From cb02d8a1abf62d17870f851f40e7a87f4496eaf5 Mon Sep 17 00:00:00 2001 From: pamapa Date: Wed, 15 Nov 2023 14:01:54 +0100 Subject: [PATCH] fix: #1010 make response mode optional --- docs/migration.md | 1 + docs/oidc-client-ts.api.md | 2 +- src/OidcClientSettings.ts | 14 ++++++++++---- 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/docs/migration.md b/docs/migration.md index a7b8b4d14..991ca6c19 100644 --- a/docs/migration.md +++ b/docs/migration.md @@ -10,6 +10,7 @@ The API is largely backwards-compatible. The merge claims behavior has been impr - `refreshTokenCredentials` use `fetchRequestCredentials` since 2.1.0 - the `mergeClaims` has been replaced by `mergeClaimsStrategy` - if the previous behavior is needed `mergeClaimsStrategy: { array: "merge" }` can be used +- default of `response_mode` changed from `query` → `undefined` ## oidc-client v1.11.5 → oidc-client-ts v2.0.0 diff --git a/docs/oidc-client-ts.api.md b/docs/oidc-client-ts.api.md index fede5dcc9..6ae1bc09e 100644 --- a/docs/oidc-client-ts.api.md +++ b/docs/oidc-client-ts.api.md @@ -432,7 +432,7 @@ export class OidcClientSettingsStore { // (undocumented) readonly resource: string | string[] | undefined; // (undocumented) - readonly response_mode: "query" | "fragment"; + readonly response_mode: "query" | "fragment" | undefined; // (undocumented) readonly response_type: string; // (undocumented) diff --git a/src/OidcClientSettings.ts b/src/OidcClientSettings.ts index 2b664e5ce..686809c7e 100644 --- a/src/OidcClientSettings.ts +++ b/src/OidcClientSettings.ts @@ -9,7 +9,6 @@ import { InMemoryWebStorage } from "./InMemoryWebStorage"; const DefaultResponseType = "code"; const DefaultScope = "openid"; const DefaultClientAuthentication = "client_secret_post"; -const DefaultResponseMode = "query"; const DefaultStaleStateAgeInSeconds = 60 * 15; /** @@ -72,7 +71,14 @@ export interface OidcClientSettings { /** optional protocol param */ resource?: string | string[]; - /** optional protocol param (default: "query") */ + /** + * Optional protocol param + * The response mode used by the authority server is defined by the response_type unless explicitly specified: + * - Response mode for the OAuth 2.0 response type "code" is the "query" encoding + * - Response mode for the OAuth 2.0 response type "token" is the "fragment" encoding + * + * @see https://openid.net/specs/oauth-v2-multiple-response-types-1_0.html#ResponseModes + */ response_mode?: "query" | "fragment"; /** @@ -163,7 +169,7 @@ export class OidcClientSettingsStore { public readonly ui_locales: string | undefined; public readonly acr_values: string | undefined; public readonly resource: string | string[] | undefined; - public readonly response_mode: "query" | "fragment"; + public readonly response_mode: "query" | "fragment" | undefined; // behavior flags public readonly filterProtocolClaims: boolean | string[]; @@ -191,7 +197,7 @@ export class OidcClientSettingsStore { redirect_uri, post_logout_redirect_uri, client_authentication = DefaultClientAuthentication, // optional protocol - prompt, display, max_age, ui_locales, acr_values, resource, response_mode = DefaultResponseMode, + prompt, display, max_age, ui_locales, acr_values, resource, response_mode, // behavior flags filterProtocolClaims = true, loadUserInfo = false,