oauth4webapi 2.4.3 → 2.4.4

package/README.md

@@ -43,7 +43,7 @@ import * as oauth2 from 'oauth4webapi'
 **`example`** Deno import
 
 ```js
-import * as oauth2 from 'https://deno.land/x/oauth4webapi@v2.4.3/mod.ts'
+import * as oauth2 from 'https://deno.land/x/oauth4webapi@v2.4.4/mod.ts'
 ```
 
 - Authorization Code Flow - OpenID Connect [source](examples/code.ts), or plain OAuth 2 [source](examples/oauth.ts)

package/build/index.d.ts

@@ -689,7 +689,7 @@ export interface OAuth2Error {
  * @group Refreshing an Access Token
  * @group Pushed Authorization Requests (PAR)
  */
-export declare function isOAuth2Error(input?: ReturnTypes): input is OAuth2Error;
+export declare function isOAuth2Error(input?: TokenEndpointResponse | OAuth2TokenEndpointResponse | OpenIDTokenEndpointResponse | ClientCredentialsGrantResponse | DeviceAuthorizationResponse | IntrospectionResponse | OAuth2Error | PushedAuthorizationResponse | URLSearchParams | UserInfoResponse): input is OAuth2Error;
 export interface WWWAuthenticateChallengeParameters {
     readonly realm?: string;
     readonly error?: string;
@@ -768,7 +768,7 @@ export interface ProtectedResourceRequestOptions extends Omit<HttpRequestOptions
  * @see [RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage](https://www.rfc-editor.org/rfc/rfc6750.html#section-2.1)
  * @see [RFC 9449 - OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer (DPoP)](https://www.rfc-editor.org/rfc/rfc9449.html#name-protected-resource-access)
  */
-export declare function protectedResourceRequest(accessToken: string, method: 'GET' | 'POST' | 'PUT' | 'DELETE' | 'PATCH' | string, url: URL, headers: Headers, body: RequestInit['body'], options?: ProtectedResourceRequestOptions): Promise<Response>;
+export declare function protectedResourceRequest(accessToken: string, method: 'GET' | 'POST' | 'PUT' | 'DELETE' | 'PATCH' | string, url: URL, headers: Headers, body?: ReadableStream | Blob | ArrayBufferView | ArrayBuffer | FormData | URLSearchParams | string | null, options?: ProtectedResourceRequestOptions): Promise<Response>;
 export interface UserInfoRequestOptions extends HttpRequestOptions, DPoPRequestOptions {
 }
 /**
@@ -1222,7 +1222,6 @@ export declare const expectNoState: unique symbol;
  * @see [RFC 9207 - OAuth 2.0 Authorization Server Issuer Identification](https://www.rfc-editor.org/rfc/rfc9207.html)
  */
 export declare function validateAuthResponse(as: AuthorizationServer, client: Client, parameters: URLSearchParams | URL, expectedState?: string | typeof expectNoState | typeof skipStateCheck): URLSearchParams | OAuth2Error;
-type ReturnTypes = TokenEndpointResponse | OAuth2TokenEndpointResponse | OpenIDTokenEndpointResponse | ClientCredentialsGrantResponse | DeviceAuthorizationResponse | IntrospectionResponse | OAuth2Error | PushedAuthorizationResponse | URLSearchParams | UserInfoResponse;
 export interface DeviceAuthorizationRequestOptions extends HttpRequestOptions, AuthenticatedRequestOptions {
 }
 /**

package/build/index.js

@@ -1,7 +1,7 @@
 let USER_AGENT;
 if (typeof navigator === 'undefined' || !navigator.userAgent?.startsWith?.('Mozilla/5.0 ')) {
     const NAME = 'oauth4webapi';
-    const VERSION = 'v2.4.3';
+    const VERSION = 'v2.4.4';
     USER_AGENT = `${NAME}/${VERSION}`;
 }
 export const clockSkew = Symbol();
@@ -128,11 +128,15 @@ const SUPPORTED_JWS_ALGS = [
     'EdDSA',
 ];
 function processDpopNonce(response) {
-    const url = new URL(response.url);
-    if (response.headers.has('dpop-nonce')) {
-        dpopNonces.set(url.origin, response.headers.get('dpop-nonce'));
+    try {
+        if (response.headers.has('dpop-nonce')) {
+            const url = new URL(response.url);
+            dpopNonces.set(url.origin, response.headers.get('dpop-nonce'));
+        }
+    }
+    finally {
+        return response;
     }
-    return response;
 }
 function normalizeTyp(value) {
     return value.toLowerCase().replace(/^application\//, '');

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "oauth4webapi",
-  "version": "2.4.3",
+  "version": "2.4.4",
   "description": "OAuth 2 / OpenID Connect for JavaScript Runtimes",
   "keywords": [
     "auth",
@@ -47,7 +47,7 @@
     "build/index.d.ts"
   ],
   "scripts": {
-    "_format": "find src test tap examples conformance -type f -name '*.ts' -o -name '*.mjs' -name '*.cjs' | xargs prettier",
+    "_format": "find src test tap examples conformance -type f -name '*.ts' -o -name '*.mjs' -o -name '*.cjs' | xargs prettier",
     "build": "rm -rf build && tsc && tsc --declaration true --emitDeclarationOnly true --removeComments false && tsc -p test && tsc -p examples && tsc -p conformance && tsc -p tap",
     "conformance": "bash -c 'source .node_flags.sh && ava --config conformance/ava.config.ts'",
     "docs": "patch-package && typedoc",
@@ -63,21 +63,28 @@
     "test": "bash -c 'source .node_flags.sh && ava'"
   },
   "devDependencies": {
-    "@types/node": "^20.10.6",
+    "@koa/cors": "^5.0.0",
+    "@types/koa__cors": "^5.0.0",
+    "@types/node": "^20.10.8",
+    "@types/oidc-provider": "^8.4.3",
     "@types/qunit": "^2.19.9",
     "ava": "^5.3.1",
+    "chrome-launcher": "^1.1.0",
     "edge-runtime": "^2.5.7",
     "esbuild": "^0.19.11",
     "jose": "^5.2.0",
+    "oidc-provider": "^8.4.4",
     "patch-package": "^8.0.0",
     "prettier": "^3.1.1",
     "prettier-plugin-jsdoc": "^1.3.0",
+    "puppeteer-core": "^21.7.0",
     "qunit": "^2.20.0",
+    "raw-body": "^2.5.2",
     "timekeeper": "^2.3.1",
     "tsx": "^4.7.0",
-    "typedoc": "^0.25.6",
+    "typedoc": "^0.25.7",
     "typedoc-plugin-markdown": "^3.17.1",
-    "typedoc-plugin-mdn-links": "^3.1.10",
+    "typedoc-plugin-mdn-links": "^3.1.11",
     "typescript": "^5.3.3",
     "undici": "^5.28.2"
   }