Skip to content

Commit

Permalink
chore: bump version
Browse files Browse the repository at this point in the history
  • Loading branch information
@soofstad
soofstad committed Oct 7, 2024
1 parent a3c12ff commit b137491
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 6 deletions.
9 changes: 4 additions & 5 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -170,12 +170,11 @@ type TAuthConfig = {
refreshTokenExpiryStrategy?: 'renewable' | 'absolute' // default: renewable
// Whether or not to post 'scope' when refreshing the access token
refreshWithScope?: boolean // default: true
tokenRequestCredentials?: RequestCredentials // default: 'same-origin'
// Controls whether browser credentials (cookies, TLS client certificates, or authentication headers containing a username and password) are sent when requesting tokens.
// Warning: The OAuth2 specification requires the client to authenticate to the token endpoint using client credentials (like client_id and client_secret) — not via cookies. Including browser credentials deviates from the standard protocol and can introduce unforeseen security issues. Only set this to 'include' if you know what you are doing and CSRF protection is present. Setting this to 'include' is required when the token endpoint requires client certificate authentication, but likely is not needed in any other case. Use with caution.
// - 'same-origin' (the default): only send and include credentials for same-origin requests.
// - 'include': always include credentials, even cross-origin.
// - 'omit': never send credentials in the request.
// Warning: Including browser credentials deviates from the standard protocol and can introduce unforeseen security issues. Only set this to 'include' if you know what
// you are doing and CSRF protection is present. Setting this to 'include' is required when the token endpoint requires client certificate authentication, but likely is
// not needed in any other case. Use with caution.
tokenRequestCredentials?: 'same-origin'|'include'|'omit' // default: 'same-origin'
}

```
Expand Down
2 changes: 1 addition & 1 deletion src/package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "react-oauth2-code-pkce",
"version": "1.20.2",
"version": "1.21.0",
"description": "Provider agnostic react package for OAuth2 Authorization Code flow with PKCE",
"main": "dist/index.js",
"types": "dist/index.d.ts",
Expand Down

0 comments on commit b137491

Please sign in to comment.