|
1 | 1 | ## Changelog |
2 | 2 |
|
| 3 | +## 4.2.0 |
| 4 | +### Fixed |
| 5 | +- fix(core): Bearer regular expression matching in authenticate handler #105 |
| 6 | +- fix(request): set WWW-Authenticate header for invalid requests #96 oauthjs#646 |
| 7 | +- fix(handler): deny access when body.allowed is 'false' (#94) |
| 8 | +- fix(handlers): skip varcheck for state when allowEmptyState #89 #93 |
| 9 | + |
| 10 | +### Added |
| 11 | +- supported custom validateRedirectUri |
| 12 | +- feature: Supported state in case of denialMerge #99 |
| 13 | +- Bearer regular expression matching in authenticate handler |
| 14 | +- docs: Update extension-grants.rst with example #92 |
| 15 | +- feature(core): extract is.js into standalone package @node-oauth/formats #55 |
| 16 | +- feature(authorize): allow custom implementations of validateRedirectUri via model #89 p.4 |
| 17 | + - support custom validateRedirectUri() |
| 18 | + - allow to implement model.validateRedirectUri |
| 19 | + - updated AuthorizeHandler |
| 20 | + - default conforms with RFC 6819 Section-5.2.3.5 |
| 21 | + |
| 22 | +### Tests |
| 23 | +- Integration test password grant (#100) |
| 24 | + * test example |
| 25 | + * created db & model factories |
| 26 | + * added refresh_token grant type test |
| 27 | + * removed failing test, not implemented feature |
| 28 | + * add reference to issue |
| 29 | + * client authentication test |
| 30 | + * random client credentials in test |
| 31 | + * replace math.random by crypto.randomBytes |
| 32 | + |
| 33 | +### CI |
| 34 | +- refactor(ci): remove unused ci workflow |
| 35 | +- fix(ci): use node-oauth/express-oauth-server for integration test |
| 36 | + |
3 | 37 | ## 4.1.0 |
4 | 38 | ### Changed |
5 | 39 | * Bump dev dependencies to resolve vulnerabilities |
|
0 commit comments