Skip to content

Releases: caputomarcos/node-red-contrib-oauth2

6.2.1

25 May 16:41
@caputomarcos caputomarcos
6.2.1
d9439a5
Compare
Choose a tag to compare
6.2.1 Latest
Latest

Release Notes

Add Force Token Refresh Option to OAuth2 Configuration #92

Merged by caputomarcos on May 25, 2024

This release introduces a new feature to the OAuth2 configuration that allows users to force a token refresh. This can be particularly useful when there are changes in scopes or permissions, or when authentication issues are encountered.

Changes include:

  • UI Update: Added a new checkbox in the OAuth2 HTML configuration for the 'Force Token Refresh' option.
  • Locale Update: Updated the OAuth2 JSON locale files to include descriptions and labels for the new 'force' option.
  • JavaScript Update: Modified the OAuth2 JavaScript to handle the 'force' configuration, ensuring that a new access token is generated when this option is enabled, regardless of the current token's validity.
  • Response Handling: Improved the handling of the OAuth2 response and headers in the message object.
  • Refactor: Refactored the shouldBypassProxy function for clarity.
  • HTML Response: Streamlined the success page HTML response for the OAuth2 callback endpoint.

The new 'force' option is now available in the node configuration UI, and users can enable it to ensure that a fresh access token is always used.

Implements the Loading of Credentials from Node-RED's Credential Store #91

Merged by caputomarcos on May 25, 2024

This commit introduces enhancements to improve the efficiency of the OAuth2 module by reducing unnecessary token requests and leveraging Node-RED's built-in credential management features.

Changes include:

  • Credential Loading: Implements the loading of credentials from Node-RED's credential store upon node initialization.
  • Token Validation: Adds a check in the onInput function to determine if an access token is already stored and valid. If so, it uses the stored token instead of requesting a new one.
  • Credential Storage: Stores the new access token and its expiry time in the Node-RED credential store after a successful token acquisition.

Add Authorization Endpoint to OAuth2 Module #90

Merged by caputomarcos on May 25, 2024

Changes include:

  • Authorization Endpoint: Include the authorization_endpoint in the OAuth2 configuration.
  • Response Update: Update the oauth2Response object to include access_token_url and authorization_endpoint.
  • Code Clarity: Comment out the old assignment of msg.oauth2Response for clarity.

Previous Release Highlights

Refactor ESLint Configuration and Improve OAuth2 Node Functionality

  • ESLint Updates:
    • Included Prettier plugin and adjusted rules for consistent code style.
    • Added browser and mocha environments.
  • OAuth2 Enhancements:
    • Removed unused crypto and circular reference replacer from oauth2.js.
    • Simplified axios POST request logic and added proxy support.
    • Included response headers in the message payload for better context.
    • Adjusted tests to reflect changes in oauth2.js and reduced timeout for faster execution.
    • Added new test cases for handling different grant types, network failures, custom headers, multiple scopes, and proxy settings.

Update Dependencies and Refactor OAuth2 Node

  • Improvements:
    • Updated oauth2.js to handle additional edge cases and improve error handling.
    • Refactored logger.js for better readability and consistency.
    • Added new test cases in oauth2_spec.js to cover more scenarios and ensure robustness.
    • Removed unused dependencies and cleaned up package.json and yarn.lock files.
    • Adjusted package.json scripts to include a new coverage script for test coverage reporting.

Refactor oauth2.json and oauth2.html for Clarity and Add Debug Mode

  • Configuration Enhancements:
    • Added tips for debug mode, client credentials, and rejectUnauthorized in oauth2.json.
    • Updated labels in oauth2.html to be more concise.
    • Introduced a debug mode checkbox with corresponding help information.
  • Logging Improvements:
    • Removed logger.js and integrated logging directly into oauth2.js.
    • Toggled debug mode via node configuration.
    • Included more descriptive logging messages to aid in debugging.

Add Refresh Token Support and Refactor OAuth2 Node Options

  • Refresh Token Flow:
    • Added a refresh_token field in oauth2.html.
    • Updated oauth2.js to handle the new refresh token flow.
    • Refactored the generateOptions function in oauth2.js for better readability and maintainability.
    • Enhanced localization file oauth2.json to include the new refresh token field.

Update Dependencies and Adjust Code for Compatibility

  • Dependency Updates:
    • Updated axios, eslint, and prettier to their latest versions.
    • Adjusted eslint configuration to accommodate updated eslint-plugin-n and eslint-plugin-jsdoc.
    • Modified Logger.prototype.objectDump method to handle invalid objects more gracefully.

Remove Unused 'should' Require in oauth2-generate-options Tests

  • Test Cleanup: Removed the unnecessary require statement for the 'should' library in oauth2-generate-options_spec.js.

