openid-client 5.3.3 → 5.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/lib/helpers/deep_clone.js +1 -1
  2. package/lib/passport_strategy.js +8 -2
  3. package/package.json +1 -1
package/lib/helpers/deep_clone.js CHANGED
@@ -1 +1 @@
1
- module.exports = globalThis.structuredClone || JSON.parse(JSON.stringify(obj));
1
+ module.exports = globalThis.structuredClone || ((obj) => JSON.parse(JSON.stringify(obj)));
package/lib/passport_strategy.js CHANGED
@@ -84,8 +84,14 @@ OpenIDConnectStrategy.prototype.authenticate = function authenticate(req, option
84
84
  const reqParams = client.callbackParams(req);
85
85
  const sessionKey = this._key;
86
86
 
87
- /* start authentication request */
88
- if (Object.keys(reqParams).length === 0) {
87
+ const { 0: parameter, length } = Object.keys(reqParams);
88
+
89
+ /**
90
+ * Start authentication request if this has no authorization response parameters or
91
+ * this might a login initiated from a third party as per
92
+ * https://openid.net/specs/openid-connect-core-1_0.html#ThirdPartyInitiatedLogin.
93
+ */
94
+ if (length === 0 || (length === 1 && parameter === 'iss')) {
89
95
  // provide options object with extra authentication parameters
90
96
  const params = {
91
97
  state: random(),
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "openid-client",
3
- "version": "5.3.3",
3
+ "version": "5.4.0",
4
4
  "description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js runtime, supports passportjs",
5
5
  "keywords": [
6
6
  "auth",