From 126ceff377fd4ea595025f4211b580407d5d32a9 Mon Sep 17 00:00:00 2001 From: jankapunkt Date: Fri, 9 Jun 2023 08:36:14 +0200 Subject: [PATCH 1/7] breaking(deps): remove bluebird and promisify-any --- .mocharc.yml | 2 +- lib/grant-types/abstract-grant-type.js | 35 ++- .../authorization-code-grant-type.js | 203 +++++++--------- .../client-credentials-grant-type.js | 50 ++-- lib/grant-types/password-grant-type.js | 67 ++---- lib/grant-types/refresh-token-grant-type.js | 129 +++++----- lib/handlers/authenticate-handler.js | 116 +++++---- lib/handlers/authorize-handler.js | 225 +++++++++--------- lib/handlers/token-handler.js | 110 ++++----- lib/server.js | 19 +- lib/utils/token-util.js | 10 +- package.json | 2 - .../grant-types/abstract-grant-type_test.js | 1 - .../authorization-code-grant-type_test.js | 93 ++------ .../client-credentials-grant-type_test.js | 32 +-- .../grant-types/password-grant-type_test.js | 71 ++---- .../refresh-token-grant-type_test.js | 68 +----- .../handlers/authenticate-handler_test.js | 69 ++---- .../handlers/authorize-handler_test.js | 91 ++----- .../handlers/token-handler_test.js | 56 ++--- test/integration/server_test.js | 114 +++------ test/integration/utils/token-util_test.js | 10 +- .../authorization-code-grant-type_test.js | 1 - test/unit/handlers/authorize-handler_test.js | 1 - test/unit/server_test.js | 1 - 25 files changed, 574 insertions(+), 1002 deletions(-) diff --git a/.mocharc.yml b/.mocharc.yml index 83fda38..1b4a955 100644 --- a/.mocharc.yml +++ b/.mocharc.yml @@ -1,6 +1,6 @@ recursive: true reporter: "spec" -retries: 1 +retries: 0 slow: 20 timeout: 2000 ui: "bdd" diff --git a/lib/grant-types/abstract-grant-type.js b/lib/grant-types/abstract-grant-type.js index d9894b6..4fd0243 100644 --- a/lib/grant-types/abstract-grant-type.js +++ b/lib/grant-types/abstract-grant-type.js @@ -6,8 +6,6 @@ const InvalidArgumentError = require('../errors/invalid-argument-error'); const InvalidScopeError = require('../errors/invalid-scope-error'); -const Promise = require('bluebird'); -const promisify = require('promisify-any').use(Promise); const isFormat = require('@node-oauth/formats'); const tokenUtil = require('../utils/token-util'); @@ -36,12 +34,10 @@ function AbstractGrantType(options) { * Generate access token. */ -AbstractGrantType.prototype.generateAccessToken = function(client, user, scope) { +AbstractGrantType.prototype.generateAccessToken = async function(client, user, scope) { if (this.model.generateAccessToken) { - return promisify(this.model.generateAccessToken, 3).call(this.model, client, user, scope) - .then(function(accessToken) { - return accessToken || tokenUtil.generateRandomToken(); - }); + const accessToken = await this.model.generateAccessToken(client, user, scope); + return accessToken || tokenUtil.generateRandomToken(); } return tokenUtil.generateRandomToken(); @@ -51,12 +47,10 @@ AbstractGrantType.prototype.generateAccessToken = function(client, user, scope) * Generate refresh token. */ -AbstractGrantType.prototype.generateRefreshToken = function(client, user, scope) { +AbstractGrantType.prototype.generateRefreshToken = async function(client, user, scope) { if (this.model.generateRefreshToken) { - return promisify(this.model.generateRefreshToken, 3).call(this.model, client, user, scope) - .then(function(refreshToken) { - return refreshToken || tokenUtil.generateRandomToken(); - }); + const refreshToken = await this.model.generateRefreshToken(client, user, scope); + return refreshToken || tokenUtil.generateRandomToken(); } return tokenUtil.generateRandomToken(); @@ -93,16 +87,15 @@ AbstractGrantType.prototype.getScope = function(request) { /** * Validate requested scope. */ -AbstractGrantType.prototype.validateScope = function(user, client, scope) { +AbstractGrantType.prototype.validateScope = async function(user, client, scope) { if (this.model.validateScope) { - return promisify(this.model.validateScope, 3).call(this.model, user, client, scope) - .then(function (scope) { - if (!scope) { - throw new InvalidScopeError('Invalid scope: Requested scope is invalid'); - } - - return scope; - }); + const validatedScope = await this.model.validateScope(user, client, scope); + + if (!validatedScope) { + throw new InvalidScopeError('Invalid scope: Requested scope is invalid'); + } + + return validatedScope; } else { return scope; } diff --git a/lib/grant-types/authorization-code-grant-type.js b/lib/grant-types/authorization-code-grant-type.js index 73dec6d..2101462 100644 --- a/lib/grant-types/authorization-code-grant-type.js +++ b/lib/grant-types/authorization-code-grant-type.js @@ -8,8 +8,6 @@ const AbstractGrantType = require('./abstract-grant-type'); const InvalidArgumentError = require('../errors/invalid-argument-error'); const InvalidGrantError = require('../errors/invalid-grant-error'); const InvalidRequestError = require('../errors/invalid-request-error'); -const Promise = require('bluebird'); -const promisify = require('promisify-any').use(Promise); const ServerError = require('../errors/server-error'); const isFormat = require('@node-oauth/formats'); const pkce = require('../pkce/pkce'); @@ -45,7 +43,7 @@ class AuthorizationCodeGrantType extends AbstractGrantType { * @see https://tools.ietf.org/html/rfc6749#section-4.1.3 */ - handle(request, client) { + async handle(request, client) { if (!request) { throw new InvalidArgumentError('Missing parameter: `request`'); } @@ -54,26 +52,18 @@ class AuthorizationCodeGrantType extends AbstractGrantType { throw new InvalidArgumentError('Missing parameter: `client`'); } - return Promise.bind(this) - .then(function () { - return this.getAuthorizationCode(request, client); - }) - .tap(function (code) { - return this.validateRedirectUri(request, code); - }) - .tap(function (code) { - return this.revokeAuthorizationCode(code); - }) - .then(function (code) { - return this.saveToken(code.user, client, code.authorizationCode, code.scope); - }); + const code = await this.getAuthorizationCode(request, client); + await this.validateRedirectUri(request, code); + await this.revokeAuthorizationCode(code); + + return this.saveToken(code.user, client, code.authorizationCode, code.scope); } /** * Get the authorization code. */ - getAuthorizationCode(request, client) { + async getAuthorizationCode(request, client) { if (!request.body.code) { throw new InvalidRequestError('Missing parameter: `code`'); } @@ -81,69 +71,68 @@ class AuthorizationCodeGrantType extends AbstractGrantType { if (!isFormat.vschar(request.body.code)) { throw new InvalidRequestError('Invalid parameter: `code`'); } - return promisify(this.model.getAuthorizationCode, 1) - .call(this.model, request.body.code) - .then((code) => { - if (!code) { - throw new InvalidGrantError('Invalid grant: authorization code is invalid'); - } - - if (!code.client) { - throw new ServerError('Server error: `getAuthorizationCode()` did not return a `client` object'); - } - - if (!code.user) { - throw new ServerError('Server error: `getAuthorizationCode()` did not return a `user` object'); - } - - if (code.client.id !== client.id) { - throw new InvalidGrantError('Invalid grant: authorization code is invalid'); - } - - if (!(code.expiresAt instanceof Date)) { - throw new ServerError('Server error: `expiresAt` must be a Date instance'); - } - - if (code.expiresAt < new Date()) { - throw new InvalidGrantError('Invalid grant: authorization code has expired'); - } - - if (code.redirectUri && !isFormat.uri(code.redirectUri)) { - throw new InvalidGrantError('Invalid grant: `redirect_uri` is not a valid URI'); - } - - // optional: PKCE code challenge - - if (code.codeChallenge) { - if (!request.body.code_verifier) { - throw new InvalidGrantError('Missing parameter: `code_verifier`'); - } - - const hash = pkce.getHashForCodeChallenge({ - method: code.codeChallengeMethod, - verifier: request.body.code_verifier - }); - - if (!hash) { - // notice that we assume that codeChallengeMethod is already - // checked at an earlier stage when being read from - // request.body.code_challenge_method - throw new ServerError('Server error: `getAuthorizationCode()` did not return a valid `codeChallengeMethod` property'); - } - - if (code.codeChallenge !== hash) { - throw new InvalidGrantError('Invalid grant: code verifier is invalid'); - } - } - else { - if (request.body.code_verifier) { - // No code challenge but code_verifier was passed in. - throw new InvalidGrantError('Invalid grant: code verifier is invalid'); - } - } - - return code; + + const code = await this.model.getAuthorizationCode(request.body.code); + + if (!code) { + throw new InvalidGrantError('Invalid grant: authorization code is invalid'); + } + + if (!code.client) { + throw new ServerError('Server error: `getAuthorizationCode()` did not return a `client` object'); + } + + if (!code.user) { + throw new ServerError('Server error: `getAuthorizationCode()` did not return a `user` object'); + } + + if (code.client.id !== client.id) { + throw new InvalidGrantError('Invalid grant: authorization code is invalid'); + } + + if (!(code.expiresAt instanceof Date)) { + throw new ServerError('Server error: `expiresAt` must be a Date instance'); + } + + if (code.expiresAt < new Date()) { + throw new InvalidGrantError('Invalid grant: authorization code has expired'); + } + + if (code.redirectUri && !isFormat.uri(code.redirectUri)) { + throw new InvalidGrantError('Invalid grant: `redirect_uri` is not a valid URI'); + } + + // optional: PKCE code challenge + + if (code.codeChallenge) { + if (!request.body.code_verifier) { + throw new InvalidGrantError('Missing parameter: `code_verifier`'); + } + + const hash = pkce.getHashForCodeChallenge({ + method: code.codeChallengeMethod, + verifier: request.body.code_verifier }); + + if (!hash) { + // notice that we assume that codeChallengeMethod is already + // checked at an earlier stage when being read from + // request.body.code_challenge_method + throw new ServerError('Server error: `getAuthorizationCode()` did not return a valid `codeChallengeMethod` property'); + } + + if (code.codeChallenge !== hash) { + throw new InvalidGrantError('Invalid grant: code verifier is invalid'); + } + } + else { + if (request.body.code_verifier) { + // No code challenge but code_verifier was passed in. + throw new InvalidGrantError('Invalid grant: code verifier is invalid'); + } + } + + return code; } /** @@ -183,16 +172,14 @@ class AuthorizationCodeGrantType extends AbstractGrantType { * @see https://tools.ietf.org/html/rfc6749#section-4.1.2 */ - revokeAuthorizationCode(code) { - return promisify(this.model.revokeAuthorizationCode, 1) - .call(this.model, code) - .then((status) => { - if (!status) { - throw new InvalidGrantError('Invalid grant: authorization code is invalid'); - } + async revokeAuthorizationCode(code) { + const status = await this.model.revokeAuthorizationCode(code); - return code; - }); + if (!status) { + throw new InvalidGrantError('Invalid grant: authorization code is invalid'); + } + + return code; } @@ -200,29 +187,23 @@ class AuthorizationCodeGrantType extends AbstractGrantType { * Save token. */ - saveToken(user, client, authorizationCode, scope) { - const fns = [ - this.validateScope(user, client, scope), - this.generateAccessToken(client, user, scope), - this.generateRefreshToken(client, user, scope), - this.getAccessTokenExpiresAt(), - this.getRefreshTokenExpiresAt(), - ]; - - return Promise.all(fns) - .bind(this) - .spread(function (scope, accessToken, refreshToken, accessTokenExpiresAt, refreshTokenExpiresAt) { - const token = { - accessToken: accessToken, - authorizationCode: authorizationCode, - accessTokenExpiresAt: accessTokenExpiresAt, - refreshToken: refreshToken, - refreshTokenExpiresAt: refreshTokenExpiresAt, - scope: scope, - }; - - return promisify(this.model.saveToken, 3).call(this.model, token, client, user); - }); + async saveToken(user, client, authorizationCode, scope) { + const validatedScope = await this.validateScope(user, client, scope); + const accessToken = await this.generateAccessToken(client, user, scope); + const refreshToken = await this.generateRefreshToken(client, user, scope); + const accessTokenExpiresAt = await this.getAccessTokenExpiresAt(); + const refreshTokenExpiresAt = await this.getRefreshTokenExpiresAt(); + + const token = { + accessToken: accessToken, + authorizationCode: authorizationCode, + accessTokenExpiresAt: accessTokenExpiresAt, + refreshToken: refreshToken, + refreshTokenExpiresAt: refreshTokenExpiresAt, + scope: validatedScope, + }; + + return this.model.saveToken(token, client, user); } } diff --git a/lib/grant-types/client-credentials-grant-type.js b/lib/grant-types/client-credentials-grant-type.js index 4b1aec5..a4ae1ed 100644 --- a/lib/grant-types/client-credentials-grant-type.js +++ b/lib/grant-types/client-credentials-grant-type.js @@ -7,8 +7,6 @@ const AbstractGrantType = require('./abstract-grant-type'); const InvalidArgumentError = require('../errors/invalid-argument-error'); const InvalidGrantError = require('../errors/invalid-grant-error'); -const Promise = require('bluebird'); -const promisify = require('promisify-any').use(Promise); /** * Constructor. @@ -37,7 +35,7 @@ class ClientCredentialsGrantType extends AbstractGrantType { * @see https://tools.ietf.org/html/rfc6749#section-4.4.2 */ - handle(request, client) { + async handle(request, client) { if (!request) { throw new InvalidArgumentError('Missing parameter: `request`'); } @@ -47,54 +45,44 @@ class ClientCredentialsGrantType extends AbstractGrantType { } const scope = this.getScope(request); + const user = this.getUserFromClient(client); - return Promise.bind(this) - .then(function () { - return this.getUserFromClient(client); - }) - .then(function (user) { - return this.saveToken(user, client, scope); - }); + return this.saveToken(user, client, scope); } /** * Retrieve the user using client credentials. */ - getUserFromClient(client) { - return promisify(this.model.getUserFromClient, 1) - .call(this.model, client) - .then((user) => { - if (!user) { - throw new InvalidGrantError('Invalid grant: user credentials are invalid'); - } + async getUserFromClient(client) { + const user = await this.model.getUserFromClient(client); - return user; - }); + if (!user) { + throw new InvalidGrantError('Invalid grant: user credentials are invalid'); + } + + return user; } /** * Save token. */ - saveToken(user, client, scope) { + async saveToken(user, client, scope) { const fns = [ this.validateScope(user, client, scope), this.generateAccessToken(client, user, scope), this.getAccessTokenExpiresAt(client, user, scope), ]; - return Promise.all(fns) - .bind(this) - .spread(function (scope, accessToken, accessTokenExpiresAt) { - const token = { - accessToken: accessToken, - accessTokenExpiresAt: accessTokenExpiresAt, - scope: scope, - }; - - return promisify(this.model.saveToken, 3).call(this.model, token, client, user); - }); + const [validatedScope, accessToken, accessTokenExpiresAt] = await Promise.all(fns); + const token = { + accessToken: accessToken, + accessTokenExpiresAt: accessTokenExpiresAt, + scope: