger_1.default.error('Failed to verify the JWT. See error message:');
110
- logger_1.default.error(e);
111
- throw new Error(e);
112
- }
113
- // the 'catch' method above should handle any verificiation/decoding issues but
114
- // this check is here as a failsafe
103
+ var decodedResponse = (0, jsonwebtoken_1.decode)(this.accessToken);
115
104
  if (!decodedResponse) {
116
105
  var err = 'Access token recieved is not a valid JWT';
117
106
  logger_1.default.error(err);
package/auth/token-managers/vpc-instance-token-manager.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  /**
2
- * (C) Copyright IBM Corp. 2021, 2022.
2
+ * (C) Copyright IBM Corp. 2021, 2023.
3
3
  *
4
4
  * Licensed under the Apache License, Version 2.0 (the "License");
5
5
  * you may not use this file except in compliance with the License.
package/auth/token-managers/vpc-instance-token-manager.js CHANGED
@@ -1,6 +1,6 @@
1
1
  "use strict";
2
2
  /**
3
- * (C) Copyright IBM Corp. 2021, 2022.
3
+ * (C) Copyright IBM Corp. 2021, 2023.
4
4
  *
5
5
  * Licensed under the Apache License, Version 2.0 (the "License");
6
6
  * you may not use this file except in compliance with the License.
@@ -74,7 +74,7 @@ var logger_1 = __importDefault(require("../../lib/logger"));
74
74
  var utils_1 = require("../utils");
75
75
  var jwt_token_manager_1 = require("./jwt-token-manager");
76
76
  var DEFAULT_IMS_ENDPOINT = 'http://169.254.169.254';
77
- var METADATA_SERVICE_VERSION = '2021-09-20';
77
+ var METADATA_SERVICE_VERSION = '2022-03-01';
78
78
  /**
79
79
  * Token Manager for VPC Instance Authentication.
80
80
  */
package/es/auth/token-managers/jwt-token-manager.js CHANGED
@@ -14,7 +14,7 @@
14
14
  * See the License for the specific language governing permissions and
15
15
  * limitations under the License.
16
16
  */
17
- import { verify } from 'jsonwebtoken';
17
+ import { decode } from 'jsonwebtoken';
18
18
  import logger from '../../lib/logger';
19
19
  import { TokenManager } from './token-manager';
20
20
  /**
@@ -65,18 +65,7 @@ export class JwtTokenManager extends TokenManager {
65
65
  logger.error(err);
66
66
  throw new Error(err);
67
67
  }
68
- let decodedResponse;
69
- try {
70
- decodedResponse = verify(this.accessToken);
71
- }
72
- catch (e) {
73
- // the token is either an invalid JWT or it could not be verified
74
- logger.error('Failed to verify the JWT. See error message:');
75
- logger.error(e);
76
- throw new Error(e);
77
- }
78
- // the 'catch' method above should handle any verificiation/decoding issues but
79
- // this check is here as a failsafe
68
+ const decodedResponse = decode(this.accessToken);
80
69
  if (!decodedResponse) {
81
70
  const err = 'Access token recieved is not a valid JWT';
82
71
  logger.error(err);
package/es/auth/token-managers/vpc-instance-token-manager.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  /**
2
- * (C) Copyright IBM Corp. 2021, 2022.
2
+ * (C) Copyright IBM Corp. 2021, 2023.
3
3
  *
4
4
  * Licensed under the Apache License, Version 2.0 (the "License");
5
5
  * you may not use this file except in compliance with the License.
package/es/auth/token-managers/vpc-instance-token-manager.js CHANGED
@@ -1,5 +1,5 @@
1
1
  /**
2
- * (C) Copyright IBM Corp. 2021, 2022.
2
+ * (C) Copyright IBM Corp. 2021, 2023.
3
3
  *
4
4
  * Licensed under the Apache License, Version 2.0 (the "License");
5
5
  * you may not use this file except in compliance with the License.
@@ -26,7 +26,7 @@ import logger from '../../lib/logger';
26
26
  import { atMostOne } from '../utils';
27
27
  import { JwtTokenManager } from './jwt-token-manager';
28
28
  const DEFAULT_IMS_ENDPOINT = 'http://169.254.169.254';
29
- const METADATA_SERVICE_VERSION = '2021-09-20';
29
+ const METADATA_SERVICE_VERSION = '2022-03-01';
30
30
  /**
31
31
  * Token Manager for VPC Instance Authentication.
32
32
  */
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "ibm-cloud-sdk-core",
3
- "version": "4.0.1",
3
+ "version": "4.0.3",
4
4
  "description": "Core functionality to support SDKs generated with IBM's OpenAPI SDK Generator.",
5
5
  "main": "index.js",
6
6
  "typings": "./es/index.d.ts",