These are three standard OAuth features which are mandatory in many common configurations. I did my best to separate these out into individual commits, for ease of reviewing. I believe these each work individually. I've tested these against Authelia, configured with its recommended strict settings, having gamja act as a "public" oauth client (since it runs in the browser, it has no way to protect a client secret). I did my best to stick to the RFCs, and I expect it will work in other configurations and with other software, but I haven't tested it.
There's also a commit in here that adds a version number to package.json. I did that because my infrastructure uses nix and the nix build tooling for JavaScript prefers to have a version number there. I don't have strong feelings about that one, I'm happy to exclude it from the PR if you prefer.
These are three standard OAuth features which are mandatory in many common configurations. I did my best to separate these out into individual commits, for ease of reviewing. I believe these each work individually. I've tested these against Authelia, configured with its recommended strict settings, having gamja act as a "public" oauth client (since it runs in the browser, it has no way to protect a client secret). I did my best to stick to the RFCs, and I expect it will work in other configurations and with other software, but I haven't tested it.
There's also a commit in here that adds a version number to package.json. I did that because my infrastructure uses nix and the nix build tooling for JavaScript prefers to have a version number there. I don't have strong feelings about that one, I'm happy to exclude it from the PR if you prefer.