Skip to content

Commit

Permalink
refactor: upgrade got from v9.x to v11.x
Browse files Browse the repository at this point in the history
BREAKING CHANGE: upgraded got http request library dependency from
`v9.x` to `v11.x`. If you override some of the http request options
you will most certainly have to accomodate them.
  • Loading branch information
panva committed Sep 8, 2020
1 parent 641a42f commit c72b5e8
Show file tree
Hide file tree
Showing 16 changed files with 83 additions and 89 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ jobs:
strategy:
matrix:
node-version:
- 10.13.0
- 10.19.0
- 10
- 12.0.0
- 12
Expand Down
4 changes: 2 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ or koa middlewares. Those can however be built using the exposed API.

## Install

Node.js version **>=12.0.0** is recommended, but **^10.13.0** lts/dubnium is also supported.
Node.js version **>=12.0.0** is recommended, but **^10.19.0** lts/dubnium is also supported.

```console
npm install openid-client
Expand Down Expand Up @@ -260,7 +260,7 @@ private API and is subject to change between any versions.

#### How do I use it outside of Node.js

It is **only built for ^10.13.0 || >=12.0.0 Node.js** environment - including openid-client in
It is **only built for ^10.19.0 || >=12.0.0 Node.js** environment - including openid-client in
browser-environment targeted projects is not supported and may result in unexpected results.

#### What's new in 3.x?
Expand Down
30 changes: 15 additions & 15 deletions docs/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -360,7 +360,7 @@ Fetches an arbitrary resource with the provided Access Token in an Authorization
- `method`: `<string>` The HTTP verb to use for the request. **Default:** 'GET'
- `tokenType`: `<string>` The token type as the Authorization Header scheme. **Default:** 'Bearer'
or the `token_type` property from a passed in TokenSet.
- Returns: `Promise<Response>` Response is a [Got Response](https://github.com/sindresorhus/got/tree/v9.6.0#response)
- Returns: `Promise<Response>` Response is a [Got Response](https://github.com/sindresorhus/got/tree/v11.5.2#response)
with the `body` property being a `<Buffer>`


Expand Down Expand Up @@ -523,7 +523,7 @@ Performs Dynamic Client Read Request to retrieve a Client instance.
#### Customizing HTTP requests

The following are default [`got`][got-library] request
[options](https://github.com/sindresorhus/got/tree/v9.6.0#options) that openid-client sets for all
[options](https://github.com/sindresorhus/got/tree/v11.5.2#options) that openid-client sets for all
requests.

```js
Expand Down Expand Up @@ -552,7 +552,7 @@ This is meant to change global request options such as `timeout` or the default
<summary><em><strong>Example</strong></em> (Click to expand) debugging HTTP requests and responses</summary>

You can use the [`got`][got-library] request
[options.hooks](https://github.com/sindresorhus/got/tree/v9.6.0#options) to log outgoing requests and their responses.
[options.hooks](https://github.com/sindresorhus/got/tree/v11.5.2#options) to log outgoing requests and their responses.

```js
const { custom } = require('openid-client')
Expand Down Expand Up @@ -622,15 +622,15 @@ you need to work around, e.g. adding custom headers or body payload parameters.
```js
const { custom } = require('openid-client');
client[custom.http_options] = function (options) {
// see https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options
// key, cert, ca, rejectUnauthorized
options.cert = cert; // <string> | <string[]> | <Buffer> | <Buffer[]>
options.key = key; // <string> | <string[]> | <Buffer> | <Buffer[]> | <Object[]>
// see https://github.com/sindresorhus/got/tree/v11.5.2#advanced-https-api
options.https = options.https || {};
options.https.cert = cert; // <string> | <string[]> | <Buffer> | <Buffer[]>
options.https.key = key; // <string> | <string[]> | <Buffer> | <Buffer[]> | <Object[]>
// custom CA
// options.ca = ca; // <string> | <string[]> | <Buffer> | <Buffer[]>
// options.https.ca = ca; // <string> | <string[]> | <Buffer> | <Buffer[]>

// use HTTP(S)_PROXY
// https://github.com/sindresorhus/got/tree/v9.6.0#agent
// https://github.com/sindresorhus/got/tree/v11.5.2#agent
// options.agent = agent;