validatedScope, + }; + + return this.model.saveToken(token, client, user); } } diff --git a/lib/grant-types/password-grant-type.js b/lib/grant-types/password-grant-type.js index 3035cdd..f13b68a 100644 --- a/lib/grant-types/password-grant-type.js +++ b/lib/grant-types/password-grant-type.js @@ -8,8 +8,6 @@ const AbstractGrantType = require('./abstract-grant-type'); const InvalidArgumentError = require('../errors/invalid-argument-error'); const InvalidGrantError = require('../errors/invalid-grant-error'); const InvalidRequestError = require('../errors/invalid-request-error'); -const Promise = require('bluebird'); -const promisify = require('promisify-any').use(Promise); const isFormat = require('@node-oauth/formats'); /** @@ -39,7 +37,7 @@ class PasswordGrantType extends AbstractGrantType { * @see https://tools.ietf.org/html/rfc6749#section-4.3.2 */ - handle(request, client) { + async handle(request, client) { if (!request) { throw new InvalidArgumentError('Missing parameter: `request`'); } @@ -49,21 +47,16 @@ class PasswordGrantType extends AbstractGrantType { } const scope = this.getScope(request); + const user = await this.getUser(request); - return Promise.bind(this) - .then(function () { - return this.getUser(request); - }) - .then(function (user) { - return this.saveToken(user, client, scope); - }); + return this.saveToken(user, client, scope); } /** * Get user using a username/password combination. */ - getUser(request) { + async getUser(request) { if (!request.body.username) { throw new InvalidRequestError('Missing parameter: `username`'); } @@ -80,43 +73,35 @@ class PasswordGrantType extends AbstractGrantType { throw new InvalidRequestError('Invalid parameter: `password`'); } - return promisify(this.model.getUser, 2) - .call(this.model, request.body.username, request.body.password) - .then((user) => { - if (!user) { - throw new InvalidGrantError('Invalid grant: user credentials are invalid'); - } + const user = await this.model.getUser(request.body.username, request.body.password); - return user; - }); + if (!user) { + throw new InvalidGrantError('Invalid grant: user credentials are invalid'); + } + + return user; } /** * Save token. */ - saveToken(user, client, scope) { - const fns = [ - this.validateScope(user, client, scope), - this.generateAccessToken(client, user, scope), - this.generateRefreshToken(client, user, scope), - this.getAccessTokenExpiresAt(), - this.getRefreshTokenExpiresAt(), - ]; - - return Promise.all(fns) - .bind(this) - .spread(function (scope, accessToken, refreshToken, accessTokenExpiresAt, refreshTokenExpiresAt) { - const token = { - accessToken: accessToken, - accessTokenExpiresAt: accessTokenExpiresAt, - refreshToken: refreshToken, - refreshTokenExpiresAt: refreshTokenExpiresAt, - scope: scope, - }; - - return promisify(this.model.saveToken, 3).call(this.model, token, client, user); - }); + async saveToken(user, client, scope) { + const validatedScope = await this.validateScope(user, client, scope); + const accessToken = await this.generateAccessToken(client, user, scope); + const refreshToken = await this.generateRefreshToken(client, user, scope); + const accessTokenExpiresAt = await this.getAccessTokenExpiresAt(); + const refreshTokenExpiresAt = await this.getRefreshTokenExpiresAt(); + + const token = { + accessToken: accessToken, + accessTokenExpiresAt: accessTokenExpiresAt, + refreshToken: refreshToken, + refreshTokenExpiresAt: refreshTokenExpiresAt, + scope: validatedScope, + }; + + return this.model.saveToken(token, client, user); } } diff --git a/lib/grant-types/refresh-token-grant-type.js b/lib/grant-types/refresh-token-grant-type.js index d94caca..b9e89a2 100644 --- a/lib/grant-types/refresh-token-grant-type.js +++ b/lib/grant-types/refresh-token-grant-type.js @@ -8,8 +8,6 @@ const AbstractGrantType = require('./abstract-grant-type'); const InvalidArgumentError = require('../errors/invalid-argument-error'); const InvalidGrantError = require('../errors/invalid-grant-error'); const InvalidRequestError = require('../errors/invalid-request-error'); -const Promise = require('bluebird'); -const promisify = require('promisify-any').use(Promise); const ServerError = require('../errors/server-error'); const isFormat = require('@node-oauth/formats'); @@ -44,7 +42,7 @@ class RefreshTokenGrantType extends AbstractGrantType { * @see https://tools.ietf.org/html/rfc6749#section-6 */ - handle(request, client) { + async handle(request, client) { if (!request) { throw new InvalidArgumentError('Missing parameter: `request`'); } @@ -53,23 +51,18 @@ class RefreshTokenGrantType extends AbstractGrantType { throw new InvalidArgumentError('Missing parameter: `client`'); } - return Promise.bind(this) - .then(function () { - return this.getRefreshToken(request, client); - }) - .tap(function (token) { - return this.revokeToken(token); - }) - .then(function (token) { - return this.saveToken(token.user, client, token.scope); - }); + let token; + token = await this.getRefreshToken(request, client); + token = await this.revokeToken(token); + + return this.saveToken(token.user, client, token.scope); } /** * Get refresh token. */ - getRefreshToken(request, client) { + async getRefreshToken(request, client) { if (!request.body.refresh_token) { throw new InvalidRequestError('Missing parameter: `refresh_token`'); } @@ -78,35 +71,33 @@ class RefreshTokenGrantType extends AbstractGrantType { throw new InvalidRequestError('Invalid parameter: `refresh_token`'); } - return promisify(this.model.getRefreshToken, 1) - .call(this.model, request.body.refresh_token) - .then((token) => { - if (!token) { - throw new InvalidGrantError('Invalid grant: refresh token is invalid'); - } + const token = await this.model.getRefreshToken(request.body.refresh_token); + + if (!token) { + throw new InvalidGrantError('Invalid grant: refresh token is invalid'); + } - if (!token.client) { - throw new ServerError('Server error: `getRefreshToken()` did not return a `client` object'); - } + if (!token.client) { + throw new ServerError('Server error: `getRefreshToken()` did not return a `client` object'); + } - if (!token.user) { - throw new ServerError('Server error: `getRefreshToken()` did not return a `user` object'); - } + if (!token.user) { + throw new ServerError('Server error: `getRefreshToken()` did not return a `user` object'); + } - if (token.client.id !== client.id) { - throw new InvalidGrantError('Invalid grant: refresh token was issued to another client'); - } + if (token.client.id !== client.id) { + throw new InvalidGrantError('Invalid grant: refresh token was issued to another client'); + } - if (token.refreshTokenExpiresAt && !(token.refreshTokenExpiresAt instanceof Date)) { - throw new ServerError('Server error: `refreshTokenExpiresAt` must be a Date instance'); - } + if (token.refreshTokenExpiresAt && !(token.refreshTokenExpiresAt instanceof Date)) { + throw new ServerError('Server error: `refreshTokenExpiresAt` must be a Date instance'); + } - if (token.refreshTokenExpiresAt && token.refreshTokenExpiresAt < new Date()) { - throw new InvalidGrantError('Invalid grant: refresh token has expired'); - } + if (token.refreshTokenExpiresAt && token.refreshTokenExpiresAt < new Date()) { + throw new InvalidGrantError('Invalid grant: refresh token has expired'); + } - return token; - }); + return token; } /** @@ -115,55 +106,41 @@ class RefreshTokenGrantType extends AbstractGrantType { * @see https://tools.ietf.org/html/rfc6749#section-6 */ - revokeToken(token) { + async revokeToken(token) { if (this.alwaysIssueNewRefreshToken === false) { - return Promise.resolve(token); + return token; } - return promisify(this.model.revokeToken, 1) - .call(this.model, token) - .then((status) => { - if (!status) { - throw new InvalidGrantError('Invalid grant: refresh token is invalid or could not be revoked'); - } + const status = await this.model.revokeToken(token); + + if (!status) { + throw new InvalidGrantError('Invalid grant: refresh token is invalid or could not be revoked'); + } - return token; - }); + return token; } /** * Save token. */ - saveToken(user, client, scope) { - const fns = [ - this.generateAccessToken(client, user, scope), - this.generateRefreshToken(client, user, scope), - this.getAccessTokenExpiresAt(), - this.getRefreshTokenExpiresAt(), - ]; - - return Promise.all(fns) - .bind(this) - .spread(function (accessToken, refreshToken, accessTokenExpiresAt, refreshTokenExpiresAt) { - const token = { - accessToken: accessToken, - accessTokenExpiresAt: accessTokenExpiresAt, - scope: scope, - }; - - if (this.alwaysIssueNewRefreshToken !== false) { - token.refreshToken = refreshToken; - token.refreshTokenExpiresAt = refreshTokenExpiresAt; - } - - return token; - }) - .then(function (token) { - return promisify(this.model.saveToken, 3) - .call(this.model, token, client, user) - .then((savedToken) => savedToken); - }); + async saveToken(user, client, scope) { + const accessToken = await this.generateAccessToken(client, user, scope); + const refreshToken = await this.generateRefreshToken(client, user, scope); + const accessTokenExpiresAt = await this.getAccessTokenExpiresAt(); + const refreshTokenExpiresAt = await this.getRefreshTokenExpiresAt(); + const token = { + accessToken: accessToken, + accessTokenExpiresAt: accessTokenExpiresAt, + scope: scope, + }; + + if (this.alwaysIssueNewRefreshToken !== false) { + token.refreshToken = refreshToken; + token.refreshTokenExpiresAt = refreshTokenExpiresAt; + } + + return this.model.saveToken(token, client, user); } } diff --git a/lib/handlers/authenticate-handler.js b/lib/handlers/authenticate-handler.js index 7724742..1da50f9 100644 --- a/lib/handlers/authenticate-handler.js +++ b/lib/handlers/authenticate-handler.js @@ -9,8 +9,6 @@ const InvalidRequestError = require('../errors/invalid-request-error'); const InsufficientScopeError = require('../errors/insufficient-scope-error'); const InvalidTokenError = require('../errors/invalid-token-error'); const OAuthError = require('../errors/oauth-error'); -const Promise = require('bluebird'); -const promisify = require('promisify-any').use(Promise); const Request = require('../request'); const Response = require('../response'); const ServerError = require('../errors/server-error'); @@ -54,7 +52,7 @@ function AuthenticateHandler(options) { * Authenticate Handler. */ -AuthenticateHandler.prototype.handle = function(request, response) { +AuthenticateHandler.prototype.handle = async function(request, response) { if (!(request instanceof Request)) { throw new InvalidArgumentError('Invalid argument: `request` must be an instance of Request'); } @@ -63,47 +61,41 @@ AuthenticateHandler.prototype.handle = function(request, response) { throw new InvalidArgumentError('Invalid argument: `response` must be an instance of Response'); } - return Promise.bind(this) - .then(function() { - return this.getTokenFromRequest(request); - }) - .then(function(token) { - return this.getAccessToken(token); - }) - .tap(function(token) { - return this.validateAccessToken(token); - }) - .tap(function(token) { - if (!this.scope) { - return; - } - - return this.verifyScope(token); - }) - .tap(function(token) { - return this.updateResponse(response, token); - }) - .catch(function(e) { - // Include the "WWW-Authenticate" response header field if the client - // lacks any authentication information. - // - // @see https://tools.ietf.org/html/rfc6750#section-3.1 - if (e instanceof UnauthorizedRequestError) { - response.set('WWW-Authenticate', 'Bearer realm="Service"'); - } else if (e instanceof InvalidRequestError) { - response.set('WWW-Authenticate', 'Bearer realm="Service",error="invalid_request"'); - } else if (e instanceof InvalidTokenError) { - response.set('WWW-Authenticate', 'Bearer realm="Service",error="invalid_token"'); - } else if (e instanceof InsufficientScopeError) { - response.set('WWW-Authenticate', 'Bearer realm="Service",error="insufficient_scope"'); - } - - if (!(e instanceof OAuthError)) { - throw new ServerError(e); - } - - throw e; - }); + try { + const requestToken = await this.getTokenFromRequest(request); + + let accessToken; + accessToken = await this.getAccessToken(requestToken); + accessToken = await this.validateAccessToken(accessToken); + + if (this.scope) { + await this.verifyScope(accessToken); + } + + this.updateResponse(response, accessToken); + + return accessToken; + } catch (e) { + // Include the "WWW-Authenticate" response header field if the client + // lacks any authentication information. + // + // @see https://tools.ietf.org/html/rfc6750#section-3.1 + if (e instanceof UnauthorizedRequestError) { + response.set('WWW-Authenticate', 'Bearer realm="Service"'); + } else if (e instanceof InvalidRequestError) { + response.set('WWW-Authenticate', 'Bearer realm="Service",error="invalid_request"'); + } else if (e instanceof InvalidTokenError) { + response.set('WWW-Authenticate', 'Bearer realm="Service",error="invalid_token"'); + } else if (e instanceof InsufficientScopeError) { + response.set('WWW-Authenticate', 'Bearer realm="Service",error="insufficient_scope"'); + } + + if (!(e instanceof OAuthError)) { + throw new ServerError(e); + } + + throw e; + } }; /** @@ -202,19 +194,18 @@ AuthenticateHandler.prototype.getTokenFromRequestBody = function(request) { * Get the access token from the model. */ -AuthenticateHandler.prototype.getAccessToken = function(token) { - return promisify(this.model.getAccessToken, 1).call(this.model, token) - .then(function(accessToken) { - if (!accessToken) { - throw new InvalidTokenError('Invalid token: access token is invalid'); - } +AuthenticateHandler.prototype.getAccessToken = async function(token) { + const accessToken = await this.model.getAccessToken(token); + + if (!accessToken) { + throw new InvalidTokenError('Invalid token: access token is invalid'); + } - if (!accessToken.user) { - throw new ServerError('Server error: `getAccessToken()` did not return a `user` object'); - } + if (!accessToken.user) { + throw new ServerError('Server error: `getAccessToken()` did not return a `user` object'); + } - return accessToken; - }); + return accessToken; }; /** @@ -237,15 +228,14 @@ AuthenticateHandler.prototype.validateAccessToken = function(accessToken) { * Verify scope. */ -AuthenticateHandler.prototype.verifyScope = function(accessToken) { - return promisify(this.model.verifyScope, 2).call(this.model, accessToken, this.scope) - .then(function(scope) { - if (!scope) { - throw new InsufficientScopeError('Insufficient scope: authorized scope is insufficient'); - } +AuthenticateHandler.prototype.verifyScope = async function(accessToken) { + const scope = await this.model.verifyScope(accessToken, this.scope); + + if (!scope) { + throw new InsufficientScopeError('Insufficient scope: authorized scope is insufficient'); + } - return scope; - }); + return scope; }; /** diff --git a/lib/handlers/authorize-handler.js b/lib/handlers/authorize-handler.js index 57413e9..49d5515 100644 --- a/lib/handlers/authorize-handler.js +++ b/lib/handlers/authorize-handler.js @@ -12,8 +12,6 @@ const InvalidRequestError = require('../errors/invalid-request-error'); const InvalidScopeError = require('../errors/invalid-scope-error'); const UnsupportedResponseTypeError = require('../errors/unsupported-response-type-error'); const OAuthError = require('../errors/oauth-error'); -const Promise = require('bluebird'); -const promisify = require('promisify-any').use(Promise); const Request = require('../request'); const Response = require('../response'); const ServerError = require('../errors/server-error'); @@ -69,7 +67,7 @@ function AuthorizeHandler(options) { * Authorize Handler. */ -AuthorizeHandler.prototype.handle = function(request, response) { +AuthorizeHandler.prototype.handle = async function(request, response) { if (!