@forgerock/token-vault@4.2.0

[4.2.0] - 2023-09-11

Security: - Proxy config declaring URLs is now required and will be used to generate an allow list of origins to check again prior to fowarding a request.

[4.1.2] - 2023-07-24

Features:

• Initial release of Token Vault
• Initial NPM deployment for latest version (4.1.2)
• Token vault is sync'd to the same version of the SDK.
• @forgerock/javascript-sdk is a peer dependency of Token vault, meaning the application must install it independently.

@forgerock/ping-protect@4.6.0

Changelog

v4.6.0 (2024-08-15)

🚀 Features

• support-metadata-marketplace-protect (a3494b9)

❤️ Thank You

• ryanbas21

[4.4.2] - 2024-05-15

fix(ping-protect): update-module-type by @ryanbas21 in #434
fix(ping-protect): update-signals-sdk by @ryanbas21 in #437
fix(ping-protect): bundling by @ryanbas21 in #440
fix(ping-protect): update-ping-protect-signals-sdk by @ryanbas21 in #441
fix(ping-protect): dynamically load ping protect in start and transpile as esmodule

[4.4.0] - 2024-03-12

feat(ping-protect): Add a new module for Ping Protect and allow for use of .wellknown endpoint for configuration of PingOne as an oauth server

@forgerock/javascript-sdk@4.6.0

Changelog

[4.6.0] - 2024-08-15

🚀 Features

• ping-fed-central-login (57e7c80)

• recaptcha-enterprise-callback (006cec9)

• support-metadata-marketplace-protect (a3494b9)

• javascript-sdk: refactor authorize URL utilities for DaVinci (b34e458)

• javascript-sdk: recaptcha-enterprise (8b4656c)

🩹 Fixes

• javascript-sdk: allowed-error-messages (88ece3f)

• javascript-sdk: change pkce utility to return storage function (b4e0fbe)

❤️ Thank You

• Justin Lowery
• ryanbas21

[4.4.2] - 2024-05-15

Features:
feat: new request header by @juangarmendia05 in #432

Fixes:
fix(javascript-sdk): fix-exports-update-protect by @ryanbas21 in #433
fix(javascript-sdk): circular-dep by @ryanbas21 in #435
fix(javascript-sdk): change x-requested-platform to opt-in by @cerebrl in #438
fix(javascript-sdk): add logout redirect for pingone by @cerebrl in #443

[4.4.1] - 2024-03-27

Fixes:
fix(javascript-sdk): Export the classes of ping-protect callbacks from index

[4.4.0] - 2024-03-12

Features:

feat(javascript-sdk): add config.setAsync for wellknown endpoint support
feat(javascript-sdk): handle-device-name-in-response

Fixes
fix(javascript-sdk): add PingOne login error to allowed errors
fix(javascript-sdk): sessionStorage conflict
fix(javascript-sdk): circular-dependency

[4.3.0] - 2024-01-04

Features

• Make a prefix to the storage keys configurable via the Config class
• Added a QR Code utility class to determine if a step has a QR Code and handle QR Codes in SDK

Fixes

• Fix main and module fields in package.json being undefined

[4.2.0] - 2023-09-11

Features:

• Added ability for SDK to accept a logLevel and customLogger option in the config. The default to the logger is none which means the SDK will no longer output to the console messages/warnings/console.error calls.

[4.1.2] - 2023-07-20

Features:

• Minor changes to prepare for an upcoming Token Vault release

Fixes:

• fix(javascript-sdk): get-tokens-default-destructure (360df99)

[4.1.1] - 2023-06-29

Features:

• Transaction Authorization advices information adds support for JSON, HTTPClient modified to support this change

Fixes:

• Improved types when in strict mode of Typescript

[4.0.0] - 2023-05-23

Breaking Changes:

• Dropped UMD bundle support, if you would like to use a UMD bundle it's available in 3.4 or you can produce your own by git cloning the repo and setting up the ability to do so.
• Removed Event and FRUI modules

Deprecated:

• JavaScript support configuration property deprecated.

