Releases: inrupt/solid-client-authn-js
Releases · inrupt/solid-client-authn-js
v2.0.0
Breaking Changes
- Node 16 is no longer supported. The global
fetchfunction is used instead of@inrupt/universal-fetch.
This means this library now only works with Node 18 and higher. - The
Sessionclass no longer extendsEventEmitter. Instead, it exposes aneventsattribute implementing
EventEmitter. We do not recommend to useSessioninstance'seventsattribute as an arbitrary events emitter,
and encourage users to only use the supported events and documented API. SessionmethodsonLogin,onLogout,onError,onSessionRestore,onSessionExpirationandonNewRefreshToken
have been removed. They are replaced by calls tosession.events.on, using the appropriate event name.Sessionconstructor changes:- the
onNewRefreshTokenparameter is no longer supported. Its usage is replaced by callingsession.events.on
using theEVENTS.NEW_REFRESH_TOKENconstant as a first parameter, and a callback handling the token as a
second parameter. - The
useEssSessionparameter is no longer supported.
- the
- The
getClientAuthenticationWithDependenciesis no longer exported as part of the public API, and is now internal-only. - The UMD build of
@inrupt/oidc-client-extis no longer available. Since this is a package only intended to be
consumed by@inrupt/solid-client-authn-browser, which doesn't have a UMD build, this change should have no
impact.
Build system changes
- Moved from
rollup-plugin-typescript2to@rollup/plugin-typescript. Although this should not be a breaking change,
upgrading may require extra attention.
v1.17.5
v1.17.4
1.17.3
Bugfixes
browser
- Mismatching redirect URI on refresh: the root cause of the bug was a race
condition because of the asynchronous nature of updating the browser URL. The appropriate event is now awaited for, which should prevent
the issue from manifesting.
browser and node
- JSDoc comments are preserved in emitted files, which gives a better developer experience in IDEs supporting them.
v1.17.2
Bugfixes
browser
- Mismatching redirect URI on refresh: this bug was caused by an invalid redirect URL stored with session data.
Saving an invalid redirect URL is now prohibited, and in addition the storage of users impacted by this bug will be cleared so that they don't have to do anything manually
to clear their local storage. Users affected by this bug will be asked to log back in, as if they logged out.
v1.17.1
v1.17.0
New Features
- Support for RP-Initiated Logout in Node and Browser libraries.
- ESM support for Node and Browser packages.
v1.16.0
v1.15.0
v1.14.0
browser and node
New features
- The
Sessionexposes aneventsattribute implementingEventEmitter, with
type hints to guide which events are supported. It allows to register a callback
listening on events usingsession.events.on, but also to unregister a callback
usingsession.events.off, or to register a one-off callback usingsession.events.once.
This attribute intends at replacing exisingSessionmethods to listen on events,
namelyonLogin,onLogout,onError,onSessionRestore,onSessionExpiration,
onNewRefreshToken.
Deprecation notice
The following have been deprecated, and will be removed in future major releases.
- The
Sessionclass will no longer extendEventEmitter. Instead, it will expose
aneventsattribute implementingEventEmitter. We do not recommand to use
either aSessioninstance or itseventsattribute as an arbitrary events emitter,
and encourage users to only use the supported events and documented API. SessionmethodsonLogin,onLogout,onError,onSessionRestore,
onSessionExpiration,onNewRefreshTokenare deprecated in favor ofsession.events.on
called with the appropriate event name.
node
Bugfixes
- The session expiration date was incorrectly computed in the authorization code flow.