(request instanceof Request)) { throw new InvalidArgumentError('Invalid argument: `request` must be an instance of Request'); } @@ -78,72 +76,65 @@ AuthorizeHandler.prototype.handle = function(request, response) { throw new InvalidArgumentError('Invalid argument: `response` must be an instance of Response'); } - const fns = [ - this.getAuthorizationCodeLifetime(), - this.getClient(request), - this.getUser(request, response) - ]; - - return Promise.all(fns) - .bind(this) - .spread(function(expiresAt, client, user) { - const uri = this.getRedirectUri(request, client); - let scope; - let state; - let ResponseType; - - return Promise.bind(this) - .then(function() { - state = this.getState(request); - if (request.query.allowed === 'false' || request.body.allowed === 'false') { - throw new AccessDeniedError('Access denied: user denied access to application'); - } - }) - .then(function() { - const requestedScope = this.getScope(request); - - return this.validateScope(user, client, requestedScope); - }) - .then(function(validScope) { - scope = validScope; - - return this.generateAuthorizationCode(client, user, scope); - }) - .then(function(authorizationCode) { - ResponseType = this.getResponseType(request); - const codeChallenge = this.getCodeChallenge(request); - const codeChallengeMethod = this.getCodeChallengeMethod(request); - - return this.saveAuthorizationCode(authorizationCode, expiresAt, scope, client, uri, user, codeChallenge, codeChallengeMethod); - }) - .then(function(code) { - const responseType = new ResponseType(code.authorizationCode); - const redirectUri = this.buildSuccessRedirectUri(uri, responseType); - - this.updateResponse(response, redirectUri, state); - - return code; - }) - .catch(function(e) { - if (!(e instanceof OAuthError)) { - e = new ServerError(e); - } - const redirectUri = this.buildErrorRedirectUri(uri, e); - - this.updateResponse(response, redirectUri, state); - - throw e; - }); - }); + const expiresAt = await this.getAuthorizationCodeLifetime(); + const client = await this.getClient(request); + const user = await this.getUser(request, response); + + let uri; + let state; + + try { + uri = this.getRedirectUri(request, client); + state = this.getState(request); + + if (request.query.allowed === 'false' || request.body.allowed === 'false') { + throw new AccessDeniedError('Access denied: user denied access to application'); + } + + const requestedScope = this.getScope(request); + const validScope = await this.validateScope(user, client, requestedScope); + const authorizationCode = this.generateAuthorizationCode(client, user, validScope); + + const ResponseType = this.getResponseType(request); + const codeChallenge = this.getCodeChallenge(request); + const codeChallengeMethod = this.getCodeChallengeMethod(request); + const code = await this.saveAuthorizationCode( + authorizationCode, + expiresAt, + validScope, + client, + uri, + user, + codeChallenge, + codeChallengeMethod + ); + + const responseTypeInstance = new ResponseType(code.authorizationCode); + const redirectUri = this.buildSuccessRedirectUri(uri, responseTypeInstance); + + this.updateResponse(response, redirectUri, state); + + return code; + } catch (err) { + let e = err; + + if (!(e instanceof OAuthError)) { + e = new ServerError(e); + } + const redirectUri = this.buildErrorRedirectUri(uri, e); + this.updateResponse(response, redirectUri, state); + + throw e; + } }; /** * Generate authorization code. */ -AuthorizeHandler.prototype.generateAuthorizationCode = function(client, user, scope) { +AuthorizeHandler.prototype.generateAuthorizationCode = async function(client, user, scope) { if (this.model.generateAuthorizationCode) { - return promisify(this.model.generateAuthorizationCode, 3).call(this.model, client, user, scope); + return this.model.generateAuthorizationCode(client, user, scope); } return tokenUtil.generateRandomToken(); }; @@ -163,7 +154,7 @@ AuthorizeHandler.prototype.getAuthorizationCodeLifetime = function() { * Get the client from the model. */ -AuthorizeHandler.prototype.getClient = function(request) { +AuthorizeHandler.prototype.getClient = async function(request) { const self = this; const clientId = request.body.client_id || request.query.client_id; @@ -180,54 +171,51 @@ AuthorizeHandler.prototype.getClient = function(request) { if (redirectUri && !isFormat.uri(redirectUri)) { throw new InvalidRequestError('Invalid request: `redirect_uri` is not a valid URI'); } - return promisify(this.model.getClient, 2).call(this.model, clientId, null) - .then(function(client) { - if (!client) { - throw new InvalidClientError('Invalid client: client credentials are invalid'); - } - - if (!client.grants) { - throw new InvalidClientError('Invalid client: missing client `grants`'); - } - - if (!Array.isArray(client.grants) || !client.grants.includes('authorization_code')) { - throw new UnauthorizedClientError('Unauthorized client: `grant_type` is invalid'); - } - - if (!client.redirectUris || 0 === client.redirectUris.length) { - throw new InvalidClientError('Invalid client: missing client `redirectUri`'); - } - - if (redirectUri) { - return self.validateRedirectUri(redirectUri, client) - .then(function(valid) { - if (!valid) { - throw new InvalidClientError('Invalid client: `redirect_uri` does not match client value'); - } - return client; - }); - } else { - return client; - } - }); + + const client = await this.model.getClient(clientId, null); + + if (!client) { + throw new InvalidClientError('Invalid client: client credentials are invalid'); + } + + if (!client.grants) { + throw new InvalidClientError('Invalid client: missing client `grants`'); + } + + if (!Array.isArray(client.grants) || !client.grants.includes('authorization_code')) { + throw new UnauthorizedClientError('Unauthorized client: `grant_type` is invalid'); + } + + if (!client.redirectUris || 0 === client.redirectUris.length) { + throw new InvalidClientError('Invalid client: missing client `redirectUri`'); + } + + if (redirectUri) { + const valid = await self.validateRedirectUri(redirectUri, client); + + if (!valid) { + throw new InvalidClientError('Invalid client: `redirect_uri` does not match client value'); + } + } + + return client; }; /** * Validate requested scope. */ -AuthorizeHandler.prototype.validateScope = function(user, client, scope) { +AuthorizeHandler.prototype.validateScope = async function(user, client, scope) { if (this.model.validateScope) { - return promisify(this.model.validateScope, 3).call(this.model, user, client, scope) - .then(function (scope) { - if (!scope) { - throw new InvalidScopeError('Invalid scope: Requested scope is invalid'); - } - - return scope; - }); - } else { - return Promise.resolve(scope); + const validatedScope = await this.model.validateScope(user, client, scope); + + if (!validatedScope) { + throw new InvalidScopeError('Invalid scope: Requested scope is invalid'); + } + + return validatedScope; } + + return scope; }; /** @@ -267,17 +255,21 @@ AuthorizeHandler.prototype.getState = function(request) { * Get user by calling the authenticate middleware. */ -AuthorizeHandler.prototype.getUser = function(request, response) { +AuthorizeHandler.prototype.getUser = async function(request, response) { if (this.authenticateHandler instanceof AuthenticateHandler) { - return this.authenticateHandler.handle(request, response).get('user'); + const handled = await this.authenticateHandler.handle(request, response); + return handled + ? handled.user + : undefined; } - return promisify(this.authenticateHandler.handle, 2)(request, response).then(function(user) { - if (!user) { - throw new ServerError('Server error: `handle()` did not return a `user` object'); - } - return user; - }); + const user = await this.authenticateHandler.handle(request, response); + + if (!user) { + throw new ServerError('Server error: `handle()` did not return a `user` object'); + } + + return user; }; /** @@ -292,7 +284,7 @@ AuthorizeHandler.prototype.getRedirectUri = function(request, client) { * Save authorization code. */ -AuthorizeHandler.prototype.saveAuthorizationCode = function(authorizationCode, expiresAt, scope, client, redirectUri, user, codeChallenge, codeChallengeMethod) { +AuthorizeHandler.prototype.saveAuthorizationCode = async function(authorizationCode, expiresAt, scope, client, redirectUri, user, codeChallenge, codeChallengeMethod) { let code = { authorizationCode: authorizationCode, expiresAt: expiresAt, @@ -306,13 +298,14 @@ AuthorizeHandler.prototype.saveAuthorizationCode = function(authorizationCode, e codeChallengeMethod: codeChallengeMethod }, code); } - return promisify(this.model.saveAuthorizationCode, 3).call(this.model, code, client, user); + + return this.model.saveAuthorizationCode(code, client, user); }; -AuthorizeHandler.prototype.validateRedirectUri = function(redirectUri, client) { +AuthorizeHandler.prototype.validateRedirectUri = async function(redirectUri, client) { if (this.model.validateRedirectUri) { - return promisify(this.model.validateRedirectUri, 2).call(this.model, redirectUri, client); + return this.model.validateRedirectUri(redirectUri, client); } return Promise.resolve(client.redirectUris.includes(redirectUri)); diff --git a/lib/handlers/token-handler.js b/lib/handlers/token-handler.js index 0f0c57a..4630c4f 100644 --- a/lib/handlers/token-handler.js +++ b/lib/handlers/token-handler.js @@ -9,8 +9,6 @@ const InvalidArgumentError = require('../errors/invalid-argument-error'); const InvalidClientError = require('../errors/invalid-client-error'); const InvalidRequestError = require('../errors/invalid-request-error'); const OAuthError = require('../errors/oauth-error'); -const Promise = require('bluebird'); -const promisify = require('promisify-any').use(Promise); const Request = require('../request'); const Response = require('../response'); const ServerError = require('../errors/server-error'); @@ -68,7 +66,7 @@ function TokenHandler(options) { * Token Handler. */ -TokenHandler.prototype.handle = function(request, response) { +TokenHandler.prototype.handle = async function(request, response) { if (!(request instanceof Request)) { throw new InvalidArgumentError('Invalid argument: `request` must be an instance of Request'); } @@ -85,35 +83,33 @@ TokenHandler.prototype.handle = function(request, response) { return Promise.reject(new InvalidRequestError('Invalid request: content must be application/x-www-form-urlencoded')); } - return Promise.bind(this) - .then(function() { - return this.getClient(request, response); - }) - .then(function(client) { - return this.handleGrantType(request, client); - }) - .tap(function(data) { - const model = new TokenModel(data, {allowExtendedTokenAttributes: this.allowExtendedTokenAttributes}); - const tokenType = this.getTokenType(model); - - this.updateSuccessResponse(response, tokenType); - }).catch(function(e) { - if (!(e instanceof OAuthError)) { - e = new ServerError(e); - } - - this.updateErrorResponse(response, e); - - throw e; - }); + try { + const client = await this.getClient(request, response); + const data = await this.handleGrantType(request, client); + const model = new TokenModel(data, { allowExtendedTokenAttributes: this.allowExtendedTokenAttributes }); + const tokenType = this.getTokenType(model); + + this.updateSuccessResponse(response, tokenType); + + return data; + } catch (err) { + let e = err; + + if (!(e instanceof OAuthError)) { + e = new ServerError(e); + } + + this.updateErrorResponse(response, e); + throw e; + } }; /** * Get the client from the model. */ -TokenHandler.prototype.getClient = function(request, response) { - const credentials = this.getClientCredentials(request); +TokenHandler.prototype.getClient = async function(request, response) { + const credentials = await this.getClientCredentials(request); const grantType = request.body.grant_type; const codeVerifier = request.body.code_verifier; const isPkce = pkce.isPKCERequest({ grantType, codeVerifier }); @@ -134,35 +130,34 @@ TokenHandler.prototype.getClient = function(request, response) { throw new InvalidRequestError('Invalid parameter: `client_secret`'); } - return promisify(this.model.getClient, 2).call(this.model, credentials.clientId, credentials.clientSecret) - .then(function(client) { - if (!client) { - throw new InvalidClientError('Invalid client: client is invalid'); - } - - if (!client.grants) { - throw new ServerError('Server error: missing client `grants`'); - } - - if (!(client.grants instanceof Array)) { - throw new ServerError('Server error: `grants` must be an array'); - } - - return client; - }) - .catch(function(e) { - // Include the "WWW-Authenticate" response header field if the client - // attempted to authenticate via the "Authorization" request header. - // - // @see https://tools.ietf.org/html/rfc6749#section-5.2. - if ((e instanceof InvalidClientError) && request.get('authorization')) { - response.set('WWW-Authenticate', 'Basic realm="Service"'); - - throw new InvalidClientError(e, { code: 401 }); - } - - throw e; - }); + try { + const client = await this.model.getClient(credentials.clientId, credentials.clientSecret); + + if (!client) { + throw new InvalidClientError('Invalid client: client is invalid'); + } + + if (!client.grants) { + throw new ServerError('Server error: missing client `grants`'); + } + + if (!