8.6.1

Full Changelog

Fixed

• Fix postMessage handler to handle parsed objects as well #420 (luisrudge)

8.6.0

Full Changelog

Fixed

• Fixed nonce checking on renewAuth method #413 (luisrudge)
• Fixed 'qs' dependency #401 (maxpaj)

8.5.0

Full Changelog

Changed

• Improve jsdocs #393 (hzalaz)

Fixed

• Fixing error handling for when the error comes as a successful response from WinChan #395 (luisrudge)
• Correct spelling mistake in web-auth JSDoc resulting in incorrect autocomplete suggestions #388 (Geeman201)

8.4.0

Full Changelog
Closed issues

• winchanOptions missing parameters #378
• 'Nonce does not match' error when state data contains '=' encoded as %3D #377

Added

• Added possibility to specify custom popup size #379 (artemtool)

Changed

• Whitelist resource owner parameters #386 (hzalaz)
• Only allow to be used in node 6.9 or later #385 (hzalaz)
• Restrict what popupOptions fields are used #383 (hzalaz)
• Replace querystring implementation with qs module #382 (selaux)
• Deprecation warning: webauth.login → webauth.authorize #367 (dtinth)

Fixed

• Pass to popup the needed params for auth #381 (hzalaz)

8.3.0

Full Changelog

Added

• Integration tests #346 (glena)
• Whitelist nonce, state, _csrf and _instate from constructor #345 (glena)
• Added flag to disable id_token verification for legacy clients #341 (glena)
• Popup no owp #337 (glena)

Changed

• Remove warnings around refreshing session #353 (hzalaz)
• Updated passwordless start jsdocs #340 (glena)

Fixed

• Only parse cordova callback hash #370 (hzalaz)

8.2.0

Full Changelog

Added

• Plugins support + cordova plugin #333 (glena)

Fixed

• popup.authorize should not require redirectURI when using OWP #336 (glena)

8.1.3

Full Changelog

Fixed

• Fix case convertion of null values #329 (glena)

8.1.2

Full Changelog

Fixed

• Fixed params whitelist for authorize endpoint #324 (glena)

8.1.1

Full Changelog

Changed

• Removed state requirement #321 (glena)

Removed

• Revert "Fallback to math.random if there is no crypto support" #320 (glena)

Fixed

• Fix undefined variable #319 (glena)

8.1.0

Full Changelog

Added

• Fallback to math.random if there is no crypto support #316 (glena)

Fixed

• Fix passwordless #315 (glena)
• Passwordless start: map params to authParams and fix tests #306 (glena)
• Fix transaction usage to delete what is stored in local storage #298 (glena)

Breaking changes

• Do not change casing of the user profile object #307 (glena)