3.23.3 (2024-03-21)
- add openid-configuration endpoint (14a6507)
3.23.2 (2023-05-28)
- InitiateAuth: handle UNCONFIRMED user login attempt (93a452b)
3.23.1 (2023-03-11)
- api: confirm user apis return errors for invalid states (e2975f0)
3.23.0 (2023-03-11)
- lambda: unhandled errors in lambda return correct error message (c9821d1)
3.22.0 (2023-03-10)
- confirmationCodes: add CODE environment variable to pre-define the confirmation codes (2c823f0)
- confirmationCodes: update README file (9143469)
3.21.2 (2023-03-10)
- errorFormat: make exception format more consistent with real Cognito exceptions (e67576b)
- tests: newer node versions were starting express in ipv6 (efc08a7)
3.21.1 (2022-08-01)
- initiateAuth: invoke post auth lambda before generating tokens (8330a9f), closes #281
- initiateAuth: invoke post auth lambda before generating tokens [281] (8c06e2a)
- initiateAuth: invoke post auth lambda before generating tokens [281] (1b16f04)
3.21.0 (2022-08-01)
- use username from user migration response (0bb8d95)
- use username from user migration response (afe2372)
- suppress send welcome message (12e7af8)
3.20.0 (2022-05-31)
- api: support for addCustomAttribute (7932176)
3.19.0 (2022-05-30)
- support getUserPoolMfaConfig (416ea1d)
3.18.0 (2022-05-30)
- api: support for CustomEmailSender (5da5c7c)
- api: support for CustomEmailSender (8dcaf10)
- support configurable expiration for tokens (bae6da5), closes #220
- support for adminEnable/DisableUser (3b20f82)
3.17.1 (2022-05-30)
3.17.0 (2022-05-30)
- support configurable expiration for tokens (675fab5), closes #220
- support for adminEnable/DisableUser (462af6e)
3.16.3 (2022-04-15)
3.16.2 (2022-02-24)
- build: publish npm packages (faaf12b)
3.16.1 (2022-02-18)
- updating a user pool updates cached options (dc2b10e)
3.16.0 (2022-02-16)
- api: full support for groups (1fc025c)
- api: support for DeleteUserPool (9dd6f2d)
- api: support for DeleteUserPoolClient (f5bca87)
- api: support for ListUserPoolClients (6e546ce)
- api: support for UpdateUserPoolClient (4fa9de5)
- api: updateUserPool and describeUserPool support (fc62e8f)
3.15.0 (2022-02-16)
- docker: publish arm64 images (again) (c1361b8)
3.14.0 (2022-02-16)
- docker: publish arm64 images (df0033b)
3.13.3 (2022-01-15)
- api: finish implementation of changePassword (f649bfa)
3.13.2 (2022-01-15)
3.13.1 (2022-01-11)
- api: adminDeleteUser handles email usernames (8faa78f), closes #99
- log: errors not being logged correctly (1ca2b99)
3.13.0 (2021-12-11)
- api: verifyUserAttributes throws CodeMismatchError (b3b116c)
- api: adminDeleteUserAttributes full support (1a47086)
- api: deleteUserAttributes full support (3d0e9a0)
- api: updateUserAttributes full support (308c9c2)
3.12.0 (2021-12-10)
- api: save attribute code separately from confirmation code (b18af6a)
- api: getUserAttributeVerificationCode full support (90726a4)
- api: verifyUserAttribute full support (320dd17)
3.11.0 (2021-12-10)
- api: adminUpdateUserAttributes full support (d3c5ebe)
3.10.0 (2021-12-09)
- lambda: preTokenGenerator can't change reserved claims (407122f)
- api: adminConfirmSignUp full support (e16a211)
3.9.0 (2021-12-07)
- lambda: preTokenGeneration trigger called when tokens generated (d04506e)
3.8.0 (2021-12-07)
- cache data stores to fix potential race condition (406599a)
- tokens: add jti to id and refresh tokens (4f475ad)
- tokens: adminInitateAuth uses token IssuerDomain (37ba1c5)
- token: add refresh token, revoke token and initiate auth (0d46ed7)
- token: initiateAuth basic refresh token support (2d6b0e3)
3.7.1 (2021-11-29)
- deps: fix breaking change in stormdb (dbed898)
3.7.0 (2021-11-29)
- lambda: lambda triggers called with clientMetadata/validationData (2399c3e)
- lambda: postConfirmation called in signUp (ddb2b77)
- lambda: preSignUp trigger support in signUp (af955a1)
3.6.0 (2021-11-27)
- config: arrays in config couldn't be overwritten (7526a0a)
- lambda: customMessage uses code and username parameters (084c253)