(client.grants instanceof Array)) { + throw new ServerError('Server error: `grants` must be an array'); + } + + return client; + } catch (e) { + // Include the "WWW-Authenticate" response header field if the client + // attempted to authenticate via the "Authorization" request header. + // + // @see https://tools.ietf.org/html/rfc6749#section-5.2. + if ((e instanceof InvalidClientError) && request.get('authorization')) { + response.set('WWW-Authenticate', 'Basic realm="Service"'); + throw new InvalidClientError(e, { code: 401 }); + } + + throw e; + } }; /** @@ -206,7 +201,7 @@ TokenHandler.prototype.getClientCredentials = function(request) { * Handle grant type. */ -TokenHandler.prototype.handleGrantType = function(request, client) { +TokenHandler.prototype.handleGrantType = async function(request, client) { const grantType = request.body.grant_type; if (!grantType) { @@ -236,8 +231,7 @@ TokenHandler.prototype.handleGrantType = function(request, client) { alwaysIssueNewRefreshToken: this.alwaysIssueNewRefreshToken }; - return new Type(options) - .handle(request, client); + return new Type(options).handle(request, client); }; /** diff --git a/lib/server.js b/lib/server.js index 53bbd2a..aca56d2 100644 --- a/lib/server.js +++ b/lib/server.js @@ -25,9 +25,10 @@ function OAuth2Server(options) { /** * Authenticate a token. + * Note, that callback will soon be deprecated! */ -OAuth2Server.prototype.authenticate = function(request, response, options, callback) { +OAuth2Server.prototype.authenticate = function(request, response, options) { if (typeof options === 'string') { options = {scope: options}; } @@ -38,31 +39,27 @@ OAuth2Server.prototype.authenticate = function(request, response, options, callb allowBearerTokensInQueryString: false }, this.options, options); - return new AuthenticateHandler(options) - .handle(request, response) - .nodeify(callback); + return new AuthenticateHandler(options).handle(request, response); }; /** * Authorize a request. */ -OAuth2Server.prototype.authorize = function(request, response, options, callback) { +OAuth2Server.prototype.authorize = function(request, response, options) { options = Object.assign({ allowEmptyState: false, authorizationCodeLifetime: 5 * 60 // 5 minutes. }, this.options, options); - return new AuthorizeHandler(options) - .handle(request, response) - .nodeify(callback); + return new AuthorizeHandler(options).handle(request, response); }; /** * Create a token. */ -OAuth2Server.prototype.token = function(request, response, options, callback) { +OAuth2Server.prototype.token = function(request, response, options) { options = Object.assign({ accessTokenLifetime: 60 * 60, // 1 hour. refreshTokenLifetime: 60 * 60 * 24 * 14, // 2 weeks. @@ -70,9 +67,7 @@ OAuth2Server.prototype.token = function(request, response, options, callback) { requireClientAuthentication: {} // defaults to true for all grant types }, this.options, options); - return new TokenHandler(options) - .handle(request, response) - .nodeify(callback); + return new TokenHandler(options).handle(request, response); }; /** diff --git a/lib/utils/token-util.js b/lib/utils/token-util.js index 8626dac..a1d6937 100644 --- a/lib/utils/token-util.js +++ b/lib/utils/token-util.js @@ -4,7 +4,7 @@ * Module dependencies. */ -const randomBytes = require('bluebird').promisify(require('crypto').randomBytes); +const randomBytes = require('crypto').randomBytes; const { createHash } = require('../utils/crypto-util'); /** @@ -17,10 +17,8 @@ module.exports = { * Generate random token. */ - generateRandomToken: function() { - return randomBytes(256).then(function(buffer) { - return createHash({ data: buffer, encoding: 'hex' }); - }); + generateRandomToken: async function() { + const buffer = randomBytes(256); + return createHash({ data: buffer, encoding: 'hex' }); } - }; diff --git a/package.json b/package.json index e95a0ce..2c26e6b 100644 --- a/package.json +++ b/package.json @@ -27,8 +27,6 @@ "dependencies": { "@node-oauth/formats": "1.0.0", "basic-auth": "2.0.1", - "bluebird": "3.7.2", - "promisify-any": "2.0.1", "type-is": "1.6.18" }, "devDependencies": { diff --git a/test/integration/grant-types/abstract-grant-type_test.js b/test/integration/grant-types/abstract-grant-type_test.js index a6c4d2b..5d9aa7a 100644 --- a/test/integration/grant-types/abstract-grant-type_test.js +++ b/test/integration/grant-types/abstract-grant-type_test.js @@ -6,7 +6,6 @@ const AbstractGrantType = require('../../../lib/grant-types/abstract-grant-type'); const InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); -const Promise = require('bluebird'); const Request = require('../../../lib/request'); const should = require('chai').should(); diff --git a/test/integration/grant-types/authorization-code-grant-type_test.js b/test/integration/grant-types/authorization-code-grant-type_test.js index 6cddd53..85c007f 100644 --- a/test/integration/grant-types/authorization-code-grant-type_test.js +++ b/test/integration/grant-types/authorization-code-grant-type_test.js @@ -8,7 +8,6 @@ const AuthorizationCodeGrantType = require('../../../lib/grant-types/authorizati const InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); const InvalidGrantError = require('../../../lib/errors/invalid-grant-error'); const InvalidRequestError = require('../../../lib/errors/invalid-request-error'); -const Promise = require('bluebird'); const Request = require('../../../lib/request'); const ServerError = require('../../../lib/errors/server-error'); const should = require('chai').should(); @@ -74,7 +73,7 @@ describe('AuthorizationCodeGrantType integration', function() { }); describe('handle()', function() { - it('should throw an error if `request` is missing', function() { + it('should throw an error if `request` is missing', async function() { const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() {}, @@ -83,9 +82,7 @@ describe('AuthorizationCodeGrantType integration', function() { const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); try { - grantType.handle(); - - should.fail(); + await grantType.handle(); } catch (e) { e.should.be.an.instanceOf(InvalidArgumentError); e.message.should.equal('Missing parameter: `request`'); @@ -129,7 +126,7 @@ describe('AuthorizationCodeGrantType integration', function() { } }); - it('should return a token', function() { + it('should return a token', async function() { const client = { id: 'foobar' }; const token = {}; const model = { @@ -141,11 +138,8 @@ describe('AuthorizationCodeGrantType integration', function() { const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); - return grantType.handle(request, client) - .then(function(data) { - data.should.equal(token); - }) - .catch(should.fail); + const data = await grantType.handle(request, client); + data.should.equal(token); }); it('should support promises', function() { @@ -173,23 +167,10 @@ describe('AuthorizationCodeGrantType integration', function() { grantType.handle(request, client).should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function() { - const client = { id: 'foobar' }; - const model = { - getAuthorizationCode: function(code, callback) { callback(null, { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }); }, - revokeAuthorizationCode: function(code, callback) { callback(null, { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() / 2), user: {} }); }, - saveToken: function(tokenToSave, client, user, callback) { callback(null, tokenToSave); } - }; - const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); - - grantType.handle(request, client).should.be.an.instanceOf(Promise); - }); }); describe('getAuthorizationCode()', function() { - it('should throw an error if the request body does not contain `code`', function() { + it('should throw an error if the request body does not contain `code`', async function() { const client = {}; const model = { getAuthorizationCode: function() {}, @@ -200,16 +181,14 @@ describe('AuthorizationCodeGrantType integration', function() { const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { - grantType.getAuthorizationCode(request, client); - - should.fail(); + await grantType.getAuthorizationCode(request, client); } catch (e) { e.should.be.an.instanceOf(InvalidRequestError); e.message.should.equal('Missing parameter: `code`'); } }); - it('should throw an error if `code` is invalid', function() { + it('should throw an error if `code` is invalid', async function() { const client = {}; const model = { getAuthorizationCode: function() {}, @@ -220,8 +199,7 @@ describe('AuthorizationCodeGrantType integration', function() { const request = new Request({ body: { code: 'ø倣‰' }, headers: {}, method: {}, query: {} }); try { - grantType.getAuthorizationCode(request, client); - + await grantType.getAuthorizationCode(request, client); should.fail(); } catch (e) { e.should.be.an.instanceOf(InvalidRequestError); @@ -229,7 +207,7 @@ describe('AuthorizationCodeGrantType integration', function() { } }); - it('should throw an error if `authorizationCode` is missing', function() { + it('should throw an error if `authorizationCode` is missing', async function() { const client = {}; const model = { getAuthorizationCode: function() {}, @@ -239,12 +217,13 @@ describe('AuthorizationCodeGrantType integration', function() { const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); - return grantType.getAuthorizationCode(request, client) - .then(should.fail) - .catch(function(e) { - e.should.be.an.instanceOf(InvalidGrantError); - e.message.should.equal('Invalid grant: authorization code is invalid'); - }); + try { + await grantType.getAuthorizationCode(request, client); + should.fail(); + } catch (e) { + e.should.be.an.instanceOf(InvalidGrantError); + e.message.should.equal('Invalid grant: authorization code is invalid'); + } }); it('should throw an error if `authorizationCode.client` is missing', function() { @@ -406,20 +385,6 @@ describe('AuthorizationCodeGrantType integration', function() { grantType.getAuthorizationCode(request, client).should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function() { - const authorizationCode = { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }; - const client = { id: 'foobar' }; - const model = { - getAuthorizationCode: function(code, callback) { callback(null, authorizationCode); }, - revokeAuthorizationCode: function() {}, - saveToken: function() {} - }; - const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); - - grantType.getAuthorizationCode(request, client).should.be.an.instanceOf(Promise); - }); }); describe('validateRedirectUri()', function() { @@ -523,18 +488,6 @@ describe('AuthorizationCodeGrantType integration', function() { grantType.revokeAuthorizationCode(authorizationCode).should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function() { - const authorizationCode = { authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() / 2), user: {} }; - const model = { - getAuthorizationCode: function() {}, - revokeAuthorizationCode: function(code, callback) { callback(null, authorizationCode); }, - saveToken: function() {} - }; - const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - - grantType.revokeAuthorizationCode(authorizationCode).should.be.an.instanceOf(Promise); - }); }); describe('saveToken()', function() { @@ -578,17 +531,5 @@ describe('AuthorizationCodeGrantType integration', function() { grantType.saveToken(token).should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function() { - const token = {}; - const model = { - getAuthorizationCode: function() {}, - revokeAuthorizationCode: function() {}, - saveToken: function(tokenToSave, client, user, callback) { callback(null, token); } - }; - const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - - grantType.saveToken(token).should.be.an.instanceOf(Promise); - }); }); }); diff --git a/test/integration/grant-types/client-credentials-grant-type_test.js b/test/integration/grant-types/client-credentials-grant-type_test.js index b13df08..20c2da4 100644 --- a/test/integration/grant-types/client-credentials-grant-type_test.js +++ b/test/integration/grant-types/client-credentials-grant-type_test.js @@ -7,7 +7,6 @@ const ClientCredentialsGrantType = require('../../../lib/grant-types/client-credentials-grant-type'); const InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); const InvalidGrantError = require('../../../lib/errors/invalid-grant-error'); -const Promise = require('bluebird'); const Request = require('../../../lib/request'); const should = require('chai').should(); @@ -56,7 +55,7 @@ describe('ClientCredentialsGrantType integration', function() { }); describe('handle()', function() { - it('should throw an error if `request` is missing', function() { + it('should throw an error if `request` is missing', async function() { const model = { getUserFromClient: function() {}, saveToken: function() {} @@ -64,7 +63,7 @@ describe('ClientCredentialsGrantType integration', function() { const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); try { - grantType.handle(); + await grantType.handle(); should.fail(); } catch (e) { @@ -73,7 +72,7 @@ describe('ClientCredentialsGrantType integration', function() { } }); - it('should throw an error if `client` is missing', function() { + it('should throw an error if `client` is missing', async function() { const model = { getUserFromClient: function() {}, saveToken: function() {} @@ -82,7 +81,7 @@ describe('ClientCredentialsGrantType integration', function() { const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { - grantType.handle(request); + await grantType.handle(request); should.fail(); } catch (e) { @@ -189,18 +188,6 @@ describe('ClientCredentialsGrantType integration', function() { grantType.getUserFromClient(request, {}).should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function() { - const user = { email: 'foo@bar.com' }; - const model = { - getUserFromClient: function(userId, callback) { callback(null, user); }, - saveToken: function() {} - }; - const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); - const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); - - grantType.getUserFromClient(request, {}).should.be.an.instanceOf(Promise); - }); }); describe('saveToken()', function() { @@ -241,16 +228,5 @@ describe('ClientCredentialsGrantType integration', function() { grantType.saveToken(token).should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function() { - const token = {}; - const model = { - getUserFromClient: function() {}, - saveToken: function(tokenToSave, client, user, callback) { callback(null, token); } - }; - const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 123, model: model }); - - grantType.saveToken(token).should.be.an.instanceOf(Promise); - }); }); }); diff --git a/test/integration/grant-types/password-grant-type_test.js b/test/integration/grant-types/password-grant-type_test.js index a8c4cda..11dc3a3 100644 --- a/test/integration/grant-types/password-grant-type_test.js +++ b/test/integration/grant-types/password-grant-type_test.js @@ -8,7 +8,6 @@ const InvalidArgumentError = require('../../../lib/errors/invalid-argument-error const InvalidGrantError = require('../../../lib/errors/invalid-grant-error'); const InvalidRequestError = require('../../../lib/errors/invalid-request-error'); const PasswordGrantType = require('../../../lib/grant-types/password-grant-type'); -const Promise = require('bluebird'); const Request = require('../../../lib/request'); const should = require('chai').should(); @@ -57,7 +56,7 @@ describe('PasswordGrantType integration', function() { }); describe('handle()', function() { - it('should throw an error if `request` is missing', function() { + it('should throw an error if `request` is missing', async function() { const model = { getUser: function() {}, saveToken: function() {} @@ -65,7 +64,7 @@ describe('PasswordGrantType integration', function() { const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); try { - grantType.handle(); + await grantType.handle(); should.fail(); } catch (e) { @@ -74,7 +73,7 @@ describe('PasswordGrantType integration', function() { } }); - it('should throw an error if `client` is missing', function() { + it('should throw