From 4ff1f0744a27d9d64d6bc03a621fd7ba4098a9ed Mon Sep 17 00:00:00 2001 From: Jonah Werre Date: Mon, 13 Dec 2021 14:19:03 -0700 Subject: [PATCH] added @node-oauth/formats module, removed is.js tests --- lib/grant-types/abstract-grant-type.js | 4 +- .../authorization-code-grant-type.js | 8 +- lib/grant-types/password-grant-type.js | 6 +- lib/grant-types/refresh-token-grant-type.js | 4 +- lib/handlers/authorize-handler.js | 10 +- lib/handlers/token-handler.js | 8 +- package-lock.json | 5 + package.json | 2 + test/unit/validator/is_test.js | 127 ------------------ 9 files changed, 27 insertions(+), 147 deletions(-) delete mode 100644 test/unit/validator/is_test.js diff --git a/lib/grant-types/abstract-grant-type.js b/lib/grant-types/abstract-grant-type.js index 4f73e55..d9894b6 100644 --- a/lib/grant-types/abstract-grant-type.js +++ b/lib/grant-types/abstract-grant-type.js @@ -8,7 +8,7 @@ const InvalidArgumentError = require('../errors/invalid-argument-error'); const InvalidScopeError = require('../errors/invalid-scope-error'); const Promise = require('bluebird'); const promisify = require('promisify-any').use(Promise); -const is = require('../validator/is'); +const isFormat = require('@node-oauth/formats'); const tokenUtil = require('../utils/token-util'); /** @@ -83,7 +83,7 @@ AbstractGrantType.prototype.getRefreshTokenExpiresAt = function() { */ AbstractGrantType.prototype.getScope = function(request) { - if (!is.nqschar(request.body.scope)) { + if (!isFormat.nqschar(request.body.scope)) { throw new InvalidArgumentError('Invalid parameter: `scope`'); } diff --git a/lib/grant-types/authorization-code-grant-type.js b/lib/grant-types/authorization-code-grant-type.js index 8f21aef..ed66eea 100644 --- a/lib/grant-types/authorization-code-grant-type.js +++ b/lib/grant-types/authorization-code-grant-type.js @@ -11,7 +11,7 @@ const InvalidRequestError = require('../errors/invalid-request-error'); const Promise = require('bluebird'); const promisify = require('promisify-any').use(Promise); const ServerError = require('../errors/server-error'); -const is = require('../validator/is'); +const isFormat = require('@node-oauth/formats'); const util = require('util'); /** @@ -85,7 +85,7 @@ AuthorizationCodeGrantType.prototype.getAuthorizationCode = function(request, cl throw new InvalidRequestError('Missing parameter: `code`'); } - if (!is.vschar(request.body.code)) { + if (!isFormat.vschar(request.body.code)) { throw new InvalidRequestError('Invalid parameter: `code`'); } return promisify(this.model.getAuthorizationCode, 1).call(this.model, request.body.code) @@ -114,7 +114,7 @@ AuthorizationCodeGrantType.prototype.getAuthorizationCode = function(request, cl throw new InvalidGrantError('Invalid grant: authorization code has expired'); } - if (code.redirectUri && !is.uri(code.redirectUri)) { + if (code.redirectUri && !isFormat.uri(code.redirectUri)) { throw new InvalidGrantError('Invalid grant: `redirect_uri` is not a valid URI'); } @@ -140,7 +140,7 @@ AuthorizationCodeGrantType.prototype.validateRedirectUri = function(request, cod const redirectUri = request.body.redirect_uri || request.query.redirect_uri; - if (!is.uri(redirectUri)) { + if (!isFormat.uri(redirectUri)) { throw new InvalidRequestError('Invalid request: `redirect_uri` is not a valid URI'); } diff --git a/lib/grant-types/password-grant-type.js b/lib/grant-types/password-grant-type.js index 70a7c1b..b65f9e1 100644 --- a/lib/grant-types/password-grant-type.js +++ b/lib/grant-types/password-grant-type.js @@ -10,7 +10,7 @@ const InvalidGrantError = require('../errors/invalid-grant-error'); const InvalidRequestError = require('../errors/invalid-request-error'); const Promise = require('bluebird'); const promisify = require('promisify-any').use(Promise); -const is = require('../validator/is'); +const isFormat = require('@node-oauth/formats'); const util = require('util'); /** @@ -80,11 +80,11 @@ PasswordGrantType.prototype.getUser = function(request) { throw new InvalidRequestError('Missing parameter: `password`'); } - if (!is.uchar(request.body.username)) { + if (!isFormat.uchar(request.body.username)) { throw new InvalidRequestError('Invalid parameter: `username`'); } - if (!is.uchar(request.body.password)) { + if (!isFormat.uchar(request.body.password)) { throw new InvalidRequestError('Invalid parameter: `password`'); } diff --git a/lib/grant-types/refresh-token-grant-type.js