Skip to content

6.2.1

Latest
Latest
Compare
Choose a tag to compare
@caputomarcos caputomarcos released this 25 May 16:41
· 3 commits to main since this release
6.2.1
d9439a5

Release Notes

Add Force Token Refresh Option to OAuth2 Configuration #92

Merged by caputomarcos on May 25, 2024

This release introduces a new feature to the OAuth2 configuration that allows users to force a token refresh. This can be particularly useful when there are changes in scopes or permissions, or when authentication issues are encountered.

Changes include:

  • UI Update: Added a new checkbox in the OAuth2 HTML configuration for the 'Force Token Refresh' option.
  • Locale Update: Updated the OAuth2 JSON locale files to include descriptions and labels for the new 'force' option.
  • JavaScript Update: Modified the OAuth2 JavaScript to handle the 'force' configuration, ensuring that a new access token is generated when this option is enabled, regardless of the current token's validity.
  • Response Handling: Improved the handling of the OAuth2 response and headers in the message object.
  • Refactor: Refactored the shouldBypassProxy function for clarity.
  • HTML Response: Streamlined the success page HTML response for the OAuth2 callback endpoint.

The new 'force' option is now available in the node configuration UI, and users can enable it to ensure that a fresh access token is always used.

Implements the Loading of Credentials from Node-RED's Credential Store #91

Merged by caputomarcos on May 25, 2024

This commit introduces enhancements to improve the efficiency of the OAuth2 module by reducing unnecessary token requests and leveraging Node-RED's built-in credential management features.

Changes include:

  • Credential Loading: Implements the loading of credentials from Node-RED's credential store upon node initialization.
  • Token Validation: Adds a check in the onInput function to determine if an access token is already stored and valid. If so, it uses the stored token instead of requesting a new one.
  • Credential Storage: Stores the new access token and its expiry time in the Node-RED credential store after a successful token acquisition.

Add Authorization Endpoint to OAuth2 Module #90

Merged by caputomarcos on May 25, 2024

Changes include:

  • Authorization Endpoint: Include the authorization_endpoint in the OAuth2 configuration.
  • Response Update: Update the oauth2Response object to include access_token_url and authorization_endpoint.
  • Code Clarity: Comment out the old assignment of msg.oauth2Response for clarity.

Previous Release Highlights

Refactor ESLint Configuration and Improve OAuth2 Node Functionality

  • ESLint Updates:
    • Included Prettier plugin and adjusted rules for consistent code style.
    • Added browser and mocha environments.
  • OAuth2 Enhancements:
    • Removed unused crypto and circular reference replacer from oauth2.js.
    • Simplified axios POST request logic and added proxy support.
    • Included response headers in the message payload for better context.
    • Adjusted tests to reflect changes in oauth2.js and reduced timeout for faster execution.
    • Added new test cases for handling different grant types, network failures, custom headers, multiple scopes, and proxy settings.

Update Dependencies and Refactor OAuth2 Node

  • Improvements:
    • Updated oauth2.js to handle additional edge cases and improve error handling.
    • Refactored logger.js for better readability and consistency.
    • Added new test cases in oauth2_spec.js to cover more scenarios and ensure robustness.
    • Removed unused dependencies and cleaned up package.json and yarn.lock files.
    • Adjusted package.json scripts to include a new coverage script for test coverage reporting.

Refactor oauth2.json and oauth2.html for Clarity and Add Debug Mode

  • Configuration Enhancements:
    • Added tips for debug mode, client credentials, and rejectUnauthorized in oauth2.json.
    • Updated labels in oauth2.html to be more concise.
    • Introduced a debug mode checkbox with corresponding help information.
  • Logging Improvements:
    • Removed logger.js and integrated logging directly into oauth2.js.
    • Toggled debug mode via node configuration.
    • Included more descriptive logging messages to aid in debugging.

Add Refresh Token Support and Refactor OAuth2 Node Options

  • Refresh Token Flow:
    • Added a refresh_token field in oauth2.html.
    • Updated oauth2.js to handle the new refresh token flow.
    • Refactored the generateOptions function in oauth2.js for better readability and maintainability.
    • Enhanced localization file oauth2.json to include the new refresh token field.

Update Dependencies and Adjust Code for Compatibility

  • Dependency Updates:
    • Updated axios, eslint, and prettier to their latest versions.
    • Adjusted eslint configuration to accommodate updated eslint-plugin-n and eslint-plugin-jsdoc.
    • Modified Logger.prototype.objectDump method to handle invalid objects more gracefully.

Remove Unused 'should' Require in oauth2-generate-options Tests

  • Test Cleanup: Removed the unnecessary require statement for the 'should' library in oauth2-generate-options_spec.js.

Improve Error Handling and Remove Unused URL Import in oauth2.js

  • Error Handling Improvements:
    • Removed unused URL import.
    • Added URLSearchParams import for handling form data.
    • Wrapped credentials retrieval in a try-catch block to handle potential errors.
    • Adjusted response status codes: 404 for missing credentials, 500 for server errors, and 400 for missing credentials in token exchange endpoint.
    • Updated success HTML response to use proper indentation and formatting.
Assets 2
Loading