Features:

• Updated the esmodule bundle
• Added interface to register a name to a webauthn device

Fixes:

• Fixed Policy Types so that a PolicyRequirement array is outputted from failedPolicies

Infrastructure:

• Updated tags in github to be prefixed with package name

Changelog

[3.4.0] - 2022-10-18

• Fixed HTTP headers by capitalizing all header names
• Add support for TextInput Callback
• Fix object checks for device profile callback and use globalThis instead of window

[3.3.1] - 2022-05-18

• Fixed issue where UMD bundle namespace changed

[3.3.0] - 2022-04-25

Added:

• OAuth token threshold config property and proactive refresh of tokens expiring soon
• Add Angular sample app to the repo

[3.2.2] - 2022-1-31

Fixed

• Fixed typescript transpilation bug in esmodule config

[3.2.1] - 2022-1-31

Fixed

• Updated readme

[3.2.0] - 2022-1-31

Fixed

• /authorize call not honoring middleware overwrites
• expand middleware passing to call-site so that it overwrites middleware set in config

Added:

• Refactor of end-to-end test suite to use playwright test runner instead of jest
• Upgrade rxjs version from 6 to 7 in autoscript files for e2e tests
• Remove SSL certificate dependency in CI
• Move to using Github Actions for CI
• Convert to monorepo using nx
• Add react sample app to the repo
• Remove certificate dependency across all sample apps
• Replaced development bundle with a rollup production bundle in javascript-sdk package
• Update Readme's in all packages / samples
• Added a CONTRIBUTING.MD file
• Added a pull request template for contributors

[3.0.0] - 2021-6-24

Added

• "Native" Social Login callbacks for both the original AM nodes in 6.5 and the new IDM nodes in 7.0
• SDK Social Login feature officially supports Apple, Facebook and Google
• New FRAuth methods for handing redirection to provider and resuming an authentication journey
  • FRAuth.redirect for redirecting to an Identity Provider for authentication
  • FRAuth.resume supports both return from an IdP and returning from Email Suspend node
• New FRAuth.start method that aliases FRAuth.next to align native mobile SDKs
• E2E test pages will now follow your OS's dark mode setting

Fixed

• Arbitrary query parameters are now passed along through to the /authorize endpoint supporting the use of ACR values for tree specificity
• Fixed build issue when using Windows PowerShell
• WebAuthn error handling is now standardized according to the WebAuthn spec
• When WebAuthn encounters an error, the SDK now formats the error appropriately for AM and sets it into the hiddenValueCallback; this allows the developer to just send it to AM "as is" or handle it specially when catching the thrown error
• Changed the default behavior in case of unidentified storage, to be the localStorage option
• Increased timeout (20 to 60 seconds) for E2E tests to avoid pure timeout failures

Breaking

• WebAuthn's thrown error message text has been changed to align with spec, so check all conditionals comparing error message strings
• Renamed getAuthorizeUrl method to getAuthCodeByIframe
• Removed the single parameter from createVerifier function
• Removal of nonce function

[2.2.0] - 2020-12-18

Added

• Centralized login support has been added
• OAuth authorize endpoint now supports both iframe and fetch through the new support property in the config
• Support for TypeScript 4.0

Fixed

• step.getStage() is no longer used in sample app; getStage(step) is now used for better compatibility with AM 6.5
• FRUser.logout now uses a try-catch around each endpoint call, rather than a single try-catch, ensuring an error in one doesn't interrupt other endpoints being called
• Paths for sample app now point to correct favicon image
• Improved automation testing
• Compatibility with AM 6.5.3 WebAuthn nodes
• Step detection with getWebAuthnStepType and "usernameless" configuration
• getTokens method with forceRenew now revokes existing tokens, if present, before requesting new ones

[2.1.0] - 2020-08-25

Added

• Support for "usernameless" login (storing username on WebAuthn capable tech)
• Support for the recovery code display node and the parsing of the codes from the TextOutputCallback
• Support for user verification property for WebAuthn
• Updated support for new IDM nodes for registration and self-service: BooleanAttributeInputCallback and NumberAttributeInputCallback support
• Added SuspendedTextOutputCallback support for the new Email Suspended Node
• Added SessionManager.logout() call back to FRUser.logout()

Fixed

• Conditionally set user verification, relying party and allow credentials to WebAuthn key options
• Added exclude credentials to script parsing for WebAuthn key options
• Ensure display name and username are correctly parsed and added to WebAuthn key options
• Add authenticator attachment to WebAuthn and other WebAuthn fixes for custom configuration
• Increased entropy for cryptographic functions related to PKCE for both state and verifier
• Improved instructions for cert creation for sample app

Deprecated

• Name change for getAuthorizeUrl: method's name will change to better reflect its behavior in v3
• Removal of nonce: this utility is no longer used in the SDK, and therefore will be removed in v3
• Function signature change for createVerifier: the parameter will be removed in v3.

