v2.0.4

fix: #33 allow request redirect uri with querystring

v2.0.3

fix: allow numbers for user identifiers
fix: fastify and express adapters exports fixes #27

v2.0.2

fix - fixes missing generateRandomToken import from #26

v2.0.0 Fastify!

I was trying to do this as a minor release with no breaking changes, thus the 1.3.0-rc.x tags, but I ended up embracing reality and just marking this as a major version with two small breaking changes.

• Breaking - The CodeChallengeMethod interface was updated from "s265" to "S265" and the AuthorizationServer is now checking explicitly for this value. Fixes #25
• Breaking - The handleResponse and handleError has been replaced with adapter specific helpers. These helpers were/are optional to use in the first place, but if they are used, you must now use the framework specific adapters. Please see the docs for more information.

// before only express was supported
import { handleResponse, handleError } from "@jmondi/oauth2-server";

// now there are separate adapters for Express and Fastify
import { handleExpressResponse, handleExpressError } from "@jmondi/oauth2-server/express";
import { handleFastifyReply, handleFastifyError } from "@jmondi/oauth2-server/fastify";

• Feature - Fastify is now supported! Use the new Fastify adapters to create an OAuthRequest and OAuthResponse for the AuthorizationServer. See prisma_fastify example.

import { responseFromFastify, requestFromFastify } from "@jmondi/oauth2-server/fastify"

const request = requestFromFastify(req);
const response = responseFromFastify(res);

const authRequest = await authorizationServer.validateAuthorizationRequest(request);
const oauthResponse = await authorizationServer.respondToAccessTokenRequest(request, response);

• Optional Change for Express - The OAuthRequest constructor is compatible with an Express Request and Response. The new helper function provides better typing for creation, and allows for similar creation patterns for Fastify.

// previously
const request = new OAuthRequest(req);
const authRequest = await authorizationServer.validateAuthorizationRequest(request);

// now
import { responseFromExpress, requestFromExpress } from "@jmondi/oauth2-server/express"

const request = requestFromExpress(req);
const authRequest = await authorizationServer.validateAuthorizationRequest(request);

v1.1.0

This release drops the useUrlEncode as a configurable option. This option is now always true/enabled. This shouldn't effect most users, as the useUrlEncode option has always defaulted to true.

v1.0.4

fixes #14: add opt out for authorization code base64 url encoding
refactor: authorization server optional config field cleanup and simplify
docs: add authorization server optional configs info

v1.0.2

Fixes #8 refresh_token blank scope bug

v1.0.1

chore: bump deps

v1.0.0-beta.10

1.0.0-beta.10