fork update u15

[andrelucax]

• Improved url check in intercveptor by adding customUrlValidation
• Opened storeAccessTokenResponse to public to for users that uses other authentication flows like Silent Login within same software
• Properly implements openUri for implicit flow
• Refresh the timers after configuration has changed
• Cleanup timers when OAuthService is destroyed
• Adds implicit flow through popup
• Calculate the timeout using now as a reference
• Added option to skip expiration checks. Changed NPM packages options
• Changed package configuration and added option to skip expiration validation
• Fixed HTTPS error messages in service
• Add documentation about configuring custom OAuthStorage
• Add info about contributing to docs to README.md
• apply indention settings from editorconfig
• remove unused imports
• wait for token if not available
• Improve documentation for events
• add discovery-document-validation.md
• Pause silent refresh if user has logged out
• fixes skipIssuerCheck flag is ignored manfredsteyer/angular-oauth2-oidc#492: skip issuer check in processIdToken if skipIssuerCheck is true
• Corrects how localStorage could be used
• Add noPrompt parameter to setupAutomaticSilentRefresh method
• Move noPrompt parameter at the end to avoid breaking code
• feature: Abort current implicit flow
• refactor: better method name
• optionally use crypto to generate nonce
• Fix spelling mistake
• Improved url check in intercveptor by adding customUrlValidation
• Opened storeAccessTokenResponse to public to for users that uses other authentication flows like Silent Login within same software
• Only present the sendAccessToken interceptor mechanism in the Readme
• Changed package name
• Added clock scew parameter
• upgraded npm packages and changed package name
• Revert "upgraded npm packages and changed package name"
• feat: Upgrade to angular 8
• code flow
• PKCE + Token Refresh for code flow
• docs
• last tests for v8
• Update issue templates
• Update issue templates
• pointing to code+pkce docs and to token refresh docs in readme
• Add CryptoHandler to public api.
• Removed duplicated condition
• Merged if statements into one
• bundle size
• Validate self when calling crypto provider
• bundle sizes
• Always set expiration timers for valid token types
• Fixing disableAtHashCheck
• Allow clockSkewInSec to be different from 600
• During session check, ignore messages with irrelevant origin
• Added configuration to enable multiple audiences in id token
• Add support for code flow silent-refresh and popup
• Allow automatic refresh to use iframe for code flow
• Ory Hydra cannot parse the base64 encoded code_verifier parameter on token request manfredsteyer/angular-oauth2-oidc#628 Generate a code_verifier and then base64url encode it
• Fixing the random string generation.
• Unsubscribe from 'token_received' events before re-subscribing
• Added support for testing hash location strategy
• Add support for hash location strategy in code flow
• Added error handling for blocked popup and closed popup before authentication is completed for implicit grant popup authentication
• Add more guides on another way to use loadDiscoveryDocumentAndTryLogin
• Bug fix: 1. Sometimes event handler getting called as soon as the popup is opened, so added a check to see if message actually contains some valid tokens 2. sometime window is also null due to this false event firing, so added check accordingly
• Improve error handling on missing tokenEndpoint
• Fixed not using config.openUri in code flow
• Fix positioning of popup login window
• Clean up more resources in ngOnDestroy
• Fix Issue 277
• Fix issue 277 II
• Use preventClearHashAfterLogin consistently
• Add more types in OAuthService
• Set userinfoEndpoint if userinfo_endpoint not exists
• Update Angular and Angular CLI to latest v8
• Remove angular-oauth2-oidc itself as a dependency
• Run Angular upgrade to v9
• Tweak readme and update version of lib project
• Fix leftovers from upgrade step
• Tweak change log
• Update devDependencies
• Fix for issue 661
• docu
• moved jsrsign into separate lib
• adjust example
• fixed issues after merging
• fixed bugs
• update to angular 9
• Fixed not working silent refresh when using 'code'
• CustomTokenResponseProperties + helperfunction
• more typescript and two typo fixes
• Typed customTokenResponseParameters
• Cleanup customparameters on logout
• no return statement
• String -> string in customParameterMap
• replace document with injectionToken
• fix customHashFragment usage in tryLoginCodeFlow
• State param during logout manfredsteyer/angular-oauth2-oidc#739: Add optional state parameter for logout
• Fix for Silent refresh
• Update silent-refresh.html script This should cover both normal popup and normal login flow + implicit and code flows
• Sample: add login in popup for both implicit flow and codeflow
• feat(sample): also use new idsvr 4 for implicit flow demo to prevent issues with same site cookies
• feat(code-flow): allow using implicit flow by setting useSilentRefresh to true
• docs(silent refresh): Show that silent refresh is now also supported for code flow
• fix(code flow): Fixed code flow for IE 11
• fallback to localstorage for nonce in IE
• fix(session state): save session_state also when using code flow
• Fix docs URL for implicit flow
• fix(sample): use hash-based routing
• fix(state): passing an url with a querystring as the state, e. g. url?x=1
• feat(session checks): Session checks work now for code flow too. Pls see Docs for details.
• fix: OAuthService.storeAccessTokenResponse(): ERROR TypeError: grantedScopes.split is not a function manfredsteyer/angular-oauth2-oidc#687
• chore: Add prettier and execute it
• feat(automatic silent refresh): stopAutomaticRefresh stops all timers.