[2.0.0] - 2020-06-22

Added

• Support for authorization by transaction
• Support for authorization by tree
• Support for device profile collection callback
• Allow server paths to be configurable
• Allow OAuth token storage to be configurable
• Support for request "middleware" for modifying request from SDK
• "Containerize" code base for easier development
• End-to-end tests now use Playwright and mock Node.js server
• Support for WebAuthn script-based authentication

Fixed

• Increased default timeout to accommodate development/debugging
• Provide alternative token store for Firefox Private IndexedDB bug
• Aligned json-based WebAuthn with 7.0 release of AM

[1.0.5] - 2020-01-16

Added

• Support for additional querystring parameters (e.g. suspendedId) when invoking authentication trees

[1.0.4] - 2020-01-06

Fixed

• Renamed getWebAuthStepType to getWebAuthnStepType in FRWebAuthn module

[1.0.3] - 2020-01-06

Added

• Replaced url and querystring dependencies to avoid build issues in some environments

[1.0.2] - 2019-12-20

Added

• Exported Deferred and nonce

[1.0.1] - 2019-12-19

Added

• Server mocking with Mirage JS for E2E tests
• Version header to all OpenAM calls to avo...

v4.6.0

What's Changed

• Develop -> Master 4.4.0 by @ryanbas21 in #431
• fix(javascript-sdk): fix-exports-update-protect by @ryanbas21 in #433
• feat: new request header by @juangarmendia05 in #432
• fix(ping-protect): update-module-type by @ryanbas21 in #434
• fix(javascript-sdk): circular-dep by @ryanbas21 in #435
• fix(javascript-sdk): change x-requested-platform to opt-in by @cerebrl in #438
• fix(ping-protect): update-signals-sdk by @ryanbas21 in #437
• build(ping-protect): update-module-resolution by @ryanbas21 in #439
• fix(ping-protect): bundling by @ryanbas21 in #440
• refactor: update-nx-e2e-tests-builds by @ryanbas21 in #423
• fix(ping-protect): update-ping-protect-signals-sdk by @ryanbas21 in #441
• fix(javascript-sdk): add logout redirect for pingone by @cerebrl in #443
• build(javascript-sdk): update-build-to-vite-lib by @ryanbas21 in #442
• chore(javascript-sdk): package-versions by @ryanbas21 in #444
• chore(javascript-sdk): changelogs by @ryanbas21 in #445
• feat(javascript-sdk): refactor authorize URL utilities for DaVinci by @cerebrl in #449
• Mock api v2 by @ryanbas21 in #450
• chore: update-nx by @ryanbas21 in #451
• feat: ping-fed-central-login by @ryanbas21 in #452
• Recaptcha enterprise by @ryanbas21 in #459
• feat: support-metadata-marketplace-protect by @ryanbas21 in #453
• chore: update-nx by @ryanbas21 in #461
• chore: fix-deps by @ryanbas21 in #465
• chore: fix-side-effects by @ryanbas21 in #469
• chore: fix-subpath by @ryanbas21 in #470
• fix(javascript-sdk): allowed-error-messages by @ryanbas21 in #471
• fix(javascript-sdk): change pkce utility to return storage function by @cerebrl in #472
• chore: update-changelogandpackage by @ryanbas21 in #475
• release 4.5 by @ryanbas21 in #473

New Contributors

• @juangarmendia05 made their first contribution in #432

Full Changelog: v4.4.0...v4.6.0

v4.4.2

What's Changed

• fix(javascript-sdk): fix-exports-update-protect by @ryanbas21 in #433
• feat: new request header by @juangarmendia05 in #432
• fix(ping-protect): update-module-type by @ryanbas21 in #434
• fix(javascript-sdk): circular-dep by @ryanbas21 in #435
• fix(javascript-sdk): change x-requested-platform to opt-in by @cerebrl in #438
• fix(ping-protect): update-signals-sdk by @ryanbas21 in #437
• build(ping-protect): update-module-resolution by @ryanbas21 in #439
• fix(ping-protect): bundling by @ryanbas21 in #440
• refactor: update-nx-e2e-tests-builds by @ryanbas21 in #423
• fix(ping-protect): update-ping-protect-signals-sdk by @ryanbas21 in #441
• fix(javascript-sdk): add logout redirect for pingone by @cerebrl in #443
• build(javascript-sdk): update-build-to-vite-lib by @ryanbas21 in #442
• chore(javascript-sdk): package-versions by @ryanbas21 in #444
• chore(javascript-sdk): changelogs by @ryanbas21 in #445

