Appearance
Migrating from v2 to v3
Upgrade Time Estimate: ESM? 10 minutes; no-ESM? Varies
This package is now pure ESM
The package is now entirely ESM (ECMAScript Modules). More details about this change can be found in Sindre Sorhus's writeup.
AuthorizationServer
Updates
In v2.x, AuthorizationServer
constructor required all repositories. In v3.x, it has been simplified.
Before (v2.x):
typescript
const authorizationServer = new AuthorizationServer(
authCodeRepository,
clientRepository,
accessTokenRepository,
scopeRepository,
userRepository,
jwtService,
{
requiresS256: false,
tokenCID: "name",
}
);
After (v3.x):
typescript
const authorizationServer = new AuthorizationServer(
clientRepository,
accessTokenRepository,
scopeRepository,
new JwtService("secret-key"),
{
requiresS256: true,
tokenCID: "id",
}
);
Enabling Grants
In v3, enableGrantType
has been updated for the "authorization_code" and "password" grants.
Authorization Code Grant
AuthorizationCodeGrant
now requires a AuthorizationCodeRepository and a UserRepository.
Before (v2.x):
typescript
authorizationServer.enableGrantType("authorization_code");
After (v3.x):
typescript
authorizationServer.enableGrantType({
grant: "authorization_code",
userRepository,
authorizationCodeRepository,
});
Password Grant
PasswordGrant
now requires a UserRepository.
Before (v2.x):
typescript
authorizationServer.enableGrantType("password");
After (v3.x):
typescript
authorizationServer.enableGrantType({
grant: "password",
userRepository,
});
AuthorizationServerOptions
Default Configuration Updates
The default options for AuthorizationServer
have been modified to better align with the OAuth 2.0 specification:
Option | v2.x Value | v3.x Value |
---|---|---|
requiresS256 | false | true |
tokenCID | "name" | "id" |
Removed setOptions
Method
The undocumented, public method setOptions
has been removed in v3. Options can be set during AuthorizationServer
initialization.
generateRandomToken
Function Fix
A bug in the generateRandomToken
function has been fixed in v3.x.