an error if `client` is missing', async function() { const model = { getUser: function() {}, saveToken: function() {} @@ -82,7 +81,7 @@ describe('PasswordGrantType integration', function() { const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); try { - grantType.handle({}); + await grantType.handle({}); should.fail(); } catch (e) { @@ -109,7 +108,7 @@ describe('PasswordGrantType integration', function() { .catch(should.fail); }); - it('should support promises', function() { + it('should support promises', async function() { const client = { id: 'foobar' }; const token = {}; const model = { @@ -119,10 +118,11 @@ describe('PasswordGrantType integration', function() { const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); const request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); - grantType.handle(request, client).should.be.an.instanceOf(Promise); + const result = await grantType.handle(request, client); + result.should.deep.equal({}); }); - it('should support non-promises', function() { + it('should support non-promises', async function() { const client = { id: 'foobar' }; const token = {}; const model = { @@ -132,25 +132,13 @@ describe('PasswordGrantType integration', function() { const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); const request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); - grantType.handle(request, client).should.be.an.instanceOf(Promise); - }); - - it('should support callbacks', function() { - const client = { id: 'foobar' }; - const token = {}; - const model = { - getUser: function(username, password, callback) { callback(null, {}); }, - saveToken: function(tokenToSave, client, user, callback) { callback(null, token); } - }; - const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); - const request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); - - grantType.handle(request, client).should.be.an.instanceOf(Promise); + const result = await grantType.handle(request, client); + result.should.deep.equal({}); }); }); describe('getUser()', function() { - it('should throw an error if the request body does not contain `username`', function() { + it('should throw an error if the request body does not contain `username`', async function() { const model = { getUser: function() {}, saveToken: function() {} @@ -159,7 +147,7 @@ describe('PasswordGrantType integration', function() { const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { - grantType.getUser(request); + await grantType.getUser(request); should.fail(); } catch (e) { @@ -168,7 +156,7 @@ describe('PasswordGrantType integration', function() { } }); - it('should throw an error if the request body does not contain `password`', function() { + it('should throw an error if the request body does not contain `password`', async function() { const model = { getUser: function() {}, saveToken: function() {} @@ -177,7 +165,7 @@ describe('PasswordGrantType integration', function() { const request = new Request({ body: { username: 'foo' }, headers: {}, method: {}, query: {} }); try { - grantType.getUser(request); + await grantType.getUser(request); should.fail(); } catch (e) { @@ -186,7 +174,7 @@ describe('PasswordGrantType integration', function() { } }); - it('should throw an error if `username` is invalid', function() { + it('should throw an error if `username` is invalid', async function() { const model = { getUser: function() {}, saveToken: function() {} @@ -195,7 +183,7 @@ describe('PasswordGrantType integration', function() { const request = new Request({ body: { username: '\r\n', password: 'foobar' }, headers: {}, method: {}, query: {} }); try { - grantType.getUser(request); + await grantType.getUser(request); should.fail(); } catch (e) { @@ -204,7 +192,7 @@ describe('PasswordGrantType integration', function() { } }); - it('should throw an error if `password` is invalid', function() { + it('should throw an error if `password` is invalid', async function() { const model = { getUser: function() {}, saveToken: function() {} @@ -213,7 +201,7 @@ describe('PasswordGrantType integration', function() { const request = new Request({ body: { username: 'foobar', password: '\r\n' }, headers: {}, method: {}, query: {} }); try { - grantType.getUser(request); + await grantType.getUser(request); should.fail(); } catch (e) { @@ -277,18 +265,6 @@ describe('PasswordGrantType integration', function() { grantType.getUser(request).should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function() { - const user = { email: 'foo@bar.com' }; - const model = { - getUser: function(username, password, callback) { callback(null, user); }, - saveToken: function() {} - }; - const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); - const request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); - - grantType.getUser(request).should.be.an.instanceOf(Promise); - }); }); describe('saveToken()', function() { @@ -329,16 +305,5 @@ describe('PasswordGrantType integration', function() { grantType.saveToken(token).should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function() { - const token = {}; - const model = { - getUser: function() {}, - saveToken: function(tokenToSave, client, user, callback) { callback(null, token); } - }; - const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); - - grantType.saveToken(token).should.be.an.instanceOf(Promise); - }); }); }); diff --git a/test/integration/grant-types/refresh-token-grant-type_test.js b/test/integration/grant-types/refresh-token-grant-type_test.js index 83c7489..3273606 100644 --- a/test/integration/grant-types/refresh-token-grant-type_test.js +++ b/test/integration/grant-types/refresh-token-grant-type_test.js @@ -7,7 +7,6 @@ const InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); const InvalidGrantError = require('../../../lib/errors/invalid-grant-error'); const InvalidRequestError = require('../../../lib/errors/invalid-request-error'); -const Promise = require('bluebird'); const RefreshTokenGrantType = require('../../../lib/grant-types/refresh-token-grant-type'); const Request = require('../../../lib/request'); const ServerError = require('../../../lib/errors/server-error'); @@ -74,7 +73,7 @@ describe('RefreshTokenGrantType integration', function() { }); describe('handle()', function() { - it('should throw an error if `request` is missing', function() { + it('should throw an error if `request` is missing', async function() { const model = { getRefreshToken: function() {}, revokeToken: function() {}, @@ -83,7 +82,7 @@ describe('RefreshTokenGrantType integration', function() { const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); try { - grantType.handle(); + await grantType.handle(); should.fail(); } catch (e) { @@ -92,7 +91,7 @@ describe('RefreshTokenGrantType integration', function() { } }); - it('should throw an error if `client` is missing', function() { + it('should throw an error if `client` is missing', async function() { const model = { getRefreshToken: function() {}, revokeToken: function() {}, @@ -102,7 +101,7 @@ describe('RefreshTokenGrantType integration', function() { const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { - grantType.handle(request); + await grantType.handle(request); should.fail(); } catch (e) { @@ -154,23 +153,10 @@ describe('RefreshTokenGrantType integration', function() { grantType.handle(request, client).should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function() { - const client = { id: 123 }; - const model = { - getRefreshToken: function(refreshToken, callback) { callback(null, { accessToken: 'foo', client: { id: 123 }, user: {} }); }, - revokeToken: function(refreshToken, callback) { callback(null, { accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }); }, - saveToken: function(tokenToSave, client, user, callback) { callback(null,{ accessToken: 'foo', client: {}, user: {} }); } - }; - const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); - const request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); - - grantType.handle(request, client).should.be.an.instanceOf(Promise); - }); }); describe('getRefreshToken()', function() { - it('should throw an error if the `refreshToken` parameter is missing from the request body', function() { + it('should throw an error if the `refreshToken` parameter is missing from the request body', async function() { const client = {}; const model = { getRefreshToken: function() {}, @@ -181,7 +167,7 @@ describe('RefreshTokenGrantType integration', function() { const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { - grantType.getRefreshToken(request, client); + await grantType.getRefreshToken(request, client); should.fail(); } catch (e) { @@ -266,7 +252,7 @@ describe('RefreshTokenGrantType integration', function() { }); }); - it('should throw an error if `refresh_token` contains invalid characters', function() { + it('should throw an error if `refresh_token` contains invalid characters', async function() { const client = {}; const model = { getRefreshToken: function() { @@ -279,7 +265,7 @@ describe('RefreshTokenGrantType integration', function() { const request = new Request({ body: { refresh_token: 'ø倣‰' }, headers: {}, method: {}, query: {} }); try { - grantType.getRefreshToken(request, client); + await grantType.getRefreshToken(request, client); should.fail(); } catch (e) { @@ -394,20 +380,6 @@ describe('RefreshTokenGrantType integration', function() { grantType.getRefreshToken(request, client).should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function() { - const client = { id: 123 }; - const token = { accessToken: 'foo', client: { id: 123 }, user: {} }; - const model = { - getRefreshToken: function(refreshToken, callback) { callback(null, token); }, - revokeToken: function() {}, - saveToken: function() {} - }; - const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); - const request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); - - grantType.getRefreshToken(request, client).should.be.an.instanceOf(Promise); - }); }); describe('revokeToken()', function() { @@ -466,18 +438,6 @@ describe('RefreshTokenGrantType integration', function() { grantType.revokeToken(token).should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function() { - const token = { accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }; - const model = { - getRefreshToken: function() {}, - revokeToken: function(refreshToken, callback) { callback(null, token); }, - saveToken: function() {} - }; - const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); - - grantType.revokeToken(token).should.be.an.instanceOf(Promise); - }); }); describe('saveToken()', function() { @@ -520,17 +480,5 @@ describe('RefreshTokenGrantType integration', function() { grantType.saveToken(token).should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function() { - const token = {}; - const model = { - getRefreshToken: function() {}, - revokeToken: function() {}, - saveToken: function(tokenToSave, client, user, callback) { callback(null, token); } - }; - const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); - - grantType.saveToken(token).should.be.an.instanceOf(Promise); - }); }); }); diff --git a/test/integration/handlers/authenticate-handler_test.js b/test/integration/handlers/authenticate-handler_test.js index 151ada3..d8bf728 100644 --- a/test/integration/handlers/authenticate-handler_test.js +++ b/test/integration/handlers/authenticate-handler_test.js @@ -10,7 +10,6 @@ const InvalidArgumentError = require('../../../lib/errors/invalid-argument-error const InvalidRequestError = require('../../../lib/errors/invalid-request-error'); const InsufficientScopeError = require('../../../lib/errors/insufficient-scope-error'); const InvalidTokenError = require('../../../lib/errors/invalid-token-error'); -const Promise = require('bluebird'); const Request = require('../../../lib/request'); const Response = require('../../../lib/response'); const ServerError = require('../../../lib/errors/server-error'); @@ -102,11 +101,11 @@ describe('AuthenticateHandler integration', function() { }); describe('handle()', function() { - it('should throw an error if `request` is missing', function() { + it('should throw an error if `request` is missing', async function() { const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); try { - handler.handle(); + await handler.handle(); should.fail(); } catch (e) { @@ -115,7 +114,7 @@ describe('AuthenticateHandler integration', function() { } }); - it('should set the `WWW-Authenticate` header if an unauthorized request error is thrown', function() { + it('should set the `WWW-Authenticate` header if an unauthorized request error is thrown', async function() { const model = { getAccessToken: function() { throw new UnauthorizedRequestError(); @@ -125,11 +124,12 @@ describe('AuthenticateHandler integration', function() { const request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); const response = new Response({ body: {}, headers: {} }); - return handler.handle(request, response) - .then(should.fail) - .catch(function() { - response.get('WWW-Authenticate').should.equal('Bearer realm="Service"'); - }); + try { + await handler.handle(request, response); + should.fail(); + } catch (e) { + response.get('WWW-Authenticate').should.equal('Bearer realm="Service"'); + } }); it('should set the `WWW-Authenticate` header if an InvalidRequestError is thrown', function() { @@ -250,7 +250,7 @@ describe('AuthenticateHandler integration', function() { }); describe('getTokenFromRequest()', function() { - it('should throw an error if more than one authentication method is used', function() { + it('should throw an error if more than one authentication method is used', async function() { const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); const request = new Request({ body: {}, @@ -260,7 +260,7 @@ describe('AuthenticateHandler integration', function() { }); try { - handler.getTokenFromRequest(request); + await handler.getTokenFromRequest(request); should.fail(); } catch (e) { @@ -269,12 +269,12 @@ describe('AuthenticateHandler integration', function() { } }); - it('should throw an error if `accessToken` is missing', function() { + it('should throw an error if `accessToken` is missing', async function() { const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { - handler.getTokenFromRequest(request); + await handler.getTokenFromRequest(request); should.fail(); } catch (e) { @@ -285,7 +285,7 @@ describe('AuthenticateHandler integration', function() { }); describe('getTokenFromRequestHeader()', function() { - it('should throw an error if the token is malformed', function() { + it('should throw an error if the token is malformed', async function() { const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); const request = new Request({ body: {}, @@ -297,7 +297,7 @@ describe('AuthenticateHandler integration', function() { }); try { - handler.getTokenFromRequestHeader(request); + await handler.getTokenFromRequestHeader(request); should.fail(); } catch (e) { @@ -324,11 +324,11 @@ describe('AuthenticateHandler