Releases: auth0/node-jwks-rsa
v2.0.4
Fixed
- [SDK-2626] getKeysInterceptor types #251 (davidpatrick)
v2.0.3
[2.0.3] - (2021-04-20)
Fixed
- Fix retrieveSigningKeys error #242 (davidpatrick)
Security
- Bump jose from 2.0.3 to 2.0.5 #244 (dependabot)
v2.0.2
v2.0.1
[2.0.1] - (2021-03-12)
Added
- Callback backwards compatbility for
getSigningKey#227 (davidpatrick)
Fixed
- Fix typescript declarations for v2 #229 (davidpatrick)
- Fix typescript types for fetcher #231 (itajaja)
v2.0.0
With version 2 we have added full JWK/JWS support, bumped Node version support to minimum 10, removed Axios, and exposed a fetcher option to allow user's to completely override how the request to the jwksUri endpoint is made.
Please take note of the breaking changes and the migration guide below.
Breaking Changes
- Drops support for Node < 10
- No more callbacks, using async/await(promises)
- Removed Axios and changed the API to JwksClient
Changes
Added
Changed
- Simplify request wrapper #218 (davidpatrick)
- Pins to Node Version 10,12,14 #212 (davidpatrick)
- Migrate from callbacks to async/await #222 (davidpatrick)
Migration Guide from v1 to v2
Proxies
The proxy option has been removed from the JwksClient. Support for it was a little spotty through Axios, and we wanted to allow users to have more control over the flow. Now you can specify your proxy by overriding the requestAgent used with an agent with built-in proxy support, or by completely overriding the request library with the fetcher option.
// OLD
const oldClient = jwksClient({
jwksUri: 'https://sandrino.auth0.com/.well-known/jwks.json',
proxy: 'https://username:pass@address:port'
});
// NEW
const HttpsProxyAgent = require('https-proxy-agent');
const newClient = jwksClient({
jwksUri: 'https://sandrino.auth0.com/.well-known/jwks.json',
requestAgent: new HttpsProxyAgent('https://username:pass@address:port')
});Request Agent Options
The library no longer gates what http(s) Agent is used, so we have removed requestAgentOptions and now expose the requestAgent option when creating a jwksClient.
// OLD
const oldClient = jwksClient({
jwksUri: 'https://sandrino.auth0.com/.well-known/jwks.json',
requestAgentOptions: {
ca: fs.readFileSync(caFile)
}
});
// NEW
const newClient = jwksClient({
jwksUri: 'https://sandrino.auth0.com/.well-known/jwks.json',
requestAgent: new https.Agent({
ca: fs.readFileSync(caFile)
})
});Migrated Callbacks to Async/Await
The library no longer supports callbacks. We have migrated to async/await(promises).
// OLD
client.getSigningKey(kid, (err, key) => {
const signingKey = key.getPublicKey();
});
// NEW
const key = await client.getSigningKey(kid);
const signingKey = key.getPublicKey();v1.12.3
[1.12.3] - (2021-02-25)
Added
Fixed
- Fix npmjs resolves #221 (adamjmcgrath)
- Fix Import default Axios instance #216 (dsebastien)
1.12.0
Added
- Provide an alternative source for supplying keysets #292 (davidpatrick)
Deprecation
We are deprecating passing in a jwksObject to the client for reasons laid out in #292. In order to load keys from anything other than the jwksUri, please use the getKeysInterceptor.
const client = new JwksClient({
jwksUri: 'https://my-enterprise-id-provider/.well-known/jwks.json',
getKeysInterceptor: (cb) => {
const file = fs.readFileSync(jwksFile);
return cb(null, file.keys);
}
});v1.10.1
v1.10.0
Added
Fixed
- Add missing async methods to Typescript type definitions #163 (mwgamble)
- Fixing proxy on Axios #176 (davidpatrick)
- Fix caching and rateLimiting on getSigningKeyAsync #177 (davidpatrick)
v1.9.0
8690698
lbalmaceda
Luciano Balmaceda
Added
- Add promisified methods to JwksClient #161 (jimmyjames)
- Update express-jwt ^6.0.0 #157 (davidpatrick)
Fixed
- Update Buffer initialization to non-deprecated method #154 (cwardcode)
- Use axios url parameter instead of baseURL #153 (novascreen)
Security
- Bump lodash from 4.17.15 to 4.17.19 [#152](https://github.com/auth0/node-jwks