v3.1.0-rc.1

oidc-client-ts v3.1.0-rc.1 is a bug fix release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Fixes:
  • #1589: fix compiler error for target=ES2022
• Features:
  • #1580: add dpop docs
  • #1569: add dpop nonce support

thanks to @dbfr3qs

v3.1.0-rc.0

oidc-client-ts v3.1.0-rc.0 is a minor release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Fixes:
  • #1539: fix small typo in signinCallback doc in UserManager.ts
  • #1504: typo in sample app config
  • #1490: fix the return type of signinCallback
  • #1443: fixes typos in docs
• Features:
  • #1457: add extra headers
  • #1461: add demonstrating proof of possession
  • #1430: add global requestTimeoutInSeconds setting
  • #1405: allow using default scopes from authorization server

thanks to @mottykohn, @noshiro-pf, @dbfr3qs, @grjan7 and @natergj

v3.0.1

oidc-client-ts 3.0.1 is a bug fix release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Fixes:
  • #1379: userManager.signoutRedirect not working (by reverting #1342)

v3.0.0

oidc-client-ts 3.0.0 is a major release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS). Also have a look into the migration info.

Changelog:

• Breaking changes:
  • #275: use native web crypto instead of crypto-js package
  • #1232: improve merge claims behavior
  • #930: drop deprecated settings
  • #1230: update jwt-decode
  • #1231: require node >=18
• Fixes:
  • #1010: make response_mode optional
  • #1242: session change not fired if identity token does not contain a sid claim
  • #1300: explicitly throw an error when crypto.subtle is undefined
  • #1292: docs(authorization-code-grant.md): update broken link
  • #1316: use npm distribution tags for upcoming releases
  • #1313: handle promise in Events.raise
  • #1341: UserManager.events().unload() event is triggered too early on UserManager.signoutRedirect()
• Features:
  • #1250: improve documentation
  • #1291: allow to optionally pass redirect_uri to UserManager.signinSilent when using refresh token
  • #1258: allow to optionally pass extraTokenParams to UserManager.signinSilent when using refresh token
  • #1275: add documentation section about hash-mode routing

thanks to @43081j, @huysentruitw, @marcoreni, @Lyokolux, @MathiasRossen, @tennox and @PSanetra

v3.0.0-rc.2

oidc-client-ts 3.0.0-rc.2 is a major pre release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS).

Changelog:

• Fixes:
  • #1341: UserManager.events().unload() event is triggered too early on UserManager.signoutRedirect()

thanks to @PSanetra

v3.0.0-rc.1

oidc-client-ts 3.0.0-rc.1 is a major pre release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS).

Changelog:

• Fixes:
  • #1316: use npm distribution tags for upcoming releases
  • #1313: handle promise in Events.raise

v3.0.0-rc.0

oidc-client-ts 3.0.0-rc.0 is a major pre release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS).

Changelog:

• Fixes:
  • #1300: explicitly throw an error when crypto.subtle is undefined
  • #1292: docs(authorization-code-grant.md): update broken link
• Features:
  • #1291: allow to optionally pass redirect_uri to UserManager.signinSilent when using refresh token
  • #1258: allow to optionally pass extraTokenParams to UserManager.signinSilent when using refresh token
  • #1275: add documentation section about hash-mode routing

thanks to @Lyokolux, @MathiasRossen and @tennox

v3.0.0-beta.0

oidc-client-ts 3.0.0-beta.0 is a major pre release.

No longer using crypto-js package, but built-in browser crypto.subtle module. Crypto.subtle is available only in secure contexts (HTTPS).

Changelog:

• Breaking changes:
  • #275: use native web crypto instead of crypto-js package
  • #1232: improve merge claims behavior
  • #930: drop deprecated settings
  • #1230: update jwt-decode
  • #1231: require node >=18
• Fixes:
  • #1010: make response mode optional
  • #1242: session change not fired if identity token does not contain a sid claim
• Features:
  • #1250: improve documentation

thanks to @43081j, @huysentruitw and @marcoreni

v2.4.0

oidc-client-ts 2.4.0 is a minor release.

Changelog:

• #1206: fix exception when id_token not set
• #1220: fix merging token id and user info data. 0 is being omitted
• feature #1212: add support for custom URL state values

thanks to @jafaircl, @dopry and @jeff-chd-g

v2.3.0

oidc-client-ts 2.3.0 is a minor release.

Changelog:

• #1187: dynamically generate package.json for ESM build
• #1173: signoutSIlent: added scriptOrigin parameter to work from another origin
• #1141: make code compatible for eslint-plugin >= v6.4
• feature #1146: popup window can be closed after some time
• feature #1158: make RefreshState public
• feature #1148: allow overriding navigators for non window browser environments

thanks to @Gitarcitano, @davidmrobins, @kwojtasinski-repo , @davesmits and @philjones88