integration', function() { }); describe('getTokenFromRequestQuery()', function() { - it('should throw an error if the query contains a token', function() { + it('should throw an error if the query contains a token', async function() { const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); try { - handler.getTokenFromRequestQuery(); + await handler.getTokenFromRequestQuery(); should.fail(); } catch (e) { @@ -345,7 +345,7 @@ describe('AuthenticateHandler integration', function() { }); describe('getTokenFromRequestBody()', function() { - it('should throw an error if the method is `GET`', function() { + it('should throw an error if the method is `GET`', async function() { const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); const request = new Request({ body: { access_token: 'foo' }, @@ -355,7 +355,7 @@ describe('AuthenticateHandler integration', function() { }); try { - handler.getTokenFromRequestBody(request); + await handler.getTokenFromRequestBody(request); should.fail(); } catch (e) { @@ -364,7 +364,7 @@ describe('AuthenticateHandler integration', function() { } }); - it('should throw an error if the media type is not `application/x-www-form-urlencoded`', function() { + it('should throw an error if the media type is not `application/x-www-form-urlencoded`', async function() { const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); const request = new Request({ body: { access_token: 'foo' }, @@ -374,7 +374,7 @@ describe('AuthenticateHandler integration', function() { }); try { - handler.getTokenFromRequestBody(request); + await handler.getTokenFromRequestBody(request); should.fail(); } catch (e) { @@ -464,26 +464,15 @@ describe('AuthenticateHandler integration', function() { handler.getAccessToken('foo').should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function() { - const model = { - getAccessToken: function(token, callback) { - callback(null, { user: {} }); - } - }; - const handler = new AuthenticateHandler({ model: model }); - - handler.getAccessToken('foo').should.be.an.instanceOf(Promise); - }); }); describe('validateAccessToken()', function() { - it('should throw an error if `accessToken` is expired', function() { + it('should throw an error if `accessToken` is expired', async function() { const accessToken = { accessTokenExpiresAt: new Date(new Date() / 2) }; const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); try { - handler.validateAccessToken(accessToken); + await handler.validateAccessToken(accessToken); should.fail(); } catch (e) { @@ -544,18 +533,6 @@ describe('AuthenticateHandler integration', function() { handler.verifyScope('foo').should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function() { - const model = { - getAccessToken: function() {}, - verifyScope: function(token, scope, callback) { - callback(null, true); - } - }; - const handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: true, model: model, scope: 'foo' }); - - handler.verifyScope('foo').should.be.an.instanceOf(Promise); - }); }); describe('updateResponse()', function() { diff --git a/test/integration/handlers/authorize-handler_test.js b/test/integration/handlers/authorize-handler_test.js index b91408a..8a5eb65 100644 --- a/test/integration/handlers/authorize-handler_test.js +++ b/test/integration/handlers/authorize-handler_test.js @@ -13,7 +13,6 @@ const InvalidClientError = require('../../../lib/errors/invalid-client-error'); const InvalidRequestError = require('../../../lib/errors/invalid-request-error'); const InvalidScopeError = require('../../../lib/errors/invalid-scope-error'); const UnsupportedResponseTypeError = require('../../../lib/errors/unsupported-response-type-error'); -const Promise = require('bluebird'); const Request = require('../../../lib/request'); const Response = require('../../../lib/response'); const ServerError = require('../../../lib/errors/server-error'); @@ -122,7 +121,7 @@ describe('AuthorizeHandler integration', function() { }); describe('handle()', function() { - it('should throw an error if `request` is missing', function() { + it('should throw an error if `request` is missing', async function() { const model = { getAccessToken: function() {}, getClient: function() {}, @@ -131,7 +130,7 @@ describe('AuthorizeHandler integration', function() { const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); try { - handler.handle(); + await handler.handle(); should.fail(); } catch (e) { @@ -140,7 +139,7 @@ describe('AuthorizeHandler integration', function() { } }); - it('should throw an error if `response` is missing', function() { + it('should throw an error if `response` is missing', async function() { const model = { getAccessToken: function() {}, getClient: function() {}, @@ -150,7 +149,7 @@ describe('AuthorizeHandler integration', function() { const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { - handler.handle(request); + await handler.handle(request); should.fail(); } catch (e) { @@ -695,25 +694,10 @@ describe('AuthorizeHandler integration', function() { handler.validateRedirectUri('http://example.com/a', { }).should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function() { - const model = { - getAccessToken: function() {}, - getClient: function() {}, - saveAuthorizationCode: function() {}, - validateRedirectUri: function(redirectUri, client, callback) { - callback(null, false); - } - }; - - const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - - handler.validateRedirectUri('http://example.com/a', { }).should.be.an.instanceOf(Promise); - }); }); describe('getClient()', function() { - it('should throw an error if `client_id` is missing', function() { + it('should throw an error if `client_id` is missing', async function() { const model = { getAccessToken: function() {}, getClient: function() {}, @@ -723,7 +707,7 @@ describe('AuthorizeHandler integration', function() { const request = new Request({ body: { response_type: 'code' }, headers: {}, method: {}, query: {} }); try { - handler.getClient(request); + await handler.getClient(request); should.fail(); } catch (e) { @@ -732,7 +716,7 @@ describe('AuthorizeHandler integration', function() { } }); - it('should throw an error if `client_id` is invalid', function() { + it('should throw an error if `client_id` is invalid', async function() { const model = { getAccessToken: function() {}, getClient: function() {}, @@ -742,7 +726,7 @@ describe('AuthorizeHandler integration', function() { const request = new Request({ body: { client_id: 'ø倣‰', response_type: 'code' }, headers: {}, method: {}, query: {} }); try { - handler.getClient(request); + await handler.getClient(request); should.fail(); } catch (e) { @@ -751,7 +735,7 @@ describe('AuthorizeHandler integration', function() { } }); - it('should throw an error if `client.redirectUri` is invalid', function() { + it('should throw an error if `client.redirectUri` is invalid', async function() { const model = { getAccessToken: function() {}, getClient: function() {}, @@ -761,7 +745,7 @@ describe('AuthorizeHandler integration', function() { const request = new Request({ body: { client_id: 12345, response_type: 'code', redirect_uri: 'foobar' }, headers: {}, method: {}, query: {} }); try { - handler.getClient(request); + await handler.getClient(request); should.fail(); } catch (e) { @@ -899,26 +883,6 @@ describe('AuthorizeHandler integration', function() { handler.getClient(request).should.be.an.instanceOf(Promise); }); - it('should support callbacks', function() { - const model = { - getAccessToken: function() {}, - getClient: function(clientId, clientSecret, callback) { - should.equal(clientSecret, null); - callback(null, { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }); - }, - saveAuthorizationCode: function() {} - }; - const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - const request = new Request({ - body: { client_id: 12345 }, - headers: {}, - method: {}, - query: {} - }); - - handler.getClient(request).should.be.an.instanceOf(Promise); - }); - describe('with `client_id` in the request query', function() { it('should return a client', function() { const client = { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }; @@ -942,7 +906,7 @@ describe('AuthorizeHandler integration', function() { }); describe('getScope()', function() { - it('should throw an error if `scope` is invalid', function() { + it('should throw an error if `scope` is invalid', async function() { const model = { getAccessToken: function() {}, getClient: function() {}, @@ -952,7 +916,7 @@ describe('AuthorizeHandler integration', function() { const request = new Request({ body: { scope: 'ø倣‰' }, headers: {}, method: {}, query: {} }); try { - handler.getScope(request); + await handler.getScope(request); should.fail(); } catch (e) { @@ -991,7 +955,7 @@ describe('AuthorizeHandler integration', function() { }); describe('getState()', function() { - it('should throw an error if `allowEmptyState` is false and `state` is missing', function() { + it('should throw an error if `allowEmptyState` is false and `state` is missing', async function() { const model = { getAccessToken: function() {}, getClient: function() {}, @@ -1001,7 +965,7 @@ describe('AuthorizeHandler integration', function() { const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { - handler.getState(request); + await handler.getState(request); should.fail(); } catch (e) { @@ -1022,7 +986,7 @@ describe('AuthorizeHandler integration', function() { should.equal(state, undefined); }); - it('should throw an error if `state` is invalid', function() { + it('should throw an error if `state` is invalid', async function() { const model = { getAccessToken: function() {}, getClient: function() {}, @@ -1032,7 +996,7 @@ describe('AuthorizeHandler integration', function() { const request = new Request({ body: {}, headers: {}, method: {}, query: { state: 'ø倣‰' } }); try { - handler.getState(request); + await handler.getState(request); should.fail(); } catch (e) { @@ -1157,23 +1121,10 @@ describe('AuthorizeHandler integration', function() { handler.saveAuthorizationCode('foo', 'bar', 'biz', 'baz').should.be.an.instanceOf(Promise); }); - - it('should support callbacks when calling `model.saveAuthorizationCode()`', function() { - const model = { - getAccessToken: function() {}, - getClient: function() {}, - saveAuthorizationCode: function(code, client, user, callback) { - return callback(null, true); - } - }; - const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - - handler.saveAuthorizationCode('foo', 'bar', 'biz', 'baz').should.be.an.instanceOf(Promise); - }); }); describe('getResponseType()', function() { - it('should throw an error if `response_type` is missing', function() { + it('should throw an error if `response_type` is missing', async function() { const model = { getAccessToken: function() {}, getClient: function() {}, @@ -1183,7 +1134,7 @@ describe('AuthorizeHandler integration', function() { const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { - handler.getResponseType(request); + await handler.getResponseType(request); should.fail(); } catch (e) { @@ -1192,7 +1143,7 @@ describe('AuthorizeHandler integration', function() { } }); - it('should throw an error if `response_type` is not `code`', function() { + it('should throw an error if `response_type` is not `code`', async function() { const model = { getAccessToken: function() {}, getClient: function() {}, @@ -1202,7 +1153,7 @@ describe('AuthorizeHandler integration', function() { const request = new Request({ body: { response_type: 'foobar' }, headers: {}, method: {}, query: {} }); try { - handler.getResponseType(request); + await handler.getResponseType(request); should.fail(); } catch (e) { @@ -1326,7 +1277,7 @@ describe('AuthorizeHandler integration', function() { const request = new Request({ body: {code_challenge_method: 'foo'}, headers: {}, method: {}, query: {} }); try { - handler.getCodeChallengeMethod(request); + await handler.getCodeChallengeMethod(request); should.fail(); } catch (e) { diff --git a/test/integration/handlers/token-handler_test.js b/test/integration/handlers/token-handler_test.js index 0cb60c3..fd8f769 100644 --- a/test/integration/handlers/token-handler_test.js +++ b/test/integration/handlers/token-handler_test.js @@ -11,7 +11,6 @@ const InvalidClientError = require('../../../lib/errors/invalid-client-error'); const InvalidGrantError = require('../../../lib/errors/invalid-grant-error'); const InvalidRequestError = require('../../../lib/errors/invalid-request-error'); const PasswordGrantType = require('../../../lib/grant-types/password-grant-type'); -const Promise = require('bluebird'); const Request = require('../../../lib/request'); const Response = require('../../../lib/response'); const ServerError = require('../../../lib/errors/server-error'); @@ -149,7 +148,7 @@ describe('TokenHandler integration', function() { }); describe('handle()', function() { - it('should throw an error if `request` is missing', function() { + it('should throw an error if `request` is missing', async function() { const model = { getClient: function() {}, saveToken: function() {} @@ -157,7 +156,7 @@ describe('TokenHandler integration', function() { const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); try { - handler.handle(); + await handler.handle(); should.fail(); } catch (e) { @@ -166,7 +165,7 @@ describe('TokenHandler integration', function() { } }); - it('should throw an error if `response` is missing', function() { + it('should throw an error if `response` is missing', async function() { const model = { getClient: function() {}, saveToken: function() {} @@ -175,7 +174,7 @@ describe('TokenHandler integration', function() { const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { - handler.handle(request); + await handler.handle(request); should.fail(); } catch (e) { @@ -402,7 +401,7 @@ describe('TokenHandler integration', function() { describe('getClient()', function() { - it('should throw an error if `clientId` is invalid', function() { + it('should throw an error if `clientId` is invalid', async function() { const model = { getClient: function() {}, saveToken: function() {} @@ -411,7 +410,7 @@ describe('TokenHandler integration', function() { const request = new Request({ body: { client_id: 'ø倣‰', client_secret: 'foo' }, headers: {}, method: {}, query: {} }); try { - handler.getClient(request); + await handler.getClient(request); should.fail(); } catch (e) { @@ -420,7 +419,7 @@ describe('TokenHandler integration', function() { } }); - it('should throw an error if `clientSecret` is invalid', function() { + it('should throw an error if `clientSecret` is invalid', async function() { const model = { getClient: function() {}, saveToken: function() {} @@ -429,7 +428,7 @@ describe('TokenHandler integration', function() { const request = new Request({ body: { client_id: 'foo', client_secret: 'ø倣‰' }, headers: {}, method: {}, query: {} }); try { - handler.getClient(request); + await handler.getClient(request); should.fail(); } catch (e) { @@ -607,21 +606,10 @@ describe('TokenHandler integration', function() { handler.getClient(request).should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function() { - const