v3.1.0

• Add Battle.net provider (#241).

v3.0.0

Arctic v3 is here! This is a small major release that adds support for public OAuth clients. There are only a few breaking changes and most breaking changes are small.

npm install arctic@latest

Changes

• [Breaking] Remove clientSecret parameter from Etsy constructor.
• [Breaking] Add codeVerifier parameter to createAuthorizationURL() and validateAuthorizationCode() in Auth0, Discord, Spotify, WorkOS.
• [Breaking] Replaced domain parameter with baseURL parameter for Authentik, GitLab constructor.
• [Breaking] Replaced poolURL parameter with domain parameter for AmazonCognito constructor.
• [Breaking] Add scopes parameter to refreshAccessToken() in AmazonCognito, MicrosoftEntraId.
• [Breaking] Update MyAnimeList constructor.
• [Breaking] Stricter compliance to RFC 6749 for OAuth2Client.
• Add UnexpectedResponseError and UnexpectedErrorResponseBodyError errors.
• Allow null as clientSecret in AmazonCognito, Auth0, Authentik, Bungie, Discord, GitLab, KeyCloak, MicrosoftEntraId, Roblox, Salesforce, Spotify, Twitter, WorkOS constructor.
• Fix scopes parameter in Strava.createAuthorizationURL().
• Add TikTok provider.

v2.0.0

Major changes

• createAuthorizationURL() no longer returns a Promise
• validateAuthorizationCode() and refreshAccessToken() returns OAuth2Tokens
• validateAuthorizationCode() and refreshAccessToken() can throw one of OAuth2RequestError, ArcticFetchError, or Error
• Scopes are no longer set by default, including openid and those required by the provider
• Updated parameters for Apple, GitHub, GitLab, MicrosoftEntraId, MyAnimeList, Okta, Osu, and Salesforce
• Removed options.scope parameter from createAuthorizationURL()
• Removed OAuth2Provider and OAuth2ProviderWithPKCE
• Update createAuthorizationURL() provider methods

Minor changes

• Add Polar provider.
• Add Start.gg provider.
• Add Bungie.Net provider.
• Add refreshAccessToken() to GitHub
• createAuthorizationURL() returns AuthorizationCodeAuthorizationURL
• Add decodeIdToken()
• Add token revocation API

Patch changes

• Remove @oslojs/oauth2 dependency
• Fix Amazon Cognito provider

v2.0.0-next.8

Minor changes

• Add Polar provider.
• Add Start.gg provider.
• Add Bungie.Net provider.

v2.0.0-next.1

update release (#151)

v2.0.0-next.0

update release (#146)

v1.9.1

Patch changes

• Fix: Remove new lines when parsing Apple certificate (#139)

v1.9.0

Minor changes

• Added Authentik auth provider (#120)

v1.8.1

Patch changes

• Fix Slack provider (#122)
• Fix Okta provider (#124)

v1.8.0

Minor changes

• Feat: Add idToken to the return value of LinkedIn's validateAuthorizationCode(code: string) (#105)
• Feat: Add Tiltify provider. (#118)

Patch changes

• Fix: Make refreshToken optional for the return value of LinkedIn's validateAuthorizationCode(code: string) (#105)