Skip to content

v2.0.0

Compare
Choose a tag to compare
@magiclabsFE magiclabsFE released this 10 Jul 18:14
· 45 commits to master since this release

Summary

  • 🚀 Added: Magic Connect developers can now use the Admin SDK to validate DID tokens. #111 (@magic-ravi)
  • ⚠️ Changed: After creating the Magic instance, it is now necessary to call a new initialize method for Magic Connect developers that want to utilize the Admin SDK. #111 (@magic-ravi)
  • 🛡️ Security: Additional validation of aud (client ID) is now being done during initialization of the SDK. #111 (@magic-ravi)

Developer Notes

🚀 Added

Admin SDK for MC

Magic Connect developers can now use the Admin SDK to validate DID tokens.

Details
There is full support for all TokenResource SDK methods for MC. This is intended to be used with client side magic-js SDK which will now emit an id-token-created event with a DID token upon login via the connectWithUI method.

This functionality is replicated on our other SDKs on Python and Ruby.

⚠️ Changed

Constructor initialization

The existing constructor has been deprecated in place of a new async init method.
The init method will pull clientId from Magic servers if one is not provided in the options parameter.

Previous Version

const magic = new Magic(secretKey);
try {
  magic.token.validate(DIDT);
} catch (e) {
  console.log(e);
}
try {
  await magic.users.getMetadataByToken(DIDT);
} catch (e) {
  console.log(e);
}

Current Version

const magic = await Magic.init(mcSecretKey);
try {
    magic.token.validate(DIDT);
} catch (e) {
   console.log(e);
}
try {
    await magic.users.getMetadataByToken(DIDT);
} catch (e) {
    console.log(e);
}

Attachment Validation

  • Skip validation of attachment if 'none' is passed in validate.

🛡️ Security

Client ID Validation

Additional validation of aud (client ID) is now being done during initialization of the SDK. This is for both Magic Connect and Magic Auth developers.

🚨 Breaking

None, all changes are fully backwards compatible. Default constructor is now deprecated in place of async init method.

Authors: 1