Comments (8)
I have created PR
#15
from ts-oauth2-server.
I think it's better to keep it as is by default for backward compatibility. Otherwise, after updating the version existing code in some projects may be broken. For example, a have mask ^0.0.0 for npm module in 'package.json'
from ts-oauth2-server.
released in v1.0.4
from ts-oauth2-server.
Great point, I can definitely look into making this optional, will take a few days but I will absolutely see what I can do. Also totally willing to take a PR if you want to contribute to the project.
from ts-oauth2-server.
I have one comment on the PR, if you can get that addressed (or I will when I get a moment) I can get this merged into the next version asap.
from ts-oauth2-server.
@klerick I have merged this and built your PR into version 1.0.3, basically this is "opting to skip the url encode". I am really thinking now that it should be skipped by default and you can opt into base64 encoding. I might follow up with 1.1.0 that changes this default value to always skip url encoding, and allow users to opt-in. What do you think?
from ts-oauth2-server.
The base64 encoding is a good feature, but other tools do not use it(
from ts-oauth2-server.
@klerick Thank you for the feedback and talking me down 😄 . You are correct, it is better to leave it and allow the opt-out.
I have created a branch to do a minor amount of cleanup for the authorization server optional configs, as well as adding some documentation for both config options here if you wanted to take a peek: https://github.com/jasonraimondi/typescript-oauth2-server/pull/16/files
I am going to put this refactor work into a release tagged 1.0.4
Closing this issue as it seems to be resolved now.
from ts-oauth2-server.
Related Issues (20)
- Support for any port when redirectUri is a loopback URI HOT 2
- Support RFC 8693 - Token Exchange HOT 6
- Authorization code grant: wrong code in redirect URL HOT 4
- Support RFC7009 “OAuth 2.0 Token Revocation” HOT 1
- feat: allowed custom grant usage
- Suggestion: extend `OAuthClient` interface to (optionally) specify `accessTokenValidity` and `refreshTokenValidity` fields HOT 4
- Any tokens issued should be invalidated by reuse of the originating authorization_code HOT 4
- how do i implement consent flow? HOT 1
- Typescript compile error
- Allow `userRepository.extraAccessTokenFields()` to set the `iss` (issuer) claim HOT 1
- Enhancement: support RFC 7009 for token revocation HOT 5
- Review nullability of fields in OAuthToken HOT 2
- Inconsistency: use of `isRevoked()` in the `refresh_token` grant is different from its use in the `auth_code` grant, and is unintuitive HOT 1
- Tests / coverage / maintainability badges look unhealthy HOT 1
- Trouble installing packages for example projects HOT 2
- Error running Prisma/Express example - Client authentication failed: Invalid redirect_uri HOT 2
- aud HOT 3
- how to support multi-tenant? does anyone have a example? HOT 1
- OAuthException throw not supporting in latest version, gettting app crash when throw error from UserRepository HOT 6
- refresh_token grant: Token is not linked to client when tokenCID set to 'name'. HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ts-oauth2-server.