- tokens: id token not using issuer config (c488810)
- api: adminCreateUser can generate a temporary password (c0eea4f)
- api: adminCreateUser delivers welcome message (d49aa80)
- api: createUserPool full support (e5c08dc)
- api: signUp delivers message using auto verified attributes (64280e8)
3.5.0 (2021-11-25)
- api: listUserPools full support (d2e5324)
3.4.0 (2021-11-25)
3.3.0 (2021-11-25)
- api: adminCreateUser defaults status to FORCE_CHANGE_PASSWORD (4996aa4)
- api: adminCreateUser handles duplicate users (7529971)
- api: initiateAuth throws when missing AuthParameters (d1eb240)
- api: respondToAuthChallenge throws if missing ChallengeResponses (5e5aa36)
- lambda: forgotPassword invokes CustomMessage lambda (79f43ef)
- api: adminDeleteUser full support (58f33e2)
- api: adminGetUser full support (a6fc4c8)
- api: deleteUser full support (0a753b2)
- api: initiateAuth handles FORCE_CHANGE_PASSWORD (6703ea9)
- api: listGroups support (252ee96)
- api: respondToAuthChallenge supports NEW_PASSWORD_REQUIRED (6a75fea)
- lambda: support for CustomMessage_Authentication (dfb6fdf)
- lambda: support for CustomMessage_SignUp (ce69ea7)
3.2.0 (2021-11-24)
- api: createGroup support (c3dc092)
3.1.5 (2021-11-24)
3.1.4 (2021-11-24)
3.1.3 (2021-10-05)
- api: users can be queried by their sub (ae555b8)
3.1.2 (2021-07-29)
3.1.1 (2021-07-29)
3.1.0 (2021-07-28)
- Revert "Merge branch 'furious-luke-master'" (ad0e928)
3.0.0 (2021-07-28)
- conflation of a user's Sub and their Username (ece63b6)
- potential -- the autogenerated Sub and user-supplied Username were treated interchangeably before, but now are independent. Previously lookups by the Sub attribute were possible, but it now doesn't appear necessary so has been removed. Databases should be unaffected.
2.3.2 (2021-07-27)
- lambda tests to use imported aws-sdk version (d4a5c82)
2.3.1 (2021-07-24)
- auth_time resolution in generated tokens (f300df4)
2.3.0 (2021-07-23)
- key setting in the datastore to work with arrays (d0a2557)
- api: describeUserPoolClient support (26cf370)
2.2.0 (2021-07-22)
- lambda: limited CustomMessage lambda support (6880a90)
2.1.0 (2020-05-10)
- support for GetUser api (cc8048b)
2.0.0 (2020-05-03)
- hide debug logging by default (48de4e5)
- propagate Session parameter through initiateAuth (688fd4a)
- server: better default handling for HOST and PORT (69b4648)
- change UserPoolId to Id in user pool storage (71f5e52)
- api: respondToAuthChallenge support (842633e)
- api: sms_mfa support for initiateAuth (f16afe6)
- createUserPoolClient support (df421d7)
- store clients for user pools (eaad662)
- api: basic listUsers support (6e0c18f)
- client ids are now validated and associated with specific user pools.
- Nit pick of a breaking change, make the user pool database representation match what AWS reponds with from the API; keeping consistent with their response format should make it easier for us to implement APIs later. Sorry for the breakage.
Migration steps:
- Open any database json files and rename the UserPoolId key to Id
1.3.0 (2020-04-29)
- server: add hostname option (0365f3a)
1.2.2 (2020-04-13)
- lambda: save attributes from user migration lambda on user record (dc7a1c6)
1.2.1 (2020-04-13)
- lambda: invoke lambda with actual AWS SDK version (bed1b7c)
- imported json files weren't being published to npm (5f76d86)
1.2.0 (2020-04-13)
- jwt: sign tokens with real rsa key (949d3fc)
- lambda: post confirmation lambda trigger (f30573b)
- include user attributes in user migration lambda call (dabed92)
- jwt: expose jwk endpoint to support verifying tokens (bc27b86)
1.1.1 (2020-04-12)
- release: reorder semantic-release plugins to commit last (3a94c03)
1.1.0 (2020-04-12)
- incorrect case in import (dd2538b)
- userpool: force save sub as attribute, fix sub check logic (e5ed247)
- config file support (ad0f247)
- lambda: initial user migration trigger support (2f9ecfc)
- confirm forgot password flow (51df572)
- forgot password flow (6bd0b42)
- release: trigger a release for 1.0.0 (5d8ba83)