openid-client 3.15.5 → 3.15.9

package/CHANGELOG.md

@@ -2,6 +2,37 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [3.15.9](https://github.com/panva/node-openid-client/compare/v3.15.8...v3.15.9) (2020-07-26)
+
+
+### Bug Fixes
+
+* **typescript:** max_age in AuthorizationParameters is a number ([5ce2a73](https://github.com/panva/node-openid-client/commit/5ce2a733890dba6ba2bc2f8f296a4235c0c5cdd6)), closes [#279](https://github.com/panva/node-openid-client/issues/279)
+
+
+
+## [3.15.8](https://github.com/panva/node-openid-client/compare/v3.15.7...v3.15.8) (2020-07-17)
+
+
+### Bug Fixes
+
+* allow AAD appid including discovery URLs to be multi-tenant ([c27caab](https://github.com/panva/node-openid-client/commit/c27caab9b9df92b591c4f0491fd2ec346ff48988))
+
+
+
+## [3.15.7](https://github.com/panva/node-openid-client/compare/v3.15.6...v3.15.7) (2020-07-16)
+
+
+
+## [3.15.6](https://github.com/panva/node-openid-client/compare/v3.15.5...v3.15.6) (2020-07-06)
+
+
+### Bug Fixes
+
+* merge helper returns modified object, leftovers removed ([2e3339b](https://github.com/panva/node-openid-client/commit/2e3339bd82297d6e37574e007b8a443087f3291e))
+
+
+
 ## [3.15.5](https://github.com/panva/node-openid-client/compare/v3.15.4...v3.15.5) (2020-06-26)
 
 

package/README.md

@@ -47,7 +47,7 @@ openid-client.
 
 ## Certification
 [<img width="184" height="96" align="right" src="https://cdn.jsdelivr.net/gh/panva/node-openid-client@38cf016b0837e6d4116de3780b28d222d5780bc9/OpenID_Certified.png" alt="OpenID Certification">][openid-certified-link]  
-Filip Skokan has [certified][openid-certified-link] that [oidc-provider][npm-url]
+Filip Skokan has [certified][openid-certified-link] that [openid-client][npm-url]
 conforms to the following profiles of the OpenID Connect™ protocol
 
 - RP [Basic](https://openid.net/wordpress-content/uploads/2019/05/FilipSkokan_openid-client_RP-Basic-11-May-2019.zip), [Implicit](https://openid.net/wordpress-content/uploads/2019/05/FilipSkokan_openid-client_RP-Implicit-11-May-2019.zip), [Hybrid](https://openid.net/wordpress-content/uploads/2019/05/FilipSkokan_openid-client_RP-Hybrid-11-May-2019.zip), [Config](https://openid.net/wordpress-content/uploads/2019/05/FilipSkokan_openid-client_RP-Config-11-May-2019.zip), [Dynamic](https://openid.net/wordpress-content/uploads/2019/05/FilipSkokan_openid-client_RP-Dynamic-11-May-2019.zip), and [Form Post](https://openid.net/wordpress-content/uploads/2019/05/FilipSkokan_openid-client_RP-FormPost-11-May-2019.zip)
@@ -261,8 +261,7 @@ private API and is subject to change between any versions.
 #### How do I use it outside of Node.js
 
 It is **only built for ^10.13.0 || >=12.0.0 Node.js** environment - including openid-client in
-transpiled browser-environment targeted projects is not supported and may result in unexpected
-results.
+browser-environment targeted projects is not supported and may result in unexpected results.
 
 #### What's new in 3.x?
 

package/lib/helpers/consts.js

@@ -2,12 +2,12 @@ const OIDC_DISCOVERY = '/.well-known/openid-configuration';
 const OAUTH2_DISCOVERY = '/.well-known/oauth-authorization-server';
 const WEBFINGER = '/.well-known/webfinger';
 const REL = 'http://openid.net/specs/connect/1.0/issuer';
-const AAD_MULTITENANT_DISCOVERY = new Set([
+const AAD_MULTITENANT_DISCOVERY = [
   `https://login.microsoftonline.com/common${OIDC_DISCOVERY}`,
   `https://login.microsoftonline.com/common/v2.0${OIDC_DISCOVERY}`,
   `https://login.microsoftonline.com/organizations/v2.0${OIDC_DISCOVERY}`,
   `https://login.microsoftonline.com/consumers/v2.0${OIDC_DISCOVERY}`,
-]);
+];
 
