Skip to content

Latest commit

 

History

History
300 lines (163 loc) · 11.4 KB

CHANGELOG.md

File metadata and controls

300 lines (163 loc) · 11.4 KB

6.4.0

Fixes

  • #140 fix: pulls acr_values from idToken rather than accessToken

6.3.2

Fixes

  • #134 Fixed providing OKTA_CONFIG with OktaAuthModule when config is loaded at runtime

6.3.1

Fixes

  • #135 Fixes okta extended user agent header to correct SDK version

6.3.0

Features

  • #132 Supports Step-up authentication in OktaAuthGuard by specifying okta.acrValues in route data

6.2.0

Features

  • #124 Supports asynchronous configuration of OktaAuthModule in APP_INITIALIZER with OktaAuthConfigService.setConfig()

6.1.0

Features

  • #118 Supports OktaAuthModule.forRoot()

Others

  • #119 Uses ng-packagr to build the library in APF v12. Uses @angular-builders/jest to run Jest tests with ng test.

6.0.0

Breaking Changes

  • #90 Enables Ivy engine and partial compiling. Updates library to ESM. Minimum supported version of Angular is 12.

5.3.0

Fixes

  • #99 query parameters are now passed through the canLoad guard

5.2.0

Others

  • #89 Updates okta-auth-js to 6.2.0 in test apps and SDK
  • #91 Add Angular version in Okta UA. Add Angular to peerDependencies

5.1.1

Fixes

  • #83 Fixes okta-auth-js v6 compatibility issues:
    • allows okta-auth-js v6 in peerDependencies
    • uses available isInteractionRequiredError method in callback.component

5.1.0

Others

  • #81 Set okta-auth-js minimum supported version as 5.3.1, AuthSdkError will be thrown if oktaAuth instance cannot meet the version requirement

5.0.0

Breaking Changes

  • #79 Uses OKTA_AUTH injection token instead of OktaAuth type to inject oktaAuth instance. This change is introduced to fix production build issue for Angular v7 & 8. See MIGRATING for detailed information.

4.1.1

Fixes

#74 Fixes old version angular compatibility issue

4.1.0

Features

  • #65 Supports lazy loaded routes in OktaAuthGuard
  • #66 Adds lite role/group based authorization directive (*oktaHasAnyGroup) to only render content for authorized users (users in groups)

4.0.0

Breaking Changes

#60 See MIGRATING for detailed information

  • Enables injecting oktaAuth instance via OktaConfig
  • Replaces the OktaAuthService with the injected OktaAuth instance
  • Removes oktaAuth related configs from OktaConfig
  • Removes isAuthenticated callback option from OktaConfig
  • Removes OktaLoginRedirectComponent

Features

#60 Adds OktaAuthStateService that exposes an observable authState$

3.2.3

Other

#58 Requires @okta/okta-auth-js ^5.3.1

3.2.2

Bug Fixes

#51 Fix token auto renew by using @okta/okta-auth-js ^5.2.3

3.2.1

Bug Fixes

#48 fix: start tokenService on login redirect

3.2.0

Other

#40 Requires @okta/okta-auth-js 5.x

3.1.0

Features

#33 Adds option onAuthResume to resume authorization flow on custom login page.

3.0.1

Bug Fixes

#9 fix: handle --base-href option

3.0.0

#5 Release 3.0.0 - OktaAuthService now inherits from an instance of @okta/okta-auth-js so all configuration options and public methods are available. See MIGRATING for detailed information.

2.2.1

Bug Fixes

#2 Builds library using Angular 7 package format for compatiblity with Angular 7+.

2.2.0

Features

#794 OktaAuthService.getUser only uses /userinfo endpoint to retrieve user claims. OktaAuthService.getUser should be the recommended method to acquire user information as idToken.claims may become stale due to data updating.

#867 The current instance of the OktaAuthService is passed to isAuthenticated callback function.

Bug Fixes

#867 Default onSessionExpired behavior is removed, as it was causing concurrency issues.

2.1.0

Features

#776 OktaAuthGuard now implements canActivateChild

2.0.0

Breaking Changes

#690

Features

  • OktaCallbackComponent will catch and display exceptions thrown from handleAuthentication()
  • onAuthRequired callbacks will now receive the Angular injector as the 2nd parameter. This change allows logic using any services available within your application.

Bug Fixes

  • Saved URI is now stored in sessionStorage instead of localStorage. This fixes an issue which can occur when multiple instances of the app are loading at the same time.
  • OktaCallbackComponent uses window.location.replace() to complete the login flow after handleAuthentication completes. This fixes an issue where the user could navigate back to the callback hander.

Breaking Changes

  • Signature for onAuthRequired callback functions has changed. Callbacks will receive the OktaAuthService as the first argument, and the Angular Injector as the second argument.
  • Static initializer OktaAuthModule.initAuth() has been removed. OKTA_CONFIG should be provided directly by your module.
  • getFromUri now returns an absolute URI as a string
  • setFromUri takes a string. If it is a relative path, it will be converted to an absolute URI before being saved.
  • Legacy config formats are no longer supported. See Configuration Reference for supported values.
  • The pkce option now defaults to true, using the Authorization Code w/PKCE flow

Other

  • Upgrades @okta/okta-auth-js to version 3.0.0

1.4.0

Features

  • #648
    • Adds a default handler for onSessionExpired
    • Adds a new option isAuthenticated which works with onAuthRequired
    • Expose TokenManager
    • Adds documentation for postLogoutRedirectUri

1.3.1

Bug fixes

  • #646 - Fixes regression with AOT compilation. Also tested against Angular 9.

1.3.0

Features

1.2.3

Features

1.2.2

Features

  • ef10d85 - Support PKCE authorization flow

Other

  • 654550 - All configuration options are now accepted. See Configuration Reference. Camel-case (clientId) is now the preferred syntax for all Okta OIDC libraries. Underscore syntax (client_id) will be deprecated in a future release.

  • a2a7b3e - Configuration property scope (string) is deprecated in favor of scopes (array). Normalize config format for the properties responseType and scopes, used in get token flows. Fully support deprecated config properties request_type and scope as previously documented and used within the okta-angular samples.

1.2.1

Other

  • 0703aff - Relaxes peerDependency to include latest versions of Angular

1.2.0

Other

  • f972822 - Deprecates 'initAuth' method.

1.1.0

Features

  • 2ae1eff - Adds TokenManager configuration parameters.

1.0.7

Other

  • 2945461 - Updates @okta/configuration-validation version

1.0.6

Bug fixes

  • 6242f2d - Fixes an issue where the library was not correctly building the /dist output before publishing to npm.

1.0.5

Features

  • 29d04f6 - Adds configuration validation for issuer, clientId, and redirectUri when passed into the auth service.

Other

1.0.4

Bug fixes

  • 5862e32 - Fixes an issue where the library would enter an error state when attempting to renew expired tokens (errorCode: login_required).

1.0.3

Other

  • Updated @okta/okta-auth-js dependency to version 2.

1.0.2

Other

  • The supported range of Angular peer dependencies has been upgraded to include versions 4, 5, and 6. At the moment we only test on the latest stable version of Angular, currently version 6.