diff --git a/.eslintrc b/.eslintrc index 3ef5eda..8e36b31 100644 --- a/.eslintrc +++ b/.eslintrc @@ -34,6 +34,13 @@ "no-console": [ "error" ], + "no-var": [ + "error" + ], + "prefer-const": ["error", { + "destructuring": "any", + "ignoreReadBeforeAssign": false + }], "no-unused-vars": [ "error", { diff --git a/CHANGELOG.md b/CHANGELOG.md index 668c19c..e258b2a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,13 @@ ## Changelog +## 4.1.1 + +### Added +- Added TypeScript types +### Changed +- Removed extra files when someone npm installs. +- Upgrades all code from ES5 to ES6, where possible. + ## 4.1.0 ### Changed * Bump dev dependencies to resolve vulnerabilities diff --git a/index.d.ts b/index.d.ts new file mode 100644 index 0000000..260e34a --- /dev/null +++ b/index.d.ts @@ -0,0 +1,476 @@ +// Type definitions for Node OAuth2 Server 4.0 +// Definitions by: Robbie Van Gorkom , +// Charles Irick , +// Daniel Fischer , +// Vitor Santos + +import * as http from 'http'; + +/** + * Represents an OAuth2 server instance. + */ +declare class OAuth2Server { + static OAuth2Server: typeof OAuth2Server; + + /** + * Instantiates OAuth2Server using the supplied model + */ + constructor(options: OAuth2Server.ServerOptions); + + /** + * Authenticates a request. + */ + authenticate( + request: OAuth2Server.Request, + response: OAuth2Server.Response, + options?: OAuth2Server.AuthenticateOptions, + callback?: OAuth2Server.Callback + ): Promise; + + /** + * Authorizes a token request. + */ + authorize( + request: OAuth2Server.Request, + response: OAuth2Server.Response, + options?: OAuth2Server.AuthorizeOptions, + callback?: OAuth2Server.Callback + ): Promise; + + /** + * Retrieves a new token for an authorized token request. + */ + token( + request: OAuth2Server.Request, + response: OAuth2Server.Response, + options?: OAuth2Server.TokenOptions, + callback?: OAuth2Server.Callback + ): Promise; +} + +declare namespace OAuth2Server { + /** + * Represents an incoming HTTP request. + */ + class Request { + body?: any; + headers?: { [key: string]: string; } | undefined; + method?: string | undefined; + query?: { [key: string]: string; } | undefined; + + /** + * Instantiates Request using the supplied options. + * + */ + constructor(options?: { [key: string]: any } | http.IncomingMessage); + + /** + * Returns the specified HTTP header field. The match is case-insensitive. + * + */ + get(field: string): any | undefined; + + /** + * Checks if the request’s Content-Type HTTP header matches any of the given MIME types. + * + */ + is(types: string[]): string | false; + } + + /** + * Represents an outgoing HTTP response. + */ + class Response { + body?: any; + headers?: { [key: string]: string; } | undefined; + status?: number | undefined; + + /** + * Instantiates Response using the supplied options. + * + */ + constructor(options?: { [key: string]: any; } | http.ServerResponse); + + /** + * Returns the specified HTTP header field. The match is case-insensitive. + * + */ + get(field: string): any | undefined; + + /** + * Sets the specified HTTP header field. The match is case-insensitive. + * + */ + set(field: string, value: string): void; + + /** + * Redirects to the specified URL using 302 Found. + * + */ + redirect(url: string): void; + } + + abstract class AbstractGrantType { + /** + * Instantiates AbstractGrantType using the supplied options. + * + */ + constructor(options: TokenOptions) + + /** + * Generate access token. Calls Model#generateAccessToken() if implemented. + * + */ + generateAccessToken(client: Client, user: User, scope: string | string[]): Promise; + + /** + * Generate refresh token. Calls Model#generateRefreshToken() if implemented. + * + */ + generateRefreshToken(client: Client, user: User, scope: string | string[]): Promise; + + /** + * Get access token expiration date. + * + */ + getAccessTokenExpiresAt(): Date; + + /** + * Get refresh token expiration date. + * + */ + getRefreshTokenExpiresAt(): Date; + + /** + * Get scope from the request body. + * + */ + getScope(request: Request): string; + + /** + * Validate requested scope. Calls Model#validateScope() if