Development->master (#178)

* add state validation for authorization

* fix codacy errors

* update state parameter storage

* fix codacy errors

* remove random number test

* encode state param to base64

* token manager for custom identity

* Added mock tests for token manager

* Added tests for token manager config

* Added sample node app for custom identity

* Added custom identity to README file

* minor fix

* Made changes to config tests

* Minor change

* Made changes from Code Review

* Fixed state parameter validation and bug in token validation

* Fixed bug in validate token

* Fixed spelling in README

* Fixed spacing

* Minor fix

* Refactoring

* Made change from code review

* Bug fix

* update return of error from callback

* update callback error

* Bypass State validation for cloud directory update req (#121)

* bypass state validation for cloud directory update req

* update flow

* update encoding for state param to base64URL encode

* Removed tenant Id from API strategy and WebAppStrategy (#120)

* Removed tenant Id validation for API strategy

* Removed tenantId as requirement for initializing APIStrategy

* Updated README file

* Fixed spacing issue from code review

* Removed tenant Id validation from WebAPIStrategy

* Removed tenant Id validation from Custom Identity

* Updated code samples with changes for tenant Id validation

* Bump up to 4.1.1 (#123)

* Application identity (#125)

* Adds support for application identity (app to app flow)

* Adds test cases for application identity

* Adds documentation on how to use App to App flow

* fixes spacing

* Changes from PR

* Bump up version number to 4.2

* Correct version to be correct format

* Renaming to application Identity and authorization (#127)

* Update README.md

* Update package.json

* call logging api from node SDK (#130)

* call logging api from node SDK

* call logging api from node SDK

* refactor

* do not log the legacy sample logout

* do not log the legacy sample logout

* add debug message

* a more generic error message

* fix error message

* Updated the versions of dependencies

* Add initialization examples for TokenManager (#133)

https://github.ibm.com/security-services/appid-project-management/issues/2043

* Adding support for the new service endpoint, this endpoint supposed to work in parallel with the existing oauth server endpoints

Add eslint to our code that should validate coding conventions

* fix version parameter (#138)

* fix version

* Update tests

* Update tests

* Multi tenants (#143)

* add multi-tenant support through adding a publicKeysJson object

* update test error message

* remove get and set public key endpoint, add clarity to code, change var to let

* update and fix tests

* change isUpdateRequestPending to unique array

* move getPublicKeyByKid up

* remove unnecessary publicKey

* accept both oauthServerUrl and oAuthServerUrl (#147)

* accept both oauthServerUrl and oAuthServerUrl

* Issue 2287 -- Validation Changes Only (#145)

Validation changes -- ISS, AZP, AUD

* Issue 2439 (#148)

Renamed azp validation function and accommodates v3 and v4 tokens

* Issue 2439-2 (#149)

minor token change

* fixing Application Identity code snippet (#150)

* Bump up version to 6.0.0

* fixes tests (#152)

* check for LOG4JS_CONFIG variable set and if not present use log4js.json as default config (#154)

* Updates default log level to info from debug (#155)

* Log4js update (#156)

* update to use Log4js.configure instead of global variable

* added slack link

* Rani access control (#160)

* added hasScope method to token-manager

* moved hasScope method to token-utils

* field renames

* added prefix to required scopes in token-util
added scope validation to api-strategy when providing scope and audience

* added tests for api-strategy's scope validation

* added unit testing

* changed the hasScope method: it now ignores scope prefixes (takes the part that is after the last slash)

* added an optional appUri argument for loadConfig which is used by webapp-strategy and api-strategy's constructors.

* moved hasScope method to WebAppStrategy as a static method.
cleaning, renaming, added validation for user input.

* added tests

* added tests

* added documentation on using access control in readme

* fixed typo in readme

* fixed typo in readme

* Add better documentation for audience (#164)

* fix the token audience claim test (#165)

* Update package.json (#167)

* update readme

* Cleaning app uri (#168)

* removed appUri

* commented out parts about access control in readme

* update to 6.0.2

* uncomment the acccess control on readme

* Validate Token Expiration (#175)

* added validation for token expiration for the case where the user is already authenticated but their token is expired.

* added unit tests for the allowExpiredTokensOnSession option

* validate token exp by default

* bumping new version

Co-authored-by: Ishan Gulhane <[email protected]>
Co-authored-by: Aaron Liberatore <[email protected]>
Co-authored-by: aal80 <[email protected]>
Co-authored-by: Vishal Kaja <[email protected]>
Co-authored-by: CirillA2 <[email protected]>
Co-authored-by: gtaban <[email protected]>
Co-authored-by: Anup Rokkam <[email protected]>
Co-authored-by: yigal-dayan2 <[email protected]>
Co-authored-by: Asaf Manassen <[email protected]>
Co-authored-by: TalAviel <[email protected]>
Co-authored-by: kimmytaft <[email protected]>
Co-authored-by: Joyce Huang <[email protected]>
Co-authored-by: Jared Ryan <[email protected]>
Co-authored-by: RaniAbboud <[email protected]>
Co-authored-by: mordechai taitelman <[email protected]>
Co-authored-by: Rani Abboud <[email protected]>

Author: 17 people

package.json

@@ -1,6 +1,6 @@
 {
   "name": "ibmcloud-appid",
-  "version": "6.0.2",
+  "version": "6.1.0",
   "description": "Node.js SDK for the IBM Cloud App ID service",
   "main": "lib/appid-sdk.js",
   "scripts": {