model = { - getClient: function(clientId, clientSecret, callback) { callback(null, { grants: [] }); }, - saveToken: function() {} - }; - const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - const request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); - - handler.getClient(request).should.be.an.instanceOf(Promise); - }); }); describe('getClientCredentials()', function() { - it('should throw an error if `client_id` is missing', function() { + it('should throw an error if `client_id` is missing', async function() { const model = { getClient: function() {}, saveToken: function() {} @@ -630,7 +618,7 @@ describe('TokenHandler integration', function() { const request = new Request({ body: { client_secret: 'foo' }, headers: {}, method: {}, query: {} }); try { - handler.getClientCredentials(request); + await handler.getClientCredentials(request); should.fail(); } catch (e) { @@ -639,7 +627,7 @@ describe('TokenHandler integration', function() { } }); - it('should throw an error if `client_secret` is missing', function() { + it('should throw an error if `client_secret` is missing', async function() { const model = { getClient: function() {}, saveToken: function() {} @@ -648,7 +636,7 @@ describe('TokenHandler integration', function() { const request = new Request({ body: { client_id: 'foo' }, headers: {}, method: {}, query: {} }); try { - handler.getClientCredentials(request); + await handler.getClientCredentials(request); should.fail(); } catch (e) { @@ -708,7 +696,7 @@ describe('TokenHandler integration', function() { }); describe('handleGrantType()', function() { - it('should throw an error if `grant_type` is missing', function() { + it('should throw an error if `grant_type` is missing', async function() { const model = { getClient: function() {}, saveToken: function() {} @@ -717,7 +705,7 @@ describe('TokenHandler integration', function() { const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { - handler.handleGrantType(request); + await handler.handleGrantType(request); should.fail(); } catch (e) { @@ -726,7 +714,7 @@ describe('TokenHandler integration', function() { } }); - it('should throw an error if `grant_type` is invalid', function() { + it('should throw an error if `grant_type` is invalid', async function() { const model = { getClient: function() {}, saveToken: function() {} @@ -735,7 +723,7 @@ describe('TokenHandler integration', function() { const request = new Request({ body: { grant_type: '~foo~' }, headers: {}, method: {}, query: {} }); try { - handler.handleGrantType(request); + await handler.handleGrantType(request); should.fail(); } catch (e) { @@ -744,7 +732,7 @@ describe('TokenHandler integration', function() { } }); - it('should throw an error if `grant_type` is unsupported', function() { + it('should throw an error if `grant_type` is unsupported', async function() { const model = { getClient: function() {}, saveToken: function() {} @@ -753,7 +741,7 @@ describe('TokenHandler integration', function() { const request = new Request({ body: { grant_type: 'foobar' }, headers: {}, method: {}, query: {} }); try { - handler.handleGrantType(request); + await handler.handleGrantType(request); should.fail(); } catch (e) { @@ -762,7 +750,7 @@ describe('TokenHandler integration', function() { } }); - it('should throw an error if `grant_type` is unauthorized', function() { + it('should throw an error if `grant_type` is unauthorized', async function() { const client = { grants: ['client_credentials'] }; const model = { getClient: function() {}, @@ -772,7 +760,7 @@ describe('TokenHandler integration', function() { const request = new Request({ body: { grant_type: 'password' }, headers: {}, method: {}, query: {} }); try { - handler.handleGrantType(request, client); + await handler.handleGrantType(request, client); should.fail(); } catch (e) { @@ -784,8 +772,8 @@ describe('TokenHandler integration', function() { it('should throw an invalid grant error if a non-oauth error is thrown', function() { const client = { grants: ['password'] }; const model = { - getClient: function(clientId, password, callback) { callback(null, client); }, - getUser: function(uid, pwd, callback) { callback(); }, + getClient: function(clientId, password) { return client; }, + getUser: function(uid, pwd) {}, saveToken: function() {} }; const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); diff --git a/test/integration/server_test.js b/test/integration/server_test.js index db10544..cb717c7 100644 --- a/test/integration/server_test.js +++ b/test/integration/server_test.js @@ -5,7 +5,6 @@ */ const InvalidArgumentError = require('../../lib/errors/invalid-argument-error'); -const Promise = require('bluebird'); const Request = require('../../lib/request'); const Response = require('../../lib/response'); const Server = require('../../lib/server'); @@ -37,7 +36,7 @@ describe('Server integration', function() { }); describe('authenticate()', function() { - it('should set the default `options`', function() { + it('should set the default `options`', async function() { const model = { getAccessToken: function() { return { @@ -50,35 +49,19 @@ describe('Server integration', function() { const request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); const response = new Response({ body: {}, headers: {} }); - return server.authenticate(request, response) - .then(function() { - this.addAcceptedScopesHeader.should.be.true; - this.addAuthorizedScopesHeader.should.be.true; - this.allowBearerTokensInQueryString.should.be.false; - }) - .catch(should.fail); + try { + await server.authenticate(request, response); + } catch (e) { + server.addAcceptedScopesHeader.should.be.true; + server.addAuthorizedScopesHeader.should.be.true; + server.allowBearerTokensInQueryString.should.be.false; + should.fail(); + } }); it('should return a promise', function() { const model = { - getAccessToken: function(token, callback) { - callback(null, { - user: {}, - accessTokenExpiresAt: new Date(new Date().getTime() + 10000) - }); - } - }; - const server = new Server({ model: model }); - const request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); - const response = new Response({ body: {}, headers: {} }); - const handler = server.authenticate(request, response); - - handler.should.be.an.instanceOf(Promise); - }); - - it('should support callbacks', function(next) { - const model = { - getAccessToken: function() { + getAccessToken: async function(token) { return { user: {}, accessTokenExpiresAt: new Date(new Date().getTime() + 10000) @@ -88,13 +71,14 @@ describe('Server integration', function() { const server = new Server({ model: model }); const request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); const response = new Response({ body: {}, headers: {} }); + const handler = server.authenticate(request, response); - server.authenticate(request, response, null, next); + handler.should.be.an.instanceOf(Promise); }); }); describe('authorize()', function() { - it('should set the default `options`', function() { + it('should set the default `options`', async function() { const model = { getAccessToken: function() { return { @@ -113,12 +97,13 @@ describe('Server integration', function() { const request = new Request({ body: { client_id: 1234, client_secret: 'secret', response_type: 'code' }, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: { state: 'foobar' } }); const response = new Response({ body: {}, headers: {} }); - return server.authorize(request, response) - .then(function() { - this.allowEmptyState.should.be.false; - this.authorizationCodeLifetime.should.equal(300); - }) - .catch(should.fail); + try { + await server.authorize(request, response); + } catch (e) { + server.allowEmptyState.should.be.false; + server.authorizationCodeLifetime.should.equal(300); + should.fail(); + } }); it('should return a promise', function() { @@ -143,32 +128,10 @@ describe('Server integration', function() { handler.should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function(next) { - const model = { - getAccessToken: function() { - return { - user: {}, - accessTokenExpiresAt: new Date(new Date().getTime() + 10000) - }; - }, - getClient: function() { - return { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }; - }, - saveAuthorizationCode: function() { - return { authorizationCode: 123 }; - } - }; - const server = new Server({ model: model }); - const request = new Request({ body: { client_id: 1234, client_secret: 'secret', response_type: 'code' }, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: { state: 'foobar' } }); - const response = new Response({ body: {}, headers: {} }); - - server.authorize(request, response, null, next); - }); }); describe('token()', function() { - it('should set the default `options`', function() { + it('should set the default `options`', async function() { const model = { getClient: function() { return { grants: ['password'] }; @@ -185,12 +148,13 @@ describe('Server integration', function() { const request = new Request({ body: { client_id: 1234, client_secret: 'secret', grant_type: 'password', username: 'foo', password: 'pass', scope: 'foo' }, headers: { 'content-type': 'application/x-www-form-urlencoded', 'transfer-encoding': 'chunked' }, method: 'POST', query: {} }); const response = new Response({ body: {}, headers: {} }); - return server.token(request, response) - .then(function() { - this.accessTokenLifetime.should.equal(3600); - this.refreshTokenLifetime.should.equal(1209600); - }) - .catch(should.fail); + try { + await server.token(request, response); + } catch (e) { + server.accessTokenLifetime.should.equal(3600); + server.refreshTokenLifetime.should.equal(1209600); + should.fail(); + } }); it('should return a promise', function() { @@ -212,27 +176,5 @@ describe('Server integration', function() { handler.should.be.an.instanceOf(Promise); }); - - it('should support callbacks', function(next) { - const model = { - getClient: function() { - return { grants: ['password'] }; - }, - getUser: function() { - return {}; - }, - saveToken: function() { - return { accessToken: 1234, client: {}, user: {} }; - }, - validateScope: function() { - return 'foo'; - } - }; - const server = new Server({ model: model }); - const request = new Request({ body: { client_id: 1234, client_secret: 'secret', grant_type: 'password', username: 'foo', password: 'pass', scope: 'foo' }, headers: { 'content-type': 'application/x-www-form-urlencoded', 'transfer-encoding': 'chunked' }, method: 'POST', query: {} }); - const response = new Response({ body: {}, headers: {} }); - - server.token(request, response, null, next); - }); }); }); diff --git a/test/integration/utils/token-util_test.js b/test/integration/utils/token-util_test.js index d4f368e..edf9c7e 100644 --- a/test/integration/utils/token-util_test.js +++ b/test/integration/utils/token-util_test.js @@ -5,7 +5,6 @@ */ const TokenUtil = require('../../../lib/utils/token-util'); -const should = require('chai').should(); /** * Test `TokenUtil` integration. @@ -13,12 +12,9 @@ const should = require('chai').should(); describe('TokenUtil integration', function() { describe('generateRandomToken()', function() { - it('should return a sha-256 token', function() { - return TokenUtil.generateRandomToken() - .then(function(token) { - token.should.be.a.sha256(); - }) - .catch(should.fail); + it('should return a sha-256 token', async function() { + const token = await TokenUtil.generateRandomToken(); + token.should.be.a.sha256(); }); }); }); diff --git a/test/unit/grant-types/authorization-code-grant-type_test.js b/test/unit/grant-types/authorization-code-grant-type_test.js index 7672ed4..c3502be 100644 --- a/test/unit/grant-types/authorization-code-grant-type_test.js +++ b/test/unit/grant-types/authorization-code-grant-type_test.js @@ -7,7 +7,6 @@ const AuthorizationCodeGrantType = require('../../../lib/grant-types/authorization-code-grant-type'); const InvalidGrantError = require('../../../lib/errors/invalid-grant-error'); const ServerError = require('../../../lib/errors/server-error'); -const Promise = require('bluebird'); const Request = require('../../../lib/request'); const sinon = require('sinon'); const should = require('chai').should(); diff --git a/test/unit/handlers/authorize-handler_test.js b/test/unit/handlers/authorize-handler_test.js index 0038c7c..91ab651 100644 --- a/test/unit/handlers/authorize-handler_test.js +++ b/test/unit/handlers/authorize-handler_test.js @@ -7,7 +7,6 @@ const AuthorizeHandler = require('../../../lib/handlers/authorize-handler'); const Request = require('../../../lib/request'); const Response = require('../../../lib/response'); -const Promise = require('bluebird'); const sinon = require('sinon'); const should = require('chai').should(); diff --git a/test/unit/server_test.js b/test/unit/server_test.js index 3987df7..df68521 100644 --- a/test/unit/server_test.js +++ b/test/unit/server_test.js @@ -6,7 +6,6 @@ const AuthenticateHandler = require('../../lib/handlers/authenticate-handler'); const AuthorizeHandler = require('../../lib/handlers/authorize-handler'); -const Promise = require('bluebird'); const Server = require('../../lib/server'); const TokenHandler = require('../../lib/handlers/token-handler'); const sinon = require('sinon'); From 5454497abd1219b88219dcacaa9c4917fc529b5f Mon Sep 17 00:00:00 2001 From: jankapunkt Date: Fri, 9 Jun 2023 08:51:09 +0200 Subject: [PATCH 2/7] docs: add 5.0.0 to changelog --- CHANGELOG.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f85f845..608cb59 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,13 @@ ## Changelog +## 5.0.0 + +- removed `bluebird` and `promisify-any` +- uses native Promises and `async/await` everywhere +- drop support for Node 14 (EOL), setting Node 16 as `engine` in `package.json` +- this is a breaking change, because **it removes callback support** for + `OAuthServer` and your model implementation. + ## 4.2.0 ### Fixed - fix(core): Bearer regular expression matching in authenticate handler #105 From 085b13d49040646c48af0fbf4b1f8ba21e24e40d Mon Sep 17 00:00:00 2001 From: jankapunkt Date: Fri, 9 Jun 2023 08:51:22 +0200 Subject: [PATCH 3/7] docs: add 5.x note to readme --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index 1b14f03..b60607f 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,13 @@ Most users should refer to our [Express (active)](https://github.com/node-oauth/ More examples can be found here: https://github.com/14gasher/oauth-example +## Version 5 notes + +Beginning with version `5.x` we removed dual support for callbacks and promises. +With this version there is only support for Promises / async/await. + +With this version we also bumped the `engine` to Node 16 as 14 is now deprecated. + ## Migrating from OAuthJs and 3.x Version 4.x should not be hard-breaking, however, there were many improvements and fixes that may From 2627848af9b0b4f3a4f64b47ad0e07bdc19c7db5 Mon Sep 17 00:00:00 2001 From: jankapunkt Date: Fri, 9 Jun 2023 08:51:36 +0200 Subject: [PATCH 4/7] docs: add 5.x to security policy --- SECURITY.