b/lib/grant-types/refresh-token-grant-type.js index 3eac92b..c9a25df 100644 --- a/lib/grant-types/refresh-token-grant-type.js +++ b/lib/grant-types/refresh-token-grant-type.js @@ -11,7 +11,7 @@ const InvalidRequestError = require('../errors/invalid-request-error'); const Promise = require('bluebird'); const promisify = require('promisify-any').use(Promise); const ServerError = require('../errors/server-error'); -const is = require('../validator/is'); +const isFormat = require('@node-oauth/formats'); const util = require('util'); /** @@ -82,7 +82,7 @@ RefreshTokenGrantType.prototype.getRefreshToken = function(request, client) { throw new InvalidRequestError('Missing parameter: `refresh_token`'); } - if (!is.vschar(request.body.refresh_token)) { + if (!isFormat.vschar(request.body.refresh_token)) { throw new InvalidRequestError('Invalid parameter: `refresh_token`'); } diff --git a/lib/handlers/authorize-handler.js b/lib/handlers/authorize-handler.js index 5e06ded..6b42fa0 100644 --- a/lib/handlers/authorize-handler.js +++ b/lib/handlers/authorize-handler.js @@ -18,7 +18,7 @@ const Request = require('../request'); const Response = require('../response'); const ServerError = require('../errors/server-error'); const UnauthorizedClientError = require('../errors/unauthorized-client-error'); -const is = require('../validator/is'); +const isFormat = require('@node-oauth/formats'); const tokenUtil = require('../utils/token-util'); const url = require('url'); @@ -171,13 +171,13 @@ AuthorizeHandler.prototype.getClient = function(request) { throw new InvalidRequestError('Missing parameter: `client_id`'); } - if (!is.vschar(clientId)) { + if (!isFormat.vschar(clientId)) { throw new InvalidRequestError('Invalid parameter: `client_id`'); } const redirectUri = request.body.redirect_uri || request.query.redirect_uri; - if (redirectUri && !is.uri(redirectUri)) { + if (redirectUri && !isFormat.uri(redirectUri)) { throw new InvalidRequestError('Invalid request: `redirect_uri` is not a valid URI'); } return promisify(this.model.getClient, 2).call(this.model, clientId, null) @@ -230,7 +230,7 @@ AuthorizeHandler.prototype.validateScope = function(user, client, scope) { AuthorizeHandler.prototype.getScope = function(request) { const scope = request.body.scope || request.query.scope; - if (!is.nqschar(scope)) { + if (!isFormat.nqschar(scope)) { throw new InvalidScopeError('Invalid parameter: `scope`'); } @@ -245,7 +245,7 @@ AuthorizeHandler.prototype.getState = function(request) { const state = request.body.state || request.query.state; const stateExists = state && state.length > 0; const stateIsValid = stateExists - ? is.vschar(state) + ? isFormat.vschar(state) : this.allowEmptyState; if (!stateIsValid) { diff --git a/lib/handlers/token-handler.js b/lib/handlers/token-handler.js index 8195969..285843e 100644 --- a/lib/handlers/token-handler.js +++ b/lib/handlers/token-handler.js @@ -18,7 +18,7 @@ const TokenModel = require('../models/token-model'); const UnauthorizedClientError = require('../errors/unauthorized-client-error'); const UnsupportedGrantTypeError = require('../errors/unsupported-grant-type-error'); const auth = require('basic-auth'); -const is = require('../validator/is'); +const isFormat = require('@node-oauth/formats'); /** * Grant types. @@ -123,11 +123,11 @@ TokenHandler.prototype.getClient = function(request, response) { throw new InvalidRequestError('Missing parameter: `client_secret`'); } - if (!is.vschar(credentials.clientId)) { + if (!isFormat.vschar(credentials.clientId)) { throw new InvalidRequestError('Invalid parameter: `client_id`'); } - if (credentials.clientSecret && !is.vschar(credentials.clientSecret)) { + if (credentials.clientSecret && !isFormat.vschar(credentials.clientSecret)) { throw new InvalidRequestError('Invalid parameter: `client_secret`'); } @@ -203,7 +203,7 @@ TokenHandler.prototype.handleGrantType = function(request, client) { throw new InvalidRequestError('Missing parameter: `grant_type`'); } - if (!is.nchar(grantType) && !is.uri(grantType)) { + if (!isFormat.nchar(grantType) && !isFormat.uri(grantType)) { throw new InvalidRequestError('Invalid parameter: `grant_type`'); } diff --git a/package-lock.json b/package-lock.json index 2a5c7cb..19a704e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -437,6 +437,11 @@ "integrity": "sha512-ZXRY4jNvVgSVQ8DL3LTcakaAtXwTVUxE81hslsyD2AtoXW/wVob10HkOJ1X/pAlcI7D+2YoZKg5do8G/w6RYgA==", "dev": true }, + "@node-oauth/formats": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/@node-oauth/formats/-/formats-1.0.0.tgz", + "integrity": "sha512-DwSbLtdC8zC5B5gTJkFzJj5s9vr9SGzOgQvV9nH7tUVuMSScg0EswAczhjIapOmH3Y8AyP7C4Jv7b8+QJObWZA==" + }, "@sinonjs/commons": { "version": "1.8.3", "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-1.8.3.tgz", diff --git a/package.json b/package.json index c043554..c0deb37 100644 --- a/package.json +++ b/package.json @@ -24,6 +24,7 @@ "lib" ], "dependencies": { + "@node-oauth/formats": "^1.0.0", "basic-auth": "2.0.1", "bluebird": "3.7.2", "promisify-any": "2.0.1", @@ -44,6 +45,7 @@ "pretest": "./node_modules/.bin/eslint lib test index.js", "test": "NODE_ENV=test ./node_modules/.bin/mocha 'test/**/*_test.js'", "test-debug": "NODE_ENV=test ./node_modules/.bin/mocha --inspect --debug-brk 'test/**/*_test.js'", + "test:watch": "NODE_ENV=test ./node_modules/.bin/mocha --watch 'test/**/*_test.js'", "test:coverage": "NODE_ENV=test nyc --reporter=html --reporter=text ./node_modules/.bin/mocha 'test/**/*_test.js'", "lint": "npx eslint .", "lint:fix": "npx eslint . --fix" diff --git a/test/unit/validator/is_test.js b/test/unit/validator/is_test.js deleted file mode 100644 index 016371a..0000000 --- a/test/unit/validator/is_test.js +++ /dev/null @@ -1,127 +0,0 @@ -const is = require('../../../lib/validator/is'); -require('chai').should(); - -function runRanges (ranges, fn, expected) { - ranges.forEach(function (range) { - const lower = range[0]; - const upper = range[1]; - - for (let i = lower; i <= upper; i++) { - const unicodeChar = String.fromCodePoint(i); - // single char - fn(unicodeChar).should.eql(expected, i + ' ' + unicodeChar); - // multiple chars - fn(unicodeChar+unicodeChar).should.eql(expected, i + ' ' + unicodeChar); - } - }); -} - -describe('Validator', function () { - describe('is', function () { - it('validates if a value matches a unicode character (nchar)', function () { - const validRanges = [ - [45, 46], // \u002D \u002E - [48, 57], // 0-9 - [65, 90], // A-Z - [95, 95], // \u005F - [97, 122] // a-z - ]; - - runRanges(validRanges, is.nchar, true); - - const invalidRanges = [ - [0, 44], - [47, 47], - [58, 64], - [91, 94], - [96, 96], - [123, 1023] - ]; - - runRanges(invalidRanges, is.nchar, false); - }); - it('validates if a value matches a unicode character, including exclamation marks (nqchar)', function () { - const validRanges = [ - [33, 33], // \u0021 - [35, 91], // \u0023-\u005B - [93, 126] // \u005D-\u007E - ]; - - runRanges(validRanges, is.nqchar, true); - - const invalidRanges = [ - [0, 32], - [34, 34], - [92, 92], - [127, 1023] - ]; - - runRanges(invalidRanges, is.nqchar, false); - }); - it('validates if a value matches a unicode character, including exclamation marks and spaces (nqschar)', function () { - const validRanges = [ - [32, 33], // \u0020-\u0021 - [35, 91], // \u0023-\u005B - [93, 126] // \u005D-\u007E - ]; - - runRanges(validRanges, is.nqschar, true); - - const invalidRanges = [ - [0, 31], - [34, 34], - [92, 92], - [127, 1023] - ]; - - runRanges(invalidRanges, is.nqschar, false); - }); - it('validates if a value matches a unicode character excluding the carriage return and linefeed characters (uchar)', function () { - this.timeout(60000); - const validRanges = [ - [9, 9], // \u0009 - [32, 126], // \u0020-\u007E, - [128, 55295], // \u0080-\uD7FF - [57344, 65533], // \uE000-\uFFFD - [65536, 1114111] // \u10000-\u10FFFF - ]; - - runRanges(validRanges, is.uchar, true); - - const invalidRanges = [ - [0, 8], - [10, 31], - [127, 127], - [55296, 57343], - [65534, 65535] - ]; - - runRanges(invalidRanges, is.uchar, false); - }); - it('validates if a value matches generic URIs (uri)', function () { - ['aa:', 'http:', 'https:'].forEach(function (uri) { - is.uri(uri).should.equal(true); - is.uri(uri.toUpperCase()).should.equal(true); - }); - - ['a', 'a:', 'http'].forEach(function (uri) { - is.uri(uri).should.equal(false); - is.uri(uri.toUpperCase()).should.equal(false); - }); - }); - it('validates if a value matches against the printable set of unicode characters (vschar)', function () { - const validRanges = [ - [32, 126] // \u0020-\u007E - ]; - - runRanges(validRanges, is.vschar, true); - - const invalidRanges = [ - [0, 31], - [127, 1023] - ]; - - runRanges(invalidRanges, is.vschar, false); - }); - }); -});