atproto/packages/oauth/oauth-client-browser/CHANGELOG.md

@atproto/oauth-client-browser

0.3.7

Patch Changes

• Updated dependencies [2889c7699, 2889c7699, 2889c7699, 2889c7699]:
  • @atproto/jwk@0.1.2
  • @atproto/jwk-webcrypto@0.1.3
  • @atproto/oauth-client@0.3.7
  • @atproto/oauth-types@0.2.2
  • @atproto-labs/did-resolver@0.1.8

0.3.6

Patch Changes

• Updated dependencies [72eba67af]:
  • @atproto-labs/did-resolver@0.1.7
  • @atproto/oauth-client@0.3.6

0.3.5

Patch Changes

• Updated dependencies [a200e5095]:
  • @atproto-labs/handle-resolver@0.1.5
  • @atproto/oauth-client@0.3.5

0.3.4

Patch Changes

• Updated dependencies []:
  • @atproto/oauth-client@0.3.4

0.3.3

Patch Changes

• Updated dependencies []:
  • @atproto-labs/did-resolver@0.1.6
  • @atproto/oauth-client@0.3.3

0.3.2

Patch Changes

• Updated dependencies [5ddd51235, 5ddd51235, 5ddd51235, 5ddd51235, 5ddd51235, 5ddd51235]:
  • @atproto/oauth-types@0.2.1
  • @atproto/oauth-client@0.3.2

0.3.1

Patch Changes

• Updated dependencies []:
  • @atproto/oauth-client@0.3.1

0.3.0

Minor Changes

• #2871 9d40ccbb6 Thanks @matthieusieben! - Use "auto" instead of undefined to descibe the refresh mechanism to use in various methods.

Patch Changes

• #2874 7f26b1765 Thanks @matthieusieben! - Add allowHttp OAuthClient construction option to allow working with "http:" oauth providers (for development & testing purposes).

• Updated dependencies [7f26b1765, 7f26b1765, 9d40ccbb6, 7f26b1765, 9d40ccbb6, 9d40ccbb6, 9d40ccbb6, 9d40ccbb6, 9d40ccbb6, 9d40ccbb6, 9d40ccbb6, 7f26b1765, 9d40ccbb6, 9d40ccbb6, 7f26b1765]:

  • @atproto/oauth-client@0.3.0
  • @atproto/oauth-types@0.2.0
  • @atproto-labs/did-resolver@0.1.5
  • @atproto-labs/handle-resolver@0.1.4
  • @atproto/did@0.1.3

0.2.2

Patch Changes

• #2755 ed325d863 Thanks @matthieusieben! - Improve invalid client_id error messages from BrowserOAuthClient.from()

• #2755 ed325d863 Thanks @matthieusieben! - Do not strip query string from URL after oauth redirect in fragment mode

• #2755 ed325d863 Thanks @matthieusieben! - Relax type restriction on clientId option

• Updated dependencies [ed325d863, ed325d863, ed325d863, ed325d863, ed325d863, ed325d863, ed325d863, ed325d863, ed325d863, ed325d863, ed325d863, ed325d863, ed325d863]:

  • @atproto/oauth-types@0.1.5
  • @atproto/oauth-client@0.2.2
  • @atproto-labs/did-resolver@0.1.4

0.2.1

Patch Changes

• Updated dependencies [cb4abbb67, cb4abbb67, cb4abbb67]:
  • @atproto/did@0.1.2
  • @atproto-labs/did-resolver@0.1.3
  • @atproto-labs/handle-resolver@0.1.3
  • @atproto/oauth-client@0.2.1

0.2.0

Minor Changes

• #2714 d9ffa3c46 Thanks @matthieusieben! - The OAuthClient (and runtime specific sub-classes) no longer return @atproto/api Agent instances. Instead, they return OAuthSession instances that can be used to instantiate the Agent class.

• #2734 dee817b6e Thanks @matthieusieben! - Remove "openid" compatibility. The reason is that although we were technically "openid" compatible, ATProto identifiers are distributed identifiers. When a client relies on OpenID to authenticate users, it will use the auth provider in combination with the identifier to uniquely identify the user. Since ATProto identifiers are meant to be able to move from one provider to the other, OpenID compatibility could break authentication after a user was migrated to a different provider.

  The way OpenID compliant clients would adapt to this particularity would typically be to remove the provider + identifier combination and use the identifier alone. While this is indeed the right way to handle ATProto identifiers, it requires more work to avoid impersonation. In particular, when obtaining a user identifier, the client must verify that the issuer of the identity token is indeed the server responsible for that user. This mechanism being not enforced by the OpenID standard, OpenID compatibility could lead to security issues. For this reason, we decided to remove OpenID compatibility from the OAuth provider.

  Note that a trusted central authority could still offer OpenID compatibility by relying on ATProto's regular OAuth flow under the hood. This capability is out of the scope of this library.

Patch Changes

• Updated dependencies [d9ffa3c46, dee817b6e, dee817b6e, dee817b6e, d9ffa3c46, dee817b6e, dee817b6e, dee817b6e, dee817b6e, d9ffa3c46, d9ffa3c46, d9ffa3c46]:
  • @atproto/oauth-client@0.2.0
  • @atproto/oauth-types@0.1.4

0.1.7

Patch Changes

• Updated dependencies []:
  • @atproto/oauth-client@0.1.7

0.1.6

Patch Changes

• Updated dependencies []:
  • @atproto/oauth-client@0.1.6

0.1.5

Patch Changes

• Updated dependencies [35a126429, 35a126429, 35a126429, 3ebcd4e61, 35a126429]:
  • @atproto/oauth-client@0.1.5
  • @atproto/oauth-types@0.1.3

0.1.4

Patch Changes

• Updated dependencies [04112783d]:
  • @atproto/oauth-client@0.1.4

0.1.3

Patch Changes

• Updated dependencies []:
  • @atproto/oauth-client@0.1.3

0.1.2

Patch Changes

• Updated dependencies [b934b396b, b934b396b, b934b396b, b934b396b]:
  • @atproto/oauth-client@0.1.2
  • @atproto/oauth-types@0.1.2
  • @atproto-labs/handle-resolver@0.1.2
  • @atproto/did@0.1.1
  • @atproto/jwk-webcrypto@0.1.2
  • @atproto-labs/did-resolver@0.1.2

0.1.1

Patch Changes

• #2633 acc9093d2 Thanks @matthieusieben! - Add event emitting capability to OAuthClient

• Updated dependencies [acc9093d2, acc9093d2, acc9093d2, acc9093d2, acc9093d2]:

  • @atproto/oauth-types@0.1.1
  • @atproto/jwk@0.1.1
  • @atproto-labs/handle-resolver@0.1.1
  • @atproto-labs/did-resolver@0.1.1
  • @atproto-labs/simple-store@0.1.1
  • @atproto/oauth-client@0.1.1
  • @atproto/jwk-webcrypto@0.1.1

0.1.0

Minor Changes

• #2482 a8d6c1123 Thanks @matthieusieben! - Add OAuth provider capability & support for DPoP signed tokens

Patch Changes

• Updated dependencies [a8d6c1123]:
  • @atproto-labs/handle-resolver@0.1.0
  • @atproto-labs/did-resolver@0.1.0
  • @atproto-labs/simple-store@0.1.0
  • @atproto/jwk-webcrypto@0.1.0
  • @atproto/oauth-client@0.1.0
  • @atproto/oauth-types@0.1.0
  • @atproto/jwk@0.1.0
  • @atproto/did@0.1.0