Release v2 (#137)

* Update beta version * Initial commit of Beta 2 branch Co-authored-by: Filip Skokan <panva.ip@gmail.com> * Add PKCE tests and fix multiple servers in tests (#110) * [SDK-1714] [SDK-1723] Session cookie checks (#111) * Refactor the tests a little to use a server * simplify test * tests for unordered cookie chunks * Test format changes for transient handler * Update lib/transientHandler.js Co-authored-by: Filip Skokan <panva.ip@gmail.com> * [SDK-1715] Configuration and API updates (#109) * Simplify the config tests, test more with less code * Validate config fixes and tests * Add comment, update tests * `Issuer.discover` only takes a fully qualified url * Simpler scope assertion and keep all config tests in same file * Let auth server set default for response_type: code * clientSecret is required for HS* algs regardless of response_type Co-authored-by: Filip Skokan <panva.ip@gmail.com> * [SDK-1712] Test token set (#108) * Add tests for TokenSet * Refactor the tests a little * Split up code flow tests * Add tests for access token expiry * Add Prettier for style formatting (#112) * Add prettier * Run `prettier --write .` * [SDK-1716] Add tests for claim* MW (#113) * Add tests for claim* MW * Fix tests * Add some tests for session duration behaviour * Revert "Add some tests for session duration behaviour" This reverts commit e3ce510. * Add some tests for session duration behaviour (#114) * Add test for passing custom param to logout (#115) * [SDK-1721] Auto generated docs (#117) * Auto generated docs with typedoc * fix lgtm * Fix auth params * Fix incorrect import of `requiresAuth` (#118) * Add TROUBLESHOOTING and update debug logging (#120) * Add TROUBLESHOOTING and update debug logging * fix tests * Update lib/context.js Co-authored-by: Filip Skokan <panva.ip@gmail.com> Co-authored-by: Filip Skokan <panva.ip@gmail.com> * attemptSilentLogin feature (#121) * attemptSilentLogin feature * Resume silent login after successful login so that users try silent login again after their session's expire * `postLogoutRedirectUri` isn't always a URI and login needs a check for `response_type` (#123) * [SDK-1877] Add refresh method to access token (#124) * Add refresh method to access token * Add method to fetch userinfo * Add refresh example to docs * Not all refresh token grants get a new refresh token back (eg non rotating) and remove unneeded opts * Scope all cookies (skipSilentLogin, transient and appSession) to the app session cookie path and domain config (if specified) (#125) * [SDK-1722] Architecture (#128) * Default Login flow docs * Add logout * add link from readme * [SDK-1876] [SDK-1726] Add samples and smoke tests (#127) * Add samples and smoke tests * Fix CI * Make the test clearer that discovery alg is ignored (#130) * Make the test clearer that discovery alg is ignored * Add test to show "none" disallowed for idTokenSigningAlg * Disallow "none" in any case (#131) * Disallow "none" in any case * Fix puppeteer in CircleCI https://github.com/puppeteer/puppeteer/blob/main/docs/troubleshooting.md#running-puppeteer-on-circleci * Revert "Fix puppeteer in CircleCI https://github.com/puppeteer/puppeteer/blob/main/docs/troubleshooting.md#running-puppeteer-on-circleci" This reverts commit c0fd31e * use active lts * [SDK-1914] Add a migration guide for v1 to v2 (#129) * Add a migration guide for v1 to v2 * Apply suggestions from code review Co-authored-by: Filip Skokan <panva.ip@gmail.com> * Updates per PR comments Co-authored-by: Filip Skokan <panva.ip@gmail.com> * Release 2.0.0-beta.0 (#132) * Release 2.0.0-beta.0 * Ignore docs from lint * Fixes the numbering on examples (#136) * chore: update jose and openid-client (#134) Co-authored-by: Filip Skokan <panva.ip@gmail.com> Co-authored-by: David Patrick <david.patrick@auth0.com>
auth0 · Sep 17, 2020 · 0def341 · 0def341
1 parent 009b962
commit 0def341
Show file tree