return options;
Expand All @@ -644,20 +644,20 @@ client[custom.http_options] = function (options) {
```js
const { custom } = require('openid-client');
client[custom.http_options] = function (options) {
// https://github.com/sindresorhus/got/tree/v9.6.0#headers
// https://github.com/sindresorhus/got/tree/v11.5.2#headers
// options.headers = Object.assign(options.headers, { 'custom': 'foo' });

// https://github.com/sindresorhus/got/tree/v9.6.0#timeout
// https://github.com/sindresorhus/got/tree/v11.5.2#timeout
// options.timeout = timeout;

// https://github.com/sindresorhus/got/tree/v9.6.0#retry
// https://github.com/sindresorhus/got/tree/v11.5.2#retry
// options.retry = retry;

// https://github.com/sindresorhus/got/tree/v9.6.0#followredirect
// https://github.com/sindresorhus/got/tree/v11.5.2#followredirect
// options.followRedirect = false;

// use HTTP(S)_PROXY
// https://github.com/sindresorhus/got/tree/v9.6.0#agent
// https://github.com/sindresorhus/got/tree/v11.5.2#agent
// options.agent = agent;

return options;
Expand Down Expand Up @@ -987,5 +987,5 @@ request instance.
[support-sponsor]: https://github.com/sponsors/panva
[jose]: https://github.com/panva/jose
[webfinger-discovery]: https://openid.net/specs/openid-connect-discovery-1_0.html#IssuerDiscovery
[got-library]: https://github.com/sindresorhus/got/tree/v9.6.0
[got-library]: https://github.com/sindresorhus/got/tree/v11.5.2
[client-authentication]: https://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication
40 changes: 16 additions & 24 deletions lib/client.js
Original file line number Diff line number Diff line change
Expand Up @@ -1042,7 +1042,7 @@ module.exports = (issuer, aadIssValidation = false) => class Client extends Base

return request.call(this, {
...requestOpts,
encoding: null,
responseType: 'buffer',
method,
url: resourceUrl,
}, { mTLS });
Expand Down Expand Up @@ -1071,8 +1071,7 @@ module.exports = (issuer, aadIssValidation = false) => class Client extends Base
throw new TypeError('can only send body on POST');
}

const jwt = !!(this.userinfo_signed_response_alg
|| this.userinfo_encrypted_response_alg);
const jwt = !!(this.userinfo_signed_response_alg || this.userinfo_encrypted_response_alg);

if (jwt) {
options.headers = { Accept: 'application/jwt' };
Expand Down Expand Up @@ -1155,11 +1154,7 @@ module.exports = (issuer, aadIssValidation = false) => class Client extends Base
try {
parsed = JSON.parse(response.body);
} catch (error) {
const parseError = new ParseError(
error, response.statusCode, response.request.gotOptions, response.body,
);
Object.defineProperty(parseError, 'response', { value: response });
throw parseError;
throw new ParseError(error, response);
}
}

Expand Down Expand Up @@ -1239,9 +1234,8 @@ module.exports = (issuer, aadIssValidation = false) => class Client extends Base
this,
'token',
{
form: true,
body,
json: true,
form: body,
responseType: 'json',
},
{ clientAssertionPayload },
);
Expand Down Expand Up @@ -1269,9 +1263,8 @@ module.exports = (issuer, aadIssValidation = false) => class Client extends Base
this,
'device_authorization',
{
form: true,
body,
json: true,
responseType: 'json',
form: body,
},
{ clientAssertionPayload, endpointAuthMethod: 'token' },
);
Expand All @@ -1296,17 +1289,16 @@ module.exports = (issuer, aadIssValidation = false) => class Client extends Base
throw new TypeError('hint must be a string');
}

const body = { ...revokeBody, token };
const form = { ...revokeBody, token };

if (hint) {
body.token_type_hint = hint;
form.token_type_hint = hint;
}

const response = await authenticatedPost.call(
this,
'revocation', {
body,
form: true,
form,
}, { clientAssertionPayload },
);
processResponse(response, { body: false });
Expand All @@ -1322,15 +1314,15 @@ module.exports = (issuer, aadIssValidation = false) => class Client extends Base
throw new TypeError('hint must be a string');
}

const body = { ...introspectBody, token };
const form = { ...introspectBody, token };
if (hint) {
body.token_type_hint = hint;
form.token_type_hint = hint;
}

const response = await authenticatedPost.call(
this,
'introspection',
{ body, form: true, json: true },
{ form, responseType: 'json' },
{ clientAssertionPayload },
);

Expand Down Expand Up @@ -1443,8 +1435,8 @@ module.exports = (issuer, aadIssValidation = false) => class Client extends Base
headers: initialAccessToken ? {
Authorization: authorizationHeaderValue(initialAccessToken),
} : undefined,
json: true,
body: metadata,
responseType: 'json',
json: metadata,
url: this.issuer.registration_endpoint,
method: 'POST',
});
Expand Down Expand Up @@ -1473,7 +1465,7 @@ module.exports = (issuer, aadIssValidation = false) => class Client extends Base
const response = await request.call(this, {
method: 'GET',
url: registrationClientUri,
json: true,
responseType: 'json',
