Skip to content
This repository was archived by the owner on Aug 28, 2023. It is now read-only.

B2C Support and caching

Choose a tag to compare

View all tags
@brandwe brandwe released this 01 Sep 19:42
· 393 commits to dev since this release
v1.3.0
34260bf
  • Support for B2C in v2 of our API.
    B2C Support - when it launches you can easily use policies in your node.js application! Just check out /examples/login-oidc-b2c for details.
    You just specify the tenantName: and then add some routes.
  • This meant a complete rework of how the Strategy works. It's now waterfalls in to waterfalls (beautiful, if you think about it) which loads items based on need. Much better way of doing it that I wanted to get to for some time.
  • Biggest feature: speed improvement: I've implemented caching of the metadata with a cache-manager.
    This increases speed amazingly.
    I needed to do this because now we load metadata at clicktime and not at server launch, so this was required.
  • I set the cache expiry to 30 mintues for now, we'll see how that goes. May expose it out in config if users want.
  • The key I use is the policy that is passed to the Strategy, or use 'standard' for v1 and v2 flows (if there is no

Previous release (1.2.0):

  • Support for v1 and v2 API endpoints.

Massive update that fixes a lot that was wrong with the original OpenID Connect Implementation.

Lots of new settings given to you that you can pass in. Look at the client_config_v1.js example to see these. In detail:
You can now specify if user profile should be loaded. (HINT: You shouldn't - as we don't have a user profile lookup.) Default is to skip which you should for AzureAD and MSA. #51

Turns out that my OpenID Connect implementation only have OAuth2 query support, and passed code and tokens through such. This is against spec, against nature, and now fixed. #50

Both the id_token code and id_token flows now support POST and will do the right thing no matter if using v1 or v2. Fragment still not supported. #49

I've exposed this as a config setting you can pass: responseType:. The default is id_token code to match the rest of ADAL.

Login only id_token is now supported *through POST only.

OAuth flows code and OAuth + OpenID Connect id_token code support query or POST response modes.

In addition, I've exposed this as a config setting you can pass: responseMode:. The default is form_post
In support of this, I've updated the app.js in /example to work no matter if using id_token, or id_token code for either v1 or v2.

Added nonce that is actually a nonce (utils.uid(16))

passport OIDC strategy now respects the metadata that is passed to it, so any PPE and Prod metadata endpoints, both v1 and v2, will work.

Assets 2
Loading