Improve Error Handling and Remove Unused URL Import in oauth2.js

  • Error Handling Improvements:
    • Removed unused URL import.
    • Added URLSearchParams import for handling form data.
    • Wrapped credentials retrieval in a try-catch block to handle potential errors.
    • Adjusted response status codes: 404 for missing credentials, 500 for server errors, and 400 for missing credentials in token exchange endpoint.
    • Updated success HTML response to use proper indentation and formatting.
Assets 2
Loading

v6.0.0

21 May 10:50
@caputomarcos caputomarcos
v6.0.0
c4b5357
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v6.0.0

Release Notes for Version 6.0.0

Release Date: May 21, 2024

New Features and Enhancements:

  • Enhanced OAuth2 Node:

    • Implemented support for the OAuth2 implicit flow, allowing client applications (typically SPAs) to obtain access tokens directly.
    • Added new configuration fields: access_type, response_type, and prompt. These fields enhance flexibility in OAuth2 configurations, accommodating a wider range of authentication scenarios.
    • Improved input handling and proxy configuration within the OAuth2Node class for more reliable network request handling during the OAuth2 process.

  • Configuration Updates:

    • Updated .eslintrc.yml to exclude console logs in test files, ensuring cleaner and more readable test outputs.
    • Bumped the package version in package.json to 6.0.0 to reflect significant updates and improvements.
    • Updated dependencies to include mocha for enhanced testing capabilities and additional dev dependencies for improved development workflows.

  • Locales and UI Enhancements:

    • Added support for new fields in locales/en-US/oauth2.json to enable comprehensive configuration options.
    • Updated the OAuth2 HTML file (oauth2.html) to include input fields for access_type, response_type, and prompt, allowing users to configure these parameters through the Node-RED UI.

  • Testing and Documentation:

    • Added extensive tests for the new fields and implicit flow to ensure robustness and functionality.
    • Updated documentation to reflect new features, providing detailed examples of using the implicit flow and configuring the additional fields.

Bug Fixes:

  • Issue #79:
    • Resolved an issue with Google API authentication where users received an HTTP 200 response with an HTML sign-in page payload instead of the expected OAuth2 token.
    • Properly handled the redirect to the Google sign-in page, including the additional confirmation screen, ensuring seamless user authentication.

Upgrade Notes:

  • Breaking Changes:
    • Users upgrading from previous versions should update their configurations to utilize the new fields and implicit flow support.
    • Review the updated documentation for detailed guidance on configuring the OAuth2 node with the new enhancements.

For detailed information on the changes, please refer to the pull request and the updated documentation.

Contributors:

We appreciate the community's feedback and contributions. Thank you for helping us improve the node-red-contrib-oauth2 project!

What's Changed

New Contributors

Full Changelog: 5.0.2...v6.0.0

Contributors

caputomarcos, Shazib, and 2 other contributors
Assets 3
Loading

5.0.2

08 Apr 14:03
@caputomarcos caputomarcos
5.0.2
4d0ba19
Compare
Choose a tag to compare
5.0.2 
bumped to version 5.0.2
Assets 2
Loading

5.0.1

07 Apr 21:45
@caputomarcos caputomarcos
5.0.1
49a927d
Compare
Choose a tag to compare
5.0.1 
bumped to version 5.0.1
Assets 2
Loading

5.0.0

06 Apr 17:58
@caputomarcos caputomarcos
5.0.0
4887b94
Compare
Choose a tag to compare
5.0.0 
bumped to version 5.0.0
Assets 2
Loading

v4.1.8

05 Apr 15:30
@caputomarcos caputomarcos
v4.1.8
7576861
Compare
Choose a tag to compare
v4.1.8 
4.1.8
Assets 2
Loading

4.1.6

05 Apr 14:55
@caputomarcos caputomarcos
4.1.6
a65ec1f
Compare
Choose a tag to compare
4.1.6 
bumped to version 4.1.6
Assets 2
Loading

4.1.5

27 Mar 16:42
@caputomarcos caputomarcos
4.1.5
9ef725d
Compare
Choose a tag to compare
4.1.5

What's Changed

Full Changelog: 4.1.4...4.1.5

Contributors

caputomarcos
Assets 2
Loading

4.1.1

26 Feb 14:14
@caputomarcos caputomarcos
4.1.1
91e08c3
Compare
Choose a tag to compare
4.1.1 
bumped to version 4.1.1
Assets 2
Loading

4.0.1: Merge pull request #31 from serotonie/master

15 Oct 22:07
@caputomarcos caputomarcos
4.0.1
326750e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
4.0.1: Merge pull request #31 from serotonie/master 
unclutter the logs
Assets 2
Loading