New Contributors

• @juangarmendia05 made their first contribution in #432

Full Changelog: v4.4.0...v4.4.2

v4.4.0

What's Changed

• feat(javascript-sdk): add-getdisplayname-to-recoverycodes by @ryanbas21 in #414
• feat(ping-protect): new module for Ping Protect by @cerebrl in #415
• fix(javascript-sdk): circular-dependency by @ryanbas21 in #418
• test: update tests for ping protect and add some for sdk. e2e tests f… by @ryanbas21 in #421
• fix(javascript-sdk): sessionStorage conflict by @cerebrl in #419
• feat(javascript-sdk): export-step-options-type by @ryanbas21 in #426
• fix(javascript-sdk): add PingOne login error to allowed errors by @cerebrl in #427
• feat(javascript-sdk): add config.setAsync for wellknown endpoint support by @cerebrl in #429
• chore: release-work by @ryanbas21 in #430

Full Changelog: 4.3.0...v4.4.0

@forgerock/javascript-sdk 4.3.0

What's Changed

• feat(javascript-sdk): add QR Code utility class by @cerebrl in #390
• build: remove-access-token-nx by @ryanbas21 in #391
• build: remove-cloud-commands by @ryanbas21 in #392
• Remove token for master by @ryanbas21 in #393
• feat(reactjs-todo): add WebAuthn support for react todo sample app by @juanManuel05 in #394
• fix(mock-api): fix-introspect-call by @ryanbas21 in #396
• feat(javascript-sdk): make-prefix-configurable by @ryanbas21 in #398
• feat(reactjs-todo): add social login for react todo sample app by @juanManuel05 in #399
• feat(reactjs-todo): fix bugs by @juanManuel05 in #401
• fix(javascript-sdk): package-json by @ryanbas21 in #403
• docs(javascript-sdk): update-changelog-and-version by @ryanbas21 in #407
• ci: remove-previews by @ryanbas21 in #408

Full Changelog: 4.2.0...4.3.0

@forgerock/javascript-sdk@4.2.0

What's Changed

• docs(javascript-sdk): fix-changelog by @ryanbas21 in #382
• [Sample App] Create a social login sample app in SDK by @juanManuel05 in #380
• feat(angular-todo): add support for social login by @juanManuel05 in #383
• feat(javascript-sdk): add-logger-functionality by @ryanbas21 in #381
• Fix proxy origins check by @ryanbas21 in #385
• feat(angular-todo): webAuthn support for Angular by @juanManuel05 in #384
• fix(javascript-sdk): expose-logger-functions-type by @ryanbas21 in #386
• chore: update-versions by @ryanbas21 in #388
• docs: update-changelogs by @ryanbas21 in #389
• Release 4.2.0 by @ryanbas21 in #387

New Contributors

• @juanManuel05 made their first contribution in #380

Full Changelog: @forgerock/javascript-sdk@4.1.2...4.2.0

@forgerock/token-vault@4.1.2

What's Changed

• docs(token-vault): add readme by @cerebrl in #375
• chore(token-vault): update-metadata-for-release by @ryanbas21 in #376
• Release Token Vault 4.1.2 by @ryanbas21 in #378

Full Changelog: https://github.com/ForgeRock/forgerock-javascript-sdk/compare/@forgerock/javascript-sdk@4.1.2...@forgerock/token-vault@4.1.2

@forgerock/javascript-sdk@4.1.2

What's Changed

• test(token-vault): improve e2e automation feature testing by @cerebrl in #358
• fix(token-vault): removing /sessions endpoint from interception by @cerebrl in #365
• fix(javascript-sdk): get-tokens-default-destructure by @ryanbas21 in #368
• chore: update-package-version by @ryanbas21 in #370
• chore(javascript-sdk): remove-extra-return by @ryanbas21 in #372
• chore(javascript-sdk): update-changelog by @ryanbas21 in #373

Full Changelog: https://github.com/ForgeRock/forgerock-javascript-sdk/compare/@forgerock/javascript-sdk@4.1.1...@forgerock/javascript-sdk@4.1.2