• chore: Add conventional-changelog
• chore(release): 9.2.0
• chore: add ngx-semantic-version
• chore: clean Changelog
• chore(release): 9.0.1
• chore(release): 9.0.1
• chore(release): 9.0.2
• chore(release): 9.1.0
• chore: prepare 9.1 release
• chore: added contributers list
• Revert "Fix for Silent refresh"
• Fall back expires_in for code flow if not received from CIAM
• Update a 404 link
• Update silent-refresh.md
• fix(sample): make sense of the guard
• There is no explicit way to revoke an access token when the user logs out
• fix(revoketokenandlogout): explicit way to revoke an access token
• Update README with 9.1.0 breaking change
• feat(token-revocation): also revoke refresh_token
• chore(release): 9.2.0
• chore: make version 9.2 ready
• Replaced document by this.document Error on npm run serve:ssr manfredsteyer/angular-oauth2-oidc#773
• fix(lib): copying LICENSE file to output build
• fix: loadDiscoveryDocumentAndLogin should pass state into initLoginFlow
• chore: make version 9.2 ready
• chore(release): 9.2.1
• 'disableAtHashCheck' by default if responseType is 'id_token'
• response_types including 'code' gets a code_challenge
• Fix typo in code-flow.md
• chore(release): 9.2.2
• docs(readme): use our own idsvr
• chore: increase version in package.json
• Fix issue with ambient type in constructor when running Universal with Ivy
• chore(deps): bump websocket-extensions from 0.1.3 to 0.1.4
• Wrong function name in refresh token documentation manfredsteyer/angular-oauth2-oidc#825:
• Wrong function name in refresh token documentation manfredsteyer/angular-oauth2-oidc#825:
• chore(deps): bump jsrsasign from 8.0.12 to 8.0.19
• Update code-flow.md
• feat(oauth-service): pass custom url params to logOut
• feat(oauth-service): revokeTokenAndLogout with cust params
• refactor: inline js-sha256
• refactor: remove dep on contributer-table
• refactor: use esm for sha-256
• chore(release): 9.3.0
• chore: release
• docs: mention angular 10 in readme
• docs: auth0 support
• feat: introduce DateTimeProvider
• docs: add CustomDateTimeProvider docs
• docs: rebuild docs for DateTimeProvider
• docs: update sample with CustomDateTimeProvider
• style: execute prettier
• fix: Disable nonce validation for id token for e2e tests
• remove unused variable
• fix: this.config.customTokenParameters is undefined
• 10.0.3
• Changes the link path " Token Refresh"
• Custom grant type added
• listen for storage to receive auth hash from popup
• edited the docs and sample app to support the MR
• Update oauth-service.ts
• Update oauth-service.ts
• Update package.json
• feat: support JWT response on userinfo endpoint
• Add missing encodeURIComponent when replacing placeholders
• Simplify filtering of truthy tokens
• Fix spelling for jsrasign in README.md
• fix: multiplying calls to token endpoint in code flow
• fix: fix scope/state removal for implicit flow with hash
• fix: correctly handle ? and & in location replacements
• Add a windowRef option to initLoginFlowInPopup to prevent the window from beeing blocked by popup blockers
• Solve a minor typo in authsvr-auth0.md
• Fix a typo in AuthConfig.html
• Fix a typo in auth.config.ts
• fix: clear location.hash only if it is present
• fix: in code flow pass options to error handler
• feat(logout): postLogoutRedirectUri should not default to redirectUri
• Fix checking listenTo after debounceTime can sometimes wrong because in race condition, the debounceTime can returns either access_token or id_token
• fix(revoketokenandlogout): 'customParameters' should accept boolean
• Fixed typo
• Use configured revocationEndpoint by default
• jwks adding license
• fix: Validating access_token failed, wrong state/nonce manfredsteyer/angular-oauth2-oidc#728
• feature: add new event for oidc session unchanged
• chore: update document
• Update oauth-service.ts
• disableOAuth2StateCheck before calling validateNonce() in tryLoginCodeFlow
• fix(jwks): update jsrsasign dependency to 10.2.0
• chore: update package.json
• fix: While Using POPUP mode, we click on login button multiple time it opens multiple popup instead of focusing already opened
• fix: Refresh tokens with a plus sign get corrupted before sending to token endpoint
• add contributors
• fix: correctly use clockSkew for hasValid[Access|Id]Token
• chor: update version to 12.0.1
• Add check for localStorage writeability
• Fix typo
• Update popup.md
• fix: clock skew bug
• fix(js-sha256): wrap logic in a function to prevent optimizer destroy lib
• set version
• fix: issue with sha256 and prod build PKCE Code verifier is incorrect for Angular 12 production build manfredsteyer/angular-oauth2-oidc#1120
• make 12.1 ready
• chore(deps): bump jszip from 3.6.0 to 3.7.1
• chore(deps): bump url-parse from 1.5.1 to 1.5.3
• preserve requested route for code flow
• chore(deps): bump tar from 6.1.0 to 6.1.11
• docs: fix broken link in silent-refresh documentation pointing to token-refresh
• chore(deps): bump nth-check from 2.0.0 to 2.0.1
• feat: update for angular 13
• disableNonceCheck always leads to an error disableNonceCheck always leads to an error manfredsteyer/angular-oauth2-oidc#1210
• add max value on calcTimeout function
• fix
• update to ng14
• update to ng15
• feat: provide standalone api
• docs: update readme for standalone api
• docs: mention that ng14 has no standalone APIs for HttpClient to avoid confusion
• docs
• Docs and version