Release 4.2.0 #135
Merged
Release 4.2.0 #135
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…om FStefanni/issue_89_20_649 Supported state in case of denial
Merge pull request #93 from node-oauth/fix-vcharfail-allowemptystate
Co-authored-by: Daniel Reguero <[email protected]> Co-authored-by: Francesco Stefanni <[email protected]>
Bumps [eslint](https://github.com/eslint/eslint) from 8.2.0 to 8.4.1. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md) - [Commits](eslint/eslint@v8.2.0...v8.4.1) --- updated-dependencies: - dependency-name: eslint dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Daniel Reguero <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sinon](https://github.com/sinonjs/sinon) from 11.1.2 to 12.0.1. - [Release notes](https://github.com/sinonjs/sinon/releases) - [Changelog](https://github.com/sinonjs/sinon/blob/master/docs/changelog.md) - [Commits](sinonjs/sinon@v11.1.2...v12.0.1) --- updated-dependencies: - dependency-name: sinon dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [eslint](https://github.com/eslint/eslint) from 8.2.0 to 8.4.1. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md) - [Commits](eslint/eslint@v8.2.0...v8.4.1) --- updated-dependencies: - dependency-name: eslint dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* test example * created db & model factories * added refresh_token grant type test * removed failing test, not implemented feature * add reference to issue * client authentication test * random client credentials in test * replace math.random by crypto.randomBytes
…ri via model #89 p.4 - support custom validateRedirectUri() - allow to implement model.validateRedirectUri - updated AuthorizeHandler - default conforms with RFC 6819 Section-5.2.3.5 - thanks to @FStefanni and @jorenvandeweyer
* fix(handler): deny access when body.allowed is 'false' * fix(authorization): use simplified if-branch to check for body allow value
…s#646 Merge pull request #96 from FStefanni/issue_89_18_646 Set WWW-Authenticate header for invalid requests Related: oauthjs#646 Fixes issue #89, point 18. Thanks to @FStefanni
Merge pull request #92 from FStefanni/issue_89_5_530 Update extension-grants.rst with example thanks to @FStefanni
…on files, ignore package-lock.json in .npmignore to avoid publishing a package with package-lock.json, gitignore package-lock.json We could be prone to a supply-chain-attack when we not carefully review changes in the package-lock.json. urls to packages could be changed to malicious variants. To avoid this, we disable the generation package-lock.json. We should not accept any PRs with package-lock.json.
|
If there are no further PRs to merge into 4.2.0 I will resolve the conflicts and create a new release. Is everybody okay with that? I can also create an rc-release if you first want to test it with your setups. |
RefreshTokenGrant: update error messages
|
I am awaiting this :) |
|
Just do it |
HappyZombies
reviewed
Jun 2, 2022
|
🎉 all conflicts resolved, we should be good to go. One needs to approve. I will create a new GitHub release and publish to NPM |
Closed
HappyZombies
requested changes
Jun 4, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This is an ongoing PR for the release
4.2.0which will only include fixes and minor features (non-breaking).Linked issue(s)
See changelog.md section 4.2.0
#149
Involved parts of the project
See changelog.md section 4.2.0
Added tests?
See changelog.md section 4.2.0
OAuth2 standard
See changelog.md section 4.2.0
Reproduction