v3.1.0

oidc-client-ts v3.1.0 is a minor release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Fixes:
  • #1666: fix link in docs to issue
  • #1600: updated docs about logger
  • #1589: fix compiler error for target=ES2022
  • #1539: fix small typo in signinCallback doc in UserManager.ts
  • #1504: typo in sample app config
  • #1490: fix the return type of signinCallback
  • #1443: fixes typos in docs
• Features:
  • #1672: make signoutCallback return signout response if request_type is so:r
  • #1626: add popupSignal property to signinPopup and signoutPop
  • #1580: add dpop docs
  • #1569: add dpop nonce support
  • #1457: add extra headers
  • #1461: add demonstrating proof of possession
  • #1430: add global requestTimeoutInSeconds setting
  • #1405: allow using default scopes from authorization server

thanks to @klues, @smujmaiku, @mftruso, @peetck, @dbfr3qs, @mottykohn, @noshiro-pf, @dbfr3qs, @grjan7 and @natergj

v2.4.1

oidc-client-ts 2.4.1 is a bug fix release.

Changelog:

• #1681: return signout response from signoutCallback

thanks to @dopry

v3.1.0-rc.1

oidc-client-ts v3.1.0-rc.1 is a bug fix release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Fixes:
  • #1589: fix compiler error for target=ES2022
• Features:
  • #1580: add dpop docs
  • #1569: add dpop nonce support

thanks to @dbfr3qs

v3.1.0-rc.0

oidc-client-ts v3.1.0-rc.0 is a minor release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Fixes:
  • #1539: fix small typo in signinCallback doc in UserManager.ts
  • #1504: typo in sample app config
  • #1490: fix the return type of signinCallback
  • #1443: fixes typos in docs
• Features:
  • #1457: add extra headers
  • #1461: add demonstrating proof of possession
  • #1430: add global requestTimeoutInSeconds setting
  • #1405: allow using default scopes from authorization server

thanks to @mottykohn, @noshiro-pf, @dbfr3qs, @grjan7 and @natergj

v3.0.1

oidc-client-ts 3.0.1 is a bug fix release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Fixes:
  • #1379: userManager.signoutRedirect not working (by reverting #1342)

v3.0.0

oidc-client-ts 3.0.0 is a major release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Breaking changes:
  • #275: use native web crypto instead of crypto-js package
  • #1232: improve merge claims behavior
  • #930: drop deprecated settings
  • #1230: update jwt-decode
  • #1231: require node >=18
• Fixes:
  • #1010: make response_mode optional
  • #1242: session change not fired if identity token does not contain a sid claim
  • #1300: explicitly throw an error when crypto.subtle is undefined
  • #1292: docs(authorization-code-grant.md): update broken link
  • #1316: use npm distribution tags for upcoming releases
  • #1313: handle promise in Events.raise
  • #1341: UserManager.events().unload() event is triggered too early on UserManager.signoutRedirect()
• Features:
  • #1250: improve documentation
  • #1291: allow to optionally pass redirect_uri to UserManager.signinSilent when using refresh token
  • #1258: allow to optionally pass extraTokenParams to UserManager.signinSilent when using refresh token
  • #1275: add documentation section about hash-mode routing

thanks to @43081j, @huysentruitw, @marcoreni, @Lyokolux, @MathiasRossen, @tennox and @PSanetra

v3.0.0-rc.2

oidc-client-ts 3.0.0-rc.2 is a major pre release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS).

Changelog:

• Fixes:
  • #1341: UserManager.events().unload() event is triggered too early on UserManager.signoutRedirect()

thanks to @PSanetra

v3.0.0-rc.1

oidc-client-ts 3.0.0-rc.1 is a major pre release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS).

Changelog:

• Fixes:
  • #1316: use npm distribution tags for upcoming releases
  • #1313: handle promise in Events.raise

v3.0.0-rc.0

oidc-client-ts 3.0.0-rc.0 is a major pre release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS).

Changelog:

• Fixes:
  • #1300: explicitly throw an error when crypto.subtle is undefined
  • #1292: docs(authorization-code-grant.md): update broken link
• Features:
  • #1291: allow to optionally pass redirect_uri to UserManager.signinSilent when using refresh token
  • #1258: allow to optionally pass extraTokenParams to UserManager.signinSilent when using refresh token
  • #1275: add documentation section about hash-mode routing

thanks to @Lyokolux, @MathiasRossen and @tennox

v3.0.0-beta.0

oidc-client-ts 3.0.0-beta.0 is a major pre release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS).

Changelog:

• Breaking changes:
  • #275: use native web crypto instead of crypto-js package
  • #1232: improve merge claims behavior
  • #930: drop deprecated settings
  • #1230: update jwt-decode
  • #1231: require node >=18
• Fixes:
  • #1010: make response mode optional
  • #1242: session change not fired if identity token does not contain a sid claim
• Features:
  • #1250: improve documentation

thanks to @43081j, @huysentruitw and @marcoreni