implemented. + * + */ + validateScope(user: User, client: Client, scope: string | string[]): Promise; + + /** + * Retrieve info from the request and client and return token + * + */ + abstract handle(request: Request, client: Client): Promise; + } + + interface ServerOptions extends AuthenticateOptions, AuthorizeOptions, TokenOptions { + /** + * Model object + */ + model: AuthorizationCodeModel | ClientCredentialsModel | RefreshTokenModel | PasswordModel | ExtensionModel; + } + + interface AuthenticateOptions { + /** + * The scope(s) to authenticate. + */ + scope?: string | string[] | undefined; + + /** + * Set the X-Accepted-OAuth-Scopes HTTP header on response objects. + */ + addAcceptedScopesHeader?: boolean | undefined; + + /** + * Set the X-OAuth-Scopes HTTP header on response objects. + */ + addAuthorizedScopesHeader?: boolean | undefined; + + /** + * Allow clients to pass bearer tokens in the query string of a request. + */ + allowBearerTokensInQueryString?: boolean | undefined; + } + + interface AuthorizeOptions { + /** + * The authenticate handler + */ + authenticateHandler?: {} | undefined; + + /** + * Allow clients to specify an empty state + */ + allowEmptyState?: boolean | undefined; + + /** + * Lifetime of generated authorization codes in seconds (default = 5 minutes). + */ + authorizationCodeLifetime?: number | undefined; + } + + interface TokenOptions { + /** + * Lifetime of generated access tokens in seconds (default = 1 hour) + */ + accessTokenLifetime?: number | undefined; + + /** + * Lifetime of generated refresh tokens in seconds (default = 2 weeks) + */ + refreshTokenLifetime?: number | undefined; + + /** + * Allow extended attributes to be set on the returned token + */ + allowExtendedTokenAttributes?: boolean | undefined; + + /** + * Require a client secret. Defaults to true for all grant types. + */ + requireClientAuthentication?: {} | undefined; + + /** + * Always revoke the used refresh token and issue a new one for the refresh_token grant. + */ + alwaysIssueNewRefreshToken?: boolean | undefined; + + /** + * Additional supported grant types. + */ + extendedGrantTypes?: { [key: string]: typeof AbstractGrantType } | undefined; + } + + /** + * Represents a generic callback structure for model callbacks + */ + type Callback = (err?: any, result?: T) => void; + + /** + * For returning falsey parameters in cases of failure + */ + type Falsey = '' | 0 | false | null | undefined; + + interface BaseModel { + /** + * Invoked to generate a new access token. + * + */ + generateAccessToken?(client: Client, user: User, scope: string | string[], callback?: Callback): Promise; + + /** + * Invoked to retrieve a client using a client id or a client id/client secret combination, depending on the grant type. + * + */ + getClient(clientId: string, clientSecret: string, callback?: Callback): Promise; + + /** + * Invoked to save an access token and optionally a refresh token, depending on the grant type. + * + */ + saveToken(token: Token, client: Client, user: User, callback?: Callback): Promise; + } + + interface RequestAuthenticationModel { + /** + * Invoked to retrieve an existing access token previously saved through Model#saveToken(). + * + */ + getAccessToken(accessToken: string, callback?: Callback): Promise; + + /** + * Invoked during request authentication to check if the provided access token was authorized the requested scopes. + * + */ + verifyScope(token: Token, scope: string | string[], callback?: Callback): Promise; + } + + interface AuthorizationCodeModel extends BaseModel, RequestAuthenticationModel { + /** + * Invoked to generate a new refresh token. + * + */ + generateRefreshToken?(client: Client, user: User, scope: string | string[], callback?: Callback): Promise; + + /** + * Invoked to generate a new authorization code. + * + */ + generateAuthorizationCode?