 const CLIENT_DEFAULTS = {
   grant_types: ['authorization_code'],

package/lib/helpers/defaults.js

@@ -1,13 +1,17 @@
-/* eslint-disable no-restricted-syntax */
+/* eslint-disable no-restricted-syntax, no-continue */
 
 const isPlainObject = require('./is_plain_object');
 
 function defaults(deep, target, ...sources) {
   for (const source of sources) {
     if (!isPlainObject(source)) {
-      continue; // eslint-disable-line no-continue
+      continue;
     }
     for (const [key, value] of Object.entries(source)) {
+      /* istanbul ignore if */
+      if (key === '__proto__' || key === 'constructor') {
+        continue;
+      }
       if (typeof target[key] === 'undefined' && typeof value !== 'undefined') {
         target[key] = value;
       }

package/lib/helpers/merge.js

@@ -1,14 +1,17 @@
-/* eslint-disable no-restricted-syntax */
+/* eslint-disable no-restricted-syntax, no-param-reassign, no-continue */
 
 const isPlainObject = require('./is_plain_object');
 
-function merge(...sources) {
-  const target = {};
+function merge(target, ...sources) {
   for (const source of sources) {
     if (!isPlainObject(source)) {
-      continue; // eslint-disable-line no-continue
+      continue;
     }
     for (const [key, value] of Object.entries(source)) {
+      /* istanbul ignore if */
+      if (key === '__proto__' || key === 'constructor') {
+        continue;
+      }
       if (isPlainObject(target[key]) && isPlainObject(value)) {
         target[key] = merge(target[key], value);
       } else if (typeof value !== 'undefined') {
@@ -20,4 +23,4 @@ function merge(...sources) {
   return target;
 }
 
-module.exports = merge.bind(undefined, false);
+module.exports = merge;

package/lib/issuer.js

@@ -221,7 +221,9 @@ class Issuer {
       return new Issuer({
         ...ISSUER_DEFAULTS,
         ...body,
-        [AAD_MULTITENANT]: AAD_MULTITENANT_DISCOVERY.has(uri),
+        [AAD_MULTITENANT]: !!AAD_MULTITENANT_DISCOVERY.find(
+          (discoveryURL) => uri.startsWith(discoveryURL),
+        ),
       });
     }
 
@@ -248,7 +250,9 @@ class Issuer {
       return new Issuer({
         ...ISSUER_DEFAULTS,
         ...body,
-        [AAD_MULTITENANT]: AAD_MULTITENANT_DISCOVERY.has(wellKnownUri),
+        [AAD_MULTITENANT]: !!AAD_MULTITENANT_DISCOVERY.find(
+          (discoveryURL) => wellKnownUri.startsWith(discoveryURL),
+        ),
       });
     }));
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "openid-client",
-  "version": "3.15.5",
+  "version": "3.15.9",
   "description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js runtime, supports passportjs",
   "keywords": [
     "auth",
@@ -45,23 +45,23 @@
     "base64url": "^3.0.1",
     "got": "^9.6.0",
     "jose": "^1.27.1",
-    "lru-cache": "^5.1.1",
+    "lru-cache": "^6.0.0",
     "make-error": "^1.3.6",
     "object-hash": "^2.0.1",
     "oidc-token-hash": "^5.0.0",
     "p-any": "^3.0.0"
   },
   "devDependencies": {
-    "@commitlint/cli": "^8.3.4",
-    "@commitlint/config-conventional": "^8.3.4",
-    "@types/passport": "^1.0.3",
+    "@commitlint/cli": "^9.1.1",
+    "@commitlint/config-conventional": "^9.1.1",
+    "@types/passport": "^1.0.4",
     "chai": "^4.2.0",
-    "eslint": "^7.2.0",
+    "eslint": "^7.4.0",
     "eslint-config-airbnb-base": "^14.2.0",
     "eslint-plugin-import": "^2.21.2",
     "husky": "^4.0.0",
     "mocha": "^8.0.1",
-    "nock": "^12.0.1",
+    "nock": "^13.0.2",
     "nyc": "^15.1.0",
     "readable-mock-req": "^0.2.2",
     "sinon": "^9.0.0",

package/types/index.d.ts

@@ -99,7 +99,7 @@ export interface AuthorizationParameters {
   display?: string;
   id_token_hint?: string;
   login_hint?: string;
-  max_age?: string;
+  max_age?: number;
   nonce?: string;
   prompt?: string;
   redirect_uri?: string;