headers: { Authorization: authorizationHeaderValue(registrationAccessToken) },
});
const responseBody = processResponse(response, { bearer: true });
Expand Down
5 changes: 2 additions & 3 deletions lib/device_flow_handle.js
Original file line number Diff line number Diff line change
Expand Up @@ -42,13 +42,12 @@ class DeviceFlowHandle {
instance(this).client,
'token',
{
form: true,
body: {
form: {
...instance(this).exchangeBody,
grant_type: 'urn:ietf:params:oauth:grant-type:device_code',
device_code: this.device_code,
},
json: true,
responseType: 'json',
},
{ clientAssertionPayload: instance(this).clientAssertionPayload },
);
Expand Down
14 changes: 7 additions & 7 deletions lib/helpers/client.js
Original file line number Diff line number Diff line change
Expand Up @@ -56,12 +56,12 @@ async function authFor(endpoint, { clientAssertionPayload } = {}) {
case 'self_signed_tls_client_auth':
case 'tls_client_auth':
case 'none':
return { body: { client_id: this.client_id } };
return { form: { client_id: this.client_id } };
case 'client_secret_post':
if (!this.client_secret) {
throw new TypeError('client_secret_post client authentication method requires a client_secret');
}
return { body: { client_id: this.client_id, client_secret: this.client_secret } };
return { form: { client_id: this.client_id, client_secret: this.client_secret } };
case 'private_key_jwt':
case 'client_secret_jwt': {
const timestamp = now();
Expand All @@ -76,7 +76,7 @@ async function authFor(endpoint, { clientAssertionPayload } = {}) {
});

return {
body: {
form: {
client_id: this.client_id,
client_assertion: assertion,
client_assertion_type: 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
Expand Down Expand Up @@ -125,7 +125,7 @@ async function authenticatedPost(endpoint, opts, {
clientAssertionPayload, endpointAuthMethod = endpoint,
} = {}) {
const auth = await authFor.call(this, endpointAuthMethod, { clientAssertionPayload });
const requestOpts = merge(opts, auth, { form: true });
const requestOpts = merge(opts, auth);

const mTLS = this[`${endpointAuthMethod}_endpoint_auth_method`].includes('tls_client_auth')
|| (endpoint === 'token' && this.tls_client_certificate_bound_access_tokens);
Expand All @@ -137,10 +137,10 @@ async function authenticatedPost(endpoint, opts, {

targetUrl = targetUrl || this.issuer[`${endpoint}_endpoint`];

if ('body' in requestOpts) {
for (const [key, value] of Object.entries(requestOpts.body)) { // eslint-disable-line no-restricted-syntax, max-len
if ('form' in requestOpts) {
for (const [key, value] of Object.entries(requestOpts.form)) { // eslint-disable-line no-restricted-syntax, max-len
if (typeof value === 'undefined') {
delete requestOpts.body[key];
delete requestOpts.form[key];
}
}
}
Expand Down
8 changes: 7 additions & 1 deletion lib/helpers/request.js
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,13 @@ module.exports = function request(options, { mTLS = false } = {}) {
opts = options;
}

if (mTLS && (!opts.key || !opts.cert)) {
if (
mTLS
&& (
(!opts.key || !opts.cert)
&& (!opts.https || !opts.https.key || !opts.https.certificate)
)
) {
throw new TypeError('mutual-TLS certificate and key not set');
}
return got(opts);
Expand Down
10 changes: 5 additions & 5 deletions lib/issuer.js
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ class Issuer {
cache.reset();
const response = await request.call(this, {
method: 'GET',
json: true,
responseType: 'json',
url: this.jwks_uri,
});
const jwks = processResponse(response);
Expand Down Expand Up @@ -168,8 +168,8 @@ class Issuer {
const response = await request.call(this, {
method: 'GET',
url: webfingerUrl,
json: true,
query: { resource, rel: REL },
responseType: 'json',
searchParams: { resource, rel: REL },
followRedirect: true,
});
const body = processResponse(response);
Expand Down Expand Up @@ -214,7 +214,7 @@ class Issuer {
if (parsed.pathname.includes('/.well-known/')) {
const response = await request.call(this, {
method: 'GET',
json: true,
responseType: 'json',
url: uri,
});
const body = processResponse(response);
Expand Down Expand Up @@ -243,7 +243,7 @@ class Issuer {
const wellKnownUri = url.format({ ...parsed, pathname });
const response = await request.call(this, {
method: 'GET',
json: true,
responseType: 'json',
url: wellKnownUri,
});
const body = processResponse(response);
Expand Down
5 changes: 2 additions & 3 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -43,9 +43,8 @@
"test": "mocha test/**/*.test.js"
},
"dependencies": {
"@types/got": "^9.6.9",
"base64url": "^3.0.1",
"got": "^9.6.0",
"got": "^11.5.2",
"jose": "^1.27.1",
"lru-cache": "^6.0.0",
"make-error": "^1.3.6",
Expand All @@ -70,7 +69,7 @@
"timekeeper": "^2.2.0"
},
"engines": {
"node": "^10.13.0 || >=12.0.0"
"node": "^10.19.0 || >=12.0.0"
},
"commitlint": {
"extends": [
Expand Down
Loading

0 comments on commit c72b5e8

Please sign in to comment.