(client: Client, user: User, scope: string | string[], callback?: Callback): Promise; + + /** + * Invoked to retrieve an existing authorization code previously saved through Model#saveAuthorizationCode(). + * + */ + getAuthorizationCode(authorizationCode: string, callback?: Callback): Promise; + + /** + * Invoked to save an authorization code. + * + */ + saveAuthorizationCode( + code: Pick, + client: Client, + user: User, + callback?: Callback): Promise; + + /** + * Invoked to revoke an authorization code. + * + */ + revokeAuthorizationCode(code: AuthorizationCode, callback?: Callback): Promise; + + /** + * Invoked to check if the requested scope is valid for a particular client/user combination. + * + */ + validateScope?(user: User, client: Client, scope: string | string[], callback?: Callback): Promise; + } + + interface PasswordModel extends BaseModel, RequestAuthenticationModel { + /** + * Invoked to generate a new refresh token. + * + */ + generateRefreshToken?(client: Client, user: User, scope: string | string[], callback?: Callback): Promise; + + /** + * Invoked to retrieve a user using a username/password combination. + * + */ + getUser(username: string, password: string, callback?: Callback): Promise; + + /** + * Invoked to check if the requested scope is valid for a particular client/user combination. + * + */ + validateScope?(user: User, client: Client, scope: string | string[], callback?: Callback): Promise; + } + + interface RefreshTokenModel extends BaseModel, RequestAuthenticationModel { + /** + * Invoked to generate a new refresh token. + * + */ + generateRefreshToken?(client: Client, user: User, scope: string | string[], callback?: Callback): Promise; + + /** + * Invoked to retrieve an existing refresh token previously saved through Model#saveToken(). + * + */ + getRefreshToken(refreshToken: string, callback?: Callback): Promise; + + /** + * Invoked to revoke a refresh token. + * + */ + revokeToken(token: RefreshToken | Token, callback?: Callback): Promise; + } + + interface ClientCredentialsModel extends BaseModel, RequestAuthenticationModel { + /** + * Invoked to retrieve the user associated with the specified client. + * + */ + getUserFromClient(client: Client, callback?: Callback): Promise; + + /** + * Invoked to check if the requested scope is valid for a particular client/user combination. + * + */ + validateScope?(user: User, client: Client, scope: string | string[], callback?: Callback): Promise; + } + + interface ExtensionModel extends BaseModel, RequestAuthenticationModel {} + + /** + * An interface representing the user. + * A user object is completely transparent to oauth2-server and is simply used as input to model functions. + */ + interface User { + [key: string]: any; + } + + /** + * An interface representing the client and associated data + */ + interface Client { + id: string; + redirectUris?: string | string[] | undefined; + grants: string | string[]; + accessTokenLifetime?: number | undefined; + refreshTokenLifetime?: number | undefined; + [key: string]: any; + } + + /** + * An interface representing the authorization code and associated data. + */ + interface AuthorizationCode { + authorizationCode: string; + expiresAt: Date; + redirectUri: string; + scope?: string | string[] | undefined; + client: Client; + user: User; + [key: string]: any; + } + + /** + * An interface representing the token(s) and associated data. + */ + interface Token { + accessToken: string; + accessTokenExpiresAt?: Date | undefined; + refreshToken?: string | undefined; + refreshTokenExpiresAt?: Date | undefined; + scope?: string | string[] | undefined; + client: Client; + user: User; + [key: string]: any; + } + + /** + * An interface representing the refresh token and associated data. + */ + interface RefreshToken { + refreshToken: string; + refreshTokenExpiresAt?: Date | undefined; + scope?: string | string[] | undefined; + client: Client; + user: User; + [key: string]: any; + } + + class OAuthError extends Error { + constructor(messageOrError: string | Error, properties?: object); + + /** + * The HTTP error code. + */ + code: number; + + /** + * The OAuth error code. + */ + name: string; + + /** + * A human-readable error message. + */ + message: string; + } + + class AccessDeniedError extends OAuthError {} + class InsufficientScopeError extends OAuthError {} + class InvalidArgumentError extends OAuthError {} + class InvalidClientError extends