v3.4.1

oidc-client-ts v3.4.1 is a bugfix release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Fixes:
  • #2259 forward popupAbortOnClose to PopupNavigator.prepare

thanks to @watabean

v3.4.0

oidc-client-ts v3.4.0 is a minor release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Features:
  • #1890 optionally enforce iframe auth flow in signinSilent
  • #2180 add support for client_secret_jwt
  • #2244 optionally restore popup close rejection
• Fixes;
  • #2147 wait until the page is shown again to resolve in RedirectNavigator

thanks to @Hyperkid123, @Nick-Source, @Skizu and @smujmaiku

v3.3.0

oidc-client-ts v3.3.0 is a minor release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Features:
  • #1924 use BroadcastChannel if no window.opener

thanks to @jcphill

v3.3.0-rc.0

oidc-client-ts v3.3.0-rc.0 is a minor release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Features:
  • #1924 use BroadcastChannel if no window.opener

thanks to @jcphill

v3.2.1

oidc-client-ts v3.2.1 is a bugfix release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Fixes:
  • #1850: userStore should be StateStore instead of WebStorageStateStore
  • #1925: resource owner password credentials flow with oidc scope and no id_token returned will fail sub claim check

thanks to @sebastienlabine, @darkbasic and @sularome

v3.2.0

oidc-client-ts v3.2.0 is a minor release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Fixes:
  • #1702: cannot set Authorization via extraHeaders
  • #1738: allow empty string for client_secret in TokenClient
  • #1803: metadataSeed.authorization_endpoint not prioritized over remote metadata
• Features:
  • #1691: add removeState as an option to processSigninResponse
  • #1817: add raiseEvent parameter to getUser
  • #1818 : add url_state to SignoutRequest

thanks to @ZephireNZ, @ntamotsu, @jgarplind, @waldemarennsaed and @richjyoung

v3.1.0

oidc-client-ts v3.1.0 is a minor release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Fixes:
  • #1666: fix link in docs to issue
  • #1600: updated docs about logger
  • #1589: fix compiler error for target=ES2022
  • #1539: fix small typo in signinCallback doc in UserManager.ts
  • #1504: typo in sample app config
  • #1490: fix the return type of signinCallback
  • #1443: fixes typos in docs
• Features:
  • #1672: make signoutCallback return signout response if request_type is so:r
  • #1626: add popupSignal property to signinPopup and signoutPop
  • #1580: add dpop docs
  • #1569: add dpop nonce support
  • #1457: add extra headers
  • #1461: add demonstrating proof of possession
  • #1430: add global requestTimeoutInSeconds setting
  • #1405: allow using default scopes from authorization server

thanks to @klues, @smujmaiku, @mftruso, @peetck, @dbfr3qs, @mottykohn, @noshiro-pf, @dbfr3qs, @grjan7 and @natergj

v2.4.1

oidc-client-ts 2.4.1 is a bug fix release.

Changelog:

• #1681: return signout response from signoutCallback

thanks to @dopry

v3.1.0-rc.1

oidc-client-ts v3.1.0-rc.1 is a bug fix release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Fixes:
  • #1589: fix compiler error for target=ES2022
• Features:
  • #1580: add dpop docs
  • #1569: add dpop nonce support

thanks to @dbfr3qs

v3.1.0-rc.0

oidc-client-ts v3.1.0-rc.0 is a minor release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Fixes:
  • #1539: fix small typo in signinCallback doc in UserManager.ts
  • #1504: typo in sample app config
  • #1490: fix the return type of signinCallback
  • #1443: fixes typos in docs
• Features:
  • #1457: add extra headers
  • #1461: add demonstrating proof of possession
  • #1430: add global requestTimeoutInSeconds setting
  • #1405: allow using default scopes from authorization server

thanks to @mottykohn, @noshiro-pf, @dbfr3qs, @grjan7 and @natergj