Hide file tree

Showing 92 changed files with 51,695 additions and 3,585 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -2,7 +2,7 @@ version: 2
 jobs:
   build:
     docker:
-      - image: circleci/node:10
+      - image: circleci/node:12-browsers
     environment:
       LANG: en_US.UTF-8
     steps:
@@ -26,6 +26,9 @@ jobs:
       - run:
           name: Run Tests
           command: npm run test:ci
+      - run:
+          name: Run End to End Tests
+          command: npm run test:end-to-end
       - run:
           name: Run Lint
           command: npm run lint

diff --git a/.eslintignore b/.eslintignore
@@ -0,0 +1 @@
+docs
diff --git a/.eslintrc.json b/.eslintrc.json
@@ -1,35 +1,16 @@
 {
-    "env": {
-        "es6": true,
-        "node": true,
-        "mocha": true
-    },
-    "extends": "eslint:recommended",
-    "rules": {
-        "no-useless-escape": 1,
-        "no-console": 0,
-        "indent": [
-            "error",
-            2,
-            { "SwitchCase": 1 }
-        ],
-        "linebreak-style": [
-            "error",
-            "unix"
-        ],
-        "quotes": [
-            "error",
-            "single",
-            {
-                "avoidEscape": true
-            }
-        ],
-        "semi": [
-            "error",
-            "always"
-        ]
-    },
-    "parserOptions": {
-        "ecmaVersion": 2018
-    }
+  "env": {
+    "es6": true,
+    "node": true,
+    "mocha": true
+  },
+  "extends": "eslint:recommended",
+  "rules": {
+    "no-useless-escape": 1,
+    "no-console": 0,
+    "linebreak-style": ["error", "unix"]
+  },
+  "parserOptions": {
+    "ecmaVersion": 2018
+  }
 }
diff --git a/.github/stale.yml b/.github/stale.yml
@@ -17,4 +17,4 @@ staleLabel: closed:stale
 
 # Comment to post when marking as stale. Set to `false` to disable
 markComment: >
-  This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. If you have not received a response for our team (apologies for the delay) and this is still a blocker, please reply with additional information or just a ping. Thank you for your contribution! 🙇‍♂️
+  This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. If you have not received a response for our team (apologies for the delay) and this is still a blocker, please reply with additional information or just a ping. Thank you for your contribution! 🙇‍♂️
diff --git a/.prettierignore b/.prettierignore
@@ -0,0 +1,4 @@
+CHANGELOG.md
+coverage
+.nyc_output
+docs
diff --git a/.prettierrc b/.prettierrc
@@ -0,0 +1,4 @@
+{
+  "singleQuote": true,
+  "printWidth": 80
+}
diff --git a/API.md b/API.md
diff --git a/ARCHITECTURE.md b/ARCHITECTURE.md
@@ -0,0 +1,13 @@
+# Architecture
+
+## Protect a route
+
+With default config - Implicit Flow with Form Post https://auth0.com/docs/flows/concepts/implicit
+
+![login](./login.png)
+
+## logout flow
+
+With `idpLogout: true`
+
+![login](./logout.png)
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,23 @@
 # CHANGELOG
 
+## [2.0.0-beta.0](https://github.com/auth0/express-openid-connect/tree/v2.0.0-beta.0) (2020-08-31)
+[Full Changelog](https://github.com/auth0/express-openid-connect/compare/v1.0.2...v2.0.0-beta.0)
+
+For a full list of breaking changes and migration guide, checkout https://github.com/auth0/express-openid-connect/blob/master/V2_MIGRATION_GUIDE.md
+
+**Breaking Changes**
+- postLogoutRedirect and response_type check [#123](https://github.com/auth0/express-openid-connect/pull/123) ([adamjmcgrath](https://github.com/adamjmcgrath))
+- Logout returnTo param [#115](https://github.com/auth0/express-openid-connect/pull/115) ([adamjmcgrath](https://github.com/adamjmcgrath))
+- Session duration behaviour [#114](https://github.com/auth0/express-openid-connect/pull/114) ([adamjmcgrath](https://github.com/adamjmcgrath))
+- Update Session cookie [#111](https://github.com/auth0/express-openid-connect/pull/111) ([adamjmcgrath](https://github.com/adamjmcgrath))
+- Configuration and API updates [#109](https://github.com/auth0/express-openid-connect/pull/109) ([adamjmcgrath](https://github.com/adamjmcgrath))
+- Update token set [#108](https://github.com/auth0/express-openid-connect/pull/108) ([adamjmcgrath](https://github.com/adamjmcgrath))
+
+**Added**
+- attemptSilentLogin feature [#121](https://github.com/auth0/express-openid-connect/pull/121) ([adamjmcgrath](https://github.com/adamjmcgrath))
+- Add refresh method to access token [#124](https://github.com/auth0/express-openid-connect/pull/124) ([adamjmcgrath](https://github.com/adamjmcgrath))
+- Architecture [#128](https://github.com/auth0/express-openid-connect/pull/128) ([adamjmcgrath](https://github.com/adamjmcgrath))
+
 ## [v1.0.2](https://github.com/auth0/express-openid-connect/tree/v1.0.2) (2020-05-12)
 [Full Changelog](https://github.com/auth0/express-openid-connect/compare/v1.0.1...v1.0.2)