OAuthError {} + class InvalidGrantError extends OAuthError {} + class InvalidRequestError extends OAuthError {} + class InvalidScopeError extends OAuthError {} + class InvalidTokenError extends OAuthError {} + class ServerError extends OAuthError {} + class UnauthorizedClientError extends OAuthError {} + class UnauthorizedRequestError extends OAuthError {} + class UnsupportedGrantTypeError extends OAuthError {} + class UnsupportedResponseTypeError extends OAuthError {} +} + +export = OAuth2Server; diff --git a/lib/errors/access-denied-error.js b/lib/errors/access-denied-error.js index 0f3dc2f..ce5c0af 100644 --- a/lib/errors/access-denied-error.js +++ b/lib/errors/access-denied-error.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var OAuthError = require('./oauth-error'); -var util = require('util'); +const OAuthError = require('./oauth-error'); +const util = require('util'); /** * Constructor. diff --git a/lib/errors/insufficient-scope-error.js b/lib/errors/insufficient-scope-error.js index c522df7..a27ad68 100644 --- a/lib/errors/insufficient-scope-error.js +++ b/lib/errors/insufficient-scope-error.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var OAuthError = require('./oauth-error'); -var util = require('util'); +const OAuthError = require('./oauth-error'); +const util = require('util'); /** * Constructor. diff --git a/lib/errors/invalid-argument-error.js b/lib/errors/invalid-argument-error.js index b667468..1958caa 100644 --- a/lib/errors/invalid-argument-error.js +++ b/lib/errors/invalid-argument-error.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var OAuthError = require('./oauth-error'); -var util = require('util'); +const OAuthError = require('./oauth-error'); +const util = require('util'); /** * Constructor. diff --git a/lib/errors/invalid-client-error.js b/lib/errors/invalid-client-error.js index 31aea2d..1513d57 100644 --- a/lib/errors/invalid-client-error.js +++ b/lib/errors/invalid-client-error.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var OAuthError = require('./oauth-error'); -var util = require('util'); +const OAuthError = require('./oauth-error'); +const util = require('util'); /** * Constructor. diff --git a/lib/errors/invalid-grant-error.js b/lib/errors/invalid-grant-error.js index 810242d..2c6a568 100644 --- a/lib/errors/invalid-grant-error.js +++ b/lib/errors/invalid-grant-error.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var OAuthError = require('./oauth-error'); -var util = require('util'); +const OAuthError = require('./oauth-error'); +const util = require('util'); /** * Constructor. diff --git a/lib/errors/invalid-request-error.js b/lib/errors/invalid-request-error.js index bfb178a..56e997e 100644 --- a/lib/errors/invalid-request-error.js +++ b/lib/errors/invalid-request-error.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var OAuthError = require('./oauth-error'); -var util = require('util'); +const OAuthError = require('./oauth-error'); +const util = require('util'); /** * Constructor. diff --git a/lib/errors/invalid-scope-error.js b/lib/errors/invalid-scope-error.js index bcded24..2f5746d 100644 --- a/lib/errors/invalid-scope-error.js +++ b/lib/errors/invalid-scope-error.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var OAuthError = require('./oauth-error'); -var util = require('util'); +const OAuthError = require('./oauth-error'); +const util = require('util'); /** * Constructor. diff --git a/lib/errors/invalid-token-error.js b/lib/errors/invalid-token-error.js index cb12c3e..e79d926 100644 --- a/lib/errors/invalid-token-error.js +++ b/lib/errors/invalid-token-error.