Ts Oauth2 Server Versions Save

A standards compliant implementation of an OAuth 2.0 authorization server for Nodejs that utilizes JWT and Proof Key for Code Exchange (PKCE), written in TypeScript.

v3.3.0

2 weeks ago

What's Changed

Full Changelog: https://github.com/jasonraimondi/ts-oauth2-server/compare/v3.2.0...v3.3.0

v3.3.0-alpha.1

2 weeks ago

Full Changelog: https://github.com/jasonraimondi/ts-oauth2-server/compare/v3.3.0-alpha.0...v3.3.0-alpha.1

v3.3.0-alpha.0

2 weeks ago

What's Changed

Full Changelog: https://github.com/jasonraimondi/ts-oauth2-server/compare/v3.2.0...v3.3.0-alpha.0

v3.2.0

3 months ago

What's Changed

OAuth 2.0 Token Exchange (RFC 8693)

To enable the token exchange grant, you'll need to provide your own implementation of processTokenExchangeFn. This function should orchestrate the exchange with the required third-party services based on your specific needs.

authorizationServer.enableGrant({
  grant_type: "urn:ietf:params:oauth:grant-type:token-exchange",
  processTokenExchangeFn,
})

Read the Docs

Thanks to @Jazcash for helping brainstorm and test this feature. Much appreciated 🙏

Full Changelog: https://github.com/jasonraimondi/ts-oauth2-server/compare/v3.1.0...v3.2.0

v3.1.0

4 months ago

What's Changed

Full Changelog: https://github.com/jasonraimondi/ts-oauth2-server/compare/v3.0.2...v3.1.0

v3.0.3

5 months ago

What's Changed

Full Changelog: https://github.com/jasonraimondi/ts-oauth2-server/compare/v3.0.2...v3.0.3

v3.0.2

11 months ago

Notes

chore: remove unused dependency from package.json

Full Changelog

https://github.com/jasonraimondi/ts-oauth2-server/compare/v3.0.1...v3.0.2

v3.0.1

1 year ago

Notes

feat: publish commonjs and esm modules using tsup

Full Changelog

https://github.com/jasonraimondi/ts-oauth2-server/compare/v3.0.0...v3.0.1

v3.0.0

1 year ago

Notes

  • The package is now entirely ESM (ECMAScript Modules), check out Sindre Sorhus's writeup for a better understanding of this change.
  • The AuthorizationServer default constructor's parameters have been simplified.
  • The AuthorizationServerOptions default configuration values for have been changed.
  • The AuthorizationServer.enableGrantType() process to enable grant types has been updated.
  • The AuthorizationServer.setOptions() method has been removed. Options should be set during initialization.

Migration

[migration guide]

AuthorizationServer Updates

In v2.x, AuthorizationServer constructor required all repositories. In v3.x, it has been simplified.

Before (v2.x):

const authorizationServer = new AuthorizationServer(
  authCodeRepository,
  clientRepository,
  accessTokenRepository,
  scopeRepository,
  userRepository,
  jwtService,
  {
    requiresS256: false, 
    tokenCID: "name",
  }
);

After (v3.x):

const authorizationServer = new AuthorizationServer(
  clientRepository,
  accessTokenRepository,
  scopeRepository,
  jwtService,
  {
    requiresS256: true,  // default changed to true
    tokenCID: "id",      // default changed to "id"
  }
);

Enabling Grants

In v3, enableGrantType has been updated for the "authorization_code" and "password" grants.

AuthorizationCodeGrant now requires a AuthorizationCodeRepository and a UserRepository.

Before (v2.x):

authorizationServer.enableGrantType("authorization_code");

After (v3.x):

authorizationServer.enableGrantType({
  grant: "authorization_code",
  userRepository, 
  authorizationCodeRepository,
});

PasswordGrant now requires a UserRepository.

Before (v2.x):

authorizationServer.enableGrantType("password");

After (v3.x):

authorizationServer.enableGrantType({
  grant: "password",
  userRepository, 
});

Callouts

Thanks to @mahmoudzeyada

Full Changelog

https://github.com/jasonraimondi/ts-oauth2-server/compare/v2.6.1...v3.0.0

v2.6.1

1 year ago

Notes

  • patch(#74): security upgrade jsonwebtoken from 8.5.1 to 9.0.0 (thank you @Siddhant-K-code)

Full Changelog

https://github.com/jasonraimondi/ts-oauth2-server/compare/v2.6.0...v2.6.1