Releases: commercelayer/commercelayer-js-auth
Releases · commercelayer/commercelayer-js-auth
v6.4.0
a68f7c1
This commit was signed with the committer’s verified signature.
marcomontalbano
Marco Montalbano
What's Changed
🚀 Enhancement
- Update tests with the new token iss by @marcomontalbano in #87
- Add in-memory cache for jwks to the
jwtVerifymethod by @marcomontalbano in #85
Full Changelog: v6.3.1...v6.4.0
Contributors
marcomontalbano
Assets 2
v6.3.1
b6f3675
This commit was signed with the committer’s verified signature.
marcomontalbano
Marco Montalbano
What's Changed
🐛 Bug Fix
- Fix the edge function crash on Vercel by @marcomontalbano in #84
Full Changelog: v6.3.0...v6.3.1
Contributors
marcomontalbano
Assets 2
v6.3.0
d61b466
This commit was signed with the committer’s verified signature.
marcomontalbano
Marco Montalbano
What's Changed
🚀 Enhancement
- Add
jwtVerifymethod by @marcomontalbano in #83
Full Changelog: v6.2.2...v6.3.0
Contributors
marcomontalbano
Assets 2
v6.2.2
4a05784
This commit was signed with the committer’s verified signature.
marcomontalbano
Marco Montalbano
What's Changed
🚀 Enhancement
- Remove
price_list_idby @marcomontalbano in #82
Full Changelog: v6.2.1...v6.2.2
Contributors
marcomontalbano
Assets 2
v6.2.1
3bd70fc
This commit was signed with the committer’s verified signature.
marcomontalbano
Marco Montalbano
What's Changed
📝 Documentation
- Update all dependencies to the latest and update documentation by @marcomontalbano in #81
Full Changelog: v6.2.0...v6.2.1
Contributors
marcomontalbano
Assets 2
v6.2.0
e3882c2
This commit was signed with the committer’s verified signature.
marcomontalbano
Marco Montalbano
What's Changed
🚀 Enhancement
- Export JWT types by @marcomontalbano in #79
Other Changes
- Update all dependencies to the latest by @marcomontalbano in #80
Full Changelog: v6.1.1...v6.2.0
Contributors
marcomontalbano
Assets 2
v6.1.1
804872c
This commit was signed with the committer’s verified signature.
marcomontalbano
Marco Montalbano
What's Changed
🐛 Bug Fix
- Improve type definitions for
jwtDecodeandcreateAssertionby @marcomontalbano in #77
Full Changelog: v6.1.0...v6.1.1
Contributors
marcomontalbano
Assets 2
v6.1.0
73af7d4
This commit was signed with the committer’s verified signature.
marcomontalbano
Marco Montalbano
What's Changed
🚀 Enhancement
- Add configuration for jsr.io by @marcomontalbano in #76
Full Changelog: v6.0.1...v6.1.0
Contributors
marcomontalbano
Assets 2
v6.0.1
d9e3fb1
This commit was signed with the committer’s verified signature.
marcomontalbano
Marco Montalbano
What's Changed
🐛 Bug Fix
- The
encodeBase64URLSafemethod replaces the base64 instead of the payload by @marcomontalbano in #75
📝 Documentation
- Update README by @sfiorucci in #74
Full Changelog: v6.0.0...v6.0.1
Contributors
marcomontalbano and sfiorucci
Assets 2
v6.0.0
1a76499
This commit was signed with the committer’s verified signature.
marcomontalbano
Marco Montalbano
What's Changed
💥 Breaking Change
- New auth endpoint by @marcomontalbano in #68
🚀 Enhancement
- Add an helper to decode the JWT by @marcomontalbano in #69
- Add support to JWT Bearer by @marcomontalbano in #71
- Add
revokemethod by @marcomontalbano in #72
📝 Documentation
- Add custom header types by @marcomontalbano in #70
💥 Breaking changes
This library now uses the new https://auth.commercelayer.io/oauth/token endpoint. We unified core and provisioning into a single authenticate method.
# no more valid
- import { provisioning } from '@commercelayer/js-auth'
# no more valid
- import { core } from '@commercelayer/js-auth'
# new syntax
+ import { authenticate } from '@commercelayer/js-auth'Examples
Core authentication
import { authenticate } from '@commercelayer/js-auth'
const auth = await authenticate('client_credentials', {
clientId: '{{ client_id }}',
scope: 'market:id:1234'
})Provisioning authentication
Read more about how to get the client id and secret.
import { authenticate } from '@commercelayer/js-auth'
const auth = await authenticate('client_credentials', {
clientId: '{{ client_id }}',
clientSecret: '{{ client_secret }}',
})Typescript
import { authenticate, type AuthenticateOptions } from '@commercelayer/js-auth'
const options: AuthenticateOptions<'client_credentials'> = {
clientId: '{{ client_id }}',
scope: 'market:id:1234'
}
const auth = await authenticate('client_credentials', options)Decode an access token
We added an helper method to decode an access token:
import { authenticate, jwtDecode, jwtIsSalesChannel } from '@commercelayer/js-auth'
const auth = await authenticate('client_credentials', {
clientId: '{{ application_client_id }}',
scope: '{{ application_scope }}'
})
const decodedJWT = jwtDecode(auth.accessToken)
if (jwtIsSalesChannel(decodedJWT.payload)) {
console.log('organization slug is', decodedJWT.payload.organization.slug)
}JWT bearer flow
JWT Bearer flow allows a client application to obtain an access token using a JSON Web Token (JWT) assertion.
We added support to the JWT bearer flow by introducing a new createAssertion method:
const assertion = await createAssertion({
payload: {
'https://commercelayer.io/claims': {
owner: {
type: 'Customer',
id: '4tepftJsT2'
},
custom_claim: {
customer: {
first_name: 'John',
last_name: 'Doe'
}
}
}
}
})Once you created the assertion you can get an access token using the urn:ietf:params:oauth:grant-type:jwt-bearer grant type:
import { authenticate } from '@commercelayer/js-auth'
const auth = await authenticate('urn:ietf:params:oauth:grant-type:jwt-bearer', {
clientId: 'your-client-id',
clientSecret: 'your-client-secret',
scope: 'market:code:europe',
assertion
})
console.log('My access token: ', auth.accessToken)
console.log('Expiration date: ', auth.expires)Revoke an access token
We added the revoke method.
Any previously generated access tokens (refresh tokens included) can be revoked before their natural expiration date.
import { revoke } from '@commercelayer/js-auth'
await revoke({
clientId: 'your-client-id',
clientSecret: 'your-client-secret',
token: 'a-generated-access-token'
})Full Changelog: v5.2.1...v6.0.0
Contributors
marcomontalbano