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index f0cc8ef..5bc4f6a 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -5,11 +5,12 @@ Use this section to tell people about which versions of your project are currently being supported with security updates. -| Version | Supported | -| ------- | ------------------ | -| 4.x.x | :white_check_mark: | -| 3.x.x | :white_check_mark: but only very critical security issues | -| < 3 | :x: | +| Version | Supported | +|---------|--------------------------------------------------| +| 5.x.x | :white_check_mark: | +| 4.x.x | :white_check_mark: but only high severity issues | +| 3.x.x | :x: | +| < 3 | :x: | ## Reporting a Vulnerability From cf2adbac8f5335b6fa4714a6d13a0cbecb0bcb6f Mon Sep 17 00:00:00 2001 From: jankapunkt Date: Fri, 9 Jun 2023 08:52:06 +0200 Subject: [PATCH 5/7] build(core): bump node 14 to 16 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 2c26e6b..c3bd5e8 100644 --- a/package.json +++ b/package.json @@ -38,7 +38,7 @@ }, "license": "MIT", "engines": { - "node": ">=14.0.0" + "node": ">=16.0.0" }, "scripts": { "pretest": "./node_modules/.bin/eslint lib test index.js", From 2563e7b7afe33e21ca06d675ae30b0635b39295c Mon Sep 17 00:00:00 2001 From: jankapunkt Date: Tue, 13 Jun 2023 15:22:07 +0200 Subject: [PATCH 6/7] fix: replace Promise. calls in async functions with native behaviour --- lib/grant-types/client-credentials-grant-type.js | 10 +++------- lib/handlers/authorize-handler.js | 2 +- lib/handlers/token-handler.js | 4 ++-- 3 files changed, 6 insertions(+), 10 deletions(-) diff --git a/lib/grant-types/client-credentials-grant-type.js b/lib/grant-types/client-credentials-grant-type.js index a4ae1ed..e2db3f7 100644 --- a/lib/grant-types/client-credentials-grant-type.js +++ b/lib/grant-types/client-credentials-grant-type.js @@ -69,13 +69,9 @@ class ClientCredentialsGrantType extends AbstractGrantType { */ async saveToken(user, client, scope) { - const fns = [ - this.validateScope(user, client, scope), - this.generateAccessToken(client, user, scope), - this.getAccessTokenExpiresAt(client, user, scope), - ]; - - const [validatedScope, accessToken, accessTokenExpiresAt] = await Promise.all(fns); + const validatedScope = await this.validateScope(user, client, scope); + const accessToken = await this.generateAccessToken(client, user, scope); + const accessTokenExpiresAt = await this.getAccessTokenExpiresAt(client, user, scope); const token = { accessToken: accessToken, accessTokenExpiresAt: accessTokenExpiresAt, diff --git a/lib/handlers/authorize-handler.js b/lib/handlers/authorize-handler.js index 49d5515..75d1b2e 100644 --- a/lib/handlers/authorize-handler.js +++ b/lib/handlers/authorize-handler.js @@ -308,7 +308,7 @@ AuthorizeHandler.prototype.validateRedirectUri = async function(redirectUri, cli return this.model.validateRedirectUri(redirectUri, client); } - return Promise.resolve(client.redirectUris.includes(redirectUri)); + return client.redirectUris.includes(redirectUri); }; /** * Get response type. diff --git a/lib/handlers/token-handler.js b/lib/handlers/token-handler.js index 4630c4f..468d810 100644 --- a/lib/handlers/token-handler.js +++ b/lib/handlers/token-handler.js @@ -76,11 +76,11 @@ TokenHandler.prototype.handle = async function(request, response) { } if (request.method !== 'POST') { - return Promise.reject(new InvalidRequestError('Invalid request: method must be POST')); + throw new InvalidRequestError('Invalid request: method must be POST'); } if (!request.is('application/x-www-form-urlencoded')) { - return Promise.reject(new InvalidRequestError('Invalid request: content must be application/x-www-form-urlencoded')); + throw new InvalidRequestError('Invalid request: content must be application/x-www-form-urlencoded'); } try { From e1fdc23e652dff163cb8d07d5bd272204fc8666b Mon Sep 17 00:00:00 2001 From: jankapunkt Date: Tue, 13 Jun 2023 15:35:35 +0200 Subject: [PATCH 7/7] fix(tests): replace Promise. calls with native async behaviour where applicable --- .../grant-types/abstract-grant-type_test.js | 8 ++++---- .../authorization-code-grant-type_test.js | 8 ++++---- .../client-credentials-grant-type_test.js | 4 ++-- .../grant-types/password-grant-type_test.js | 6 +++--- .../grant-types/refresh-token-grant-type_test.js | 12 ++++++------ .../handlers/authenticate-handler_test.js | 4 ++-- .../handlers/authorize-handler_test.js | 16 ++++++++-------- test/integration/handlers/token-handler_test.js | 2 +- 8 files changed, 30 insertions(+), 30 deletions(-) diff --git a/test/integration/grant-types/abstract-grant-type_test.js b/test/integration/grant-types/abstract-grant-type_test.js index 5d9aa7a..e874509 100644 --- a/test/integration/grant-types/abstract-grant-type_test.js +++ b/test/integration/grant-types/abstract-grant-type_test.js @@ -70,8 +70,8 @@ describe('AbstractGrantType integration', function() { it('should support promises', function() { const model = { - generateAccessToken: function() { - return Promise.resolve({}); + generateAccessToken: async function() { + return {}; } }; const handler = new AbstractGrantType({ accessTokenLifetime: 123, model: model, refreshTokenLifetime: 456 }); @@ -104,8 +104,8 @@ describe('AbstractGrantType integration', function() { it('should support promises', function() { const model = { - generateRefreshToken: function() { - return Promise.resolve({}); + generateRefreshToken: async function() { + return {}; } }; const handler = new AbstractGrantType({ accessTokenLifetime: 123, model: model, refreshTokenLifetime: 456 }); diff --git a/test/integration/grant-types/authorization-code-grant-type_test.js b/test/integration/grant-types/authorization-code-grant-type_test.js index 85c007f..a4d69c4 100644 --- a/test/integration/grant-types/authorization-code-grant-type_test.js +++ b/test/integration/grant-types/authorization-code-grant-type_test.js @@ -145,7 +145,7 @@ describe('AuthorizationCodeGrantType integration', function() { it('should support promises', function() { const client = { id: 'foobar' }; const model = { - getAuthorizationCode: function() { return Promise.resolve({ authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }); }, + getAuthorizationCode: function() { return { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }; }, revokeAuthorizationCode: function() { return true; }, saveToken: function() {} }; @@ -362,7 +362,7 @@ describe('AuthorizationCodeGrantType integration', function() { const authorizationCode = { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }; const client = { id: 'foobar' }; const model = { - getAuthorizationCode: function() { return Promise.resolve(authorizationCode); }, + getAuthorizationCode: async function() { return authorizationCode; }, revokeAuthorizationCode: function() {}, saveToken: function() {} }; @@ -469,7 +469,7 @@ describe('AuthorizationCodeGrantType integration', function() { const authorizationCode = { authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() / 2), user: {} }; const model = { getAuthorizationCode: function() {}, - revokeAuthorizationCode: function() { return Promise.resolve(true); }, + revokeAuthorizationCode: async function() { return true; }, saveToken: function() {} }; const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); @@ -513,7 +513,7 @@ describe('AuthorizationCodeGrantType integration', function() { const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() {}, - saveToken: function() { return Promise.resolve(token); } + saveToken: async function() { return token; } }; const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); diff --git a/test/integration/grant-types/client-credentials-grant-type_test.js b/test/integration/grant-types/client-credentials-grant-type_test.js index 20c2da4..83de9f9 100644 --- a/test/integration/grant-types/client-credentials-grant-type_test.js +++ b/test/integration/grant-types/client-credentials-grant-type_test.js @@ -168,7 +168,7 @@ describe('ClientCredentialsGrantType integration', function() { it('should support promises', function() { const user = { email: 'foo@bar.com' }; const model = { - getUserFromClient: function() { return Promise.resolve(user); }, + getUserFromClient: async function() { return user; }, saveToken: function() {} }; const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); @@ -211,7 +211,7 @@ describe('ClientCredentialsGrantType integration', function() { const token = {}; const model = { getUserFromClient: function() {}, - saveToken: function() { return Promise.resolve(token); } + saveToken: async function() { return token; } }; const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 123, model: model }); diff --git a/test/integration/grant-types/password-grant-type_test.js b/test/integration/grant-types/password-grant-type_test.js index 11dc3a3..04452ee 100644 --- a/test/integration/grant-types/password-grant-type_test.js +++ b/test/integration/grant-types/password-grant-type_test.js @@ -113,7 +113,7 @@ describe('PasswordGrantType integration', function() { const token = {}; const model = { getUser: function() { return {}; }, - saveToken: function() { return Promise.resolve(token); } + saveToken: async function() { return token; } }; const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); const request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); @@ -245,7 +245,7 @@ describe('PasswordGrantType integration', function() { it('should support promises', function() { const user = { email: 'foo@bar.com' }; const model = { - getUser: function() { return Promise.resolve(user); }, + getUser: async function() { return user; }, saveToken: function() {} }; const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); @@ -288,7 +288,7 @@ describe('PasswordGrantType integration', function() { const token = {}; const model = { getUser: function() {}, - saveToken: function() { return Promise.resolve(token); } + saveToken: async function() { return token; } }; const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); diff --git a/test/integration/grant-types/refresh-token-grant-type_test.js b/test/integration/grant-types/refresh-token-grant-type_test.js index 3273606..fede377 100644 --- a/test/integration/grant-types/refresh-token-grant-type_test.js +++ b/test/integration/grant-types/refresh-token-grant-type_test.js @@ -131,9 +131,9 @@ describe('RefreshTokenGrantType integration', function() { it('should support promises', function() { const client = { id: 123 }; const model = { - getRefreshToken: function() { return Promise.resolve({ accessToken: 'foo', client: { id: 123 }, user: {} }); }, - revokeToken: function() { return Promise.resolve({ accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }); }, - saveToken: function() { return Promise.resolve({ accessToken: 'foo', client: {}, user: {} }); } + getRefreshToken: async function() { return { accessToken: 'foo', client: { id: 123 }, user: {} }; }, + revokeToken: async function() { return { accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }; }, + saveToken: async function() { return { accessToken: 'foo', client: {}, user: {} }; } }; const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); const request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); @@ -357,7 +357,7 @@ describe('RefreshTokenGrantType integration', function() { const client = { id: 123 }; const token = { accessToken: 'foo', client: { id: 123 }, user: {} }; const model = { - getRefreshToken: function() { return Promise.resolve(token); }, + getRefreshToken: async function() { return token; }, revokeToken: function() {}, saveToken: function() {} }; @@ -419,7 +419,7 @@ describe('RefreshTokenGrantType integration', function() { const token = { accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }; const model = { getRefreshToken: function() {}, - revokeToken: function() { return Promise.resolve(token); }, + revokeToken: async function() { return token; }, saveToken: function() {} }; const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); @@ -462,7 +462,7 @@ describe('RefreshTokenGrantType integration', function() { const model = { getRefreshToken: function() {}, revokeToken: function() {}, - saveToken: function() { return Promise.resolve(token); } + saveToken: async function() { return token; } }; const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); diff --git a/test/integration/handlers/authenticate-handler_test.js b/test/integration/handlers/authenticate-handler_test.js index d8bf728..c069ed9 100644 --- a/test/integration/handlers/authenticate-handler_test.js +++ b/test/integration/handlers/authenticate-handler_test.js @@ -445,8 +445,8 @@ describe('AuthenticateHandler integration', function() { it('should support promises', function() { const model = { - getAccessToken: function() { - return Promise.resolve({ user: {} }); + getAccessToken: async function() { + return { user: {} }; } }; const handler = new AuthenticateHandler({ model: model }); diff --git a/test/integration/handlers/authorize-handler_test.js b/test/integration/handlers/authorize-handler_test.js index 8a5eb65..5da1b39 100644 --- a/test/integration/handlers/authorize-handler_test.js +++ b/test/integration/handlers/authorize-handler_test.js @@ -612,8 +612,8 @@ describe('AuthorizeHandler integration', function() { it('should support promises', function() { const model = { - generateAuthorizationCode: function() { - return Promise.resolve({}); + generateAuthorizationCode: async function() { + return {}; }, getAccessToken: function() {}, getClient: function() {}, @@ -670,8 +670,8 @@ describe('AuthorizeHandler integration', function() { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {}, - validateRedirectUri: function() { - return Promise.resolve(true); + validateRedirectUri: async function() { + return true; } }; @@ -848,8 +848,8 @@ describe('AuthorizeHandler integration', function() { it('should support promises', function() { const model = { getAccessToken: function() {}, - getClient: function() { - return Promise.resolve({ grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }); + getClient: async function() { + return { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }; }, saveAuthorizationCode: function() {} }; @@ -1100,8 +1100,8 @@ describe('AuthorizeHandler integration', function() { const model = { getAccessToken: function() {}, getClient: function() {}, - saveAuthorizationCode: function() { - return Promise.resolve({}); + saveAuthorizationCode: async function() { + return {}; } }; const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); diff --git a/test/integration/handlers/token-handler_test.js b/test/integration/handlers/token-handler_test.js index fd8f769..4477c7b 100644 --- a/test/integration/handlers/token-handler_test.js +++ b/test/integration/handlers/token-handler_test.js @@ -587,7 +587,7 @@ describe('TokenHandler integration', function() { it('should support promises', function() { const model = { - getClient: function() { return Promise.resolve({ grants: [] }); }, + getClient: async function() { return { grants: [] }; }, saveToken: function() {} }; const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 });