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var OAuthError = require('./oauth-error'); -var util = require('util'); +const OAuthError = require('./oauth-error'); +const util = require('util'); /** * Constructor. diff --git a/lib/errors/oauth-error.js b/lib/errors/oauth-error.js index fc66f75..a96a41f 100644 --- a/lib/errors/oauth-error.js +++ b/lib/errors/oauth-error.js @@ -3,15 +3,15 @@ /** * Module dependencies. */ -var util = require('util'); -var http = require('http'); +const util = require('util'); +const http = require('http'); /** * Constructor. */ function OAuthError(messageOrError, properties) { - var message = messageOrError instanceof Error ? messageOrError.message : messageOrError; - var error = messageOrError instanceof Error ? messageOrError : null; + let message = messageOrError instanceof Error ? messageOrError.message : messageOrError; + const error = messageOrError instanceof Error ? messageOrError : null; if (properties == null || !Object.entries(properties).length ) { properties = {}; } @@ -26,7 +26,7 @@ function OAuthError(messageOrError, properties) { } this.code = this.status = this.statusCode = properties.code; this.message = message; - for (var key in properties) { + for (const key in properties) { if (key !== 'code') { this[key] = properties[key]; } diff --git a/lib/errors/server-error.js b/lib/errors/server-error.js index a1bdcf9..aee958b 100644 --- a/lib/errors/server-error.js +++ b/lib/errors/server-error.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var OAuthError = require('./oauth-error'); -var util = require('util'); +const OAuthError = require('./oauth-error'); +const util = require('util'); /** * Constructor. diff --git a/lib/errors/unauthorized-client-error.js b/lib/errors/unauthorized-client-error.js index eca0d68..fde3cb5 100644 --- a/lib/errors/unauthorized-client-error.js +++ b/lib/errors/unauthorized-client-error.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var OAuthError = require('./oauth-error'); -var util = require('util'); +const OAuthError = require('./oauth-error'); +const util = require('util'); /** * Constructor. diff --git a/lib/errors/unauthorized-request-error.js b/lib/errors/unauthorized-request-error.js index afb11b8..e960489 100644 --- a/lib/errors/unauthorized-request-error.js +++ b/lib/errors/unauthorized-request-error.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var OAuthError = require('./oauth-error'); -var util = require('util'); +const OAuthError = require('./oauth-error'); +const util = require('util'); /** * Constructor. diff --git a/lib/errors/unsupported-grant-type-error.js b/lib/errors/unsupported-grant-type-error.js index 63345ce..586a743 100644 --- a/lib/errors/unsupported-grant-type-error.js +++ b/lib/errors/unsupported-grant-type-error.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var OAuthError = require('./oauth-error'); -var util = require('util'); +const OAuthError = require('./oauth-error'); +const util = require('util'); /** * Constructor. diff --git a/lib/errors/unsupported-response-type-error.js b/lib/errors/unsupported-response-type-error.js index 861ac34..539551e 100644 --- a/lib/errors/unsupported-response-type-error.js +++ b/lib/errors/unsupported-response-type-error.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var OAuthError = require('./oauth-error'); -var util = require('util'); +const OAuthError = require('./oauth-error'); +const util = require('util'); /** * Constructor. diff --git a/lib/grant-types/abstract-grant-type.js b/lib/grant-types/abstract-grant-type.js index 224a473..4f73e55 100644 --- a/lib/grant-types/abstract-grant-type.js +++ b/lib/grant-types/abstract-grant-type.js @@ -4,12 +4,12 @@ * Module dependencies. */ -var InvalidArgumentError = require('../errors/invalid-argument-error'); -var InvalidScopeError = require('../errors/invalid-scope-error'); -var Promise = require('bluebird'); -var promisify = require('promisify-any').use(Promise); -var is = require('../validator/is'); -var tokenUtil = require('../utils/token-util'); +const InvalidArgumentError = require('../errors/invalid-argument-error'); +const InvalidScopeError = require('../errors/invalid-scope-error'); +const Promise = require('bluebird'); +const promisify = require('promisify-any').use(Promise); +const is = require('../validator/is'); +const tokenUtil = require('../utils/token-util'); /** * Constructor. diff --git a/lib/grant-types/authorization-code-grant-type.js b/lib/grant-types/authorization-code-grant-type.js index 97c1267..8f21aef 100644 --- a/lib/grant-types/authorization-code-grant-type.js +++ b/lib/grant-types/authorization-code-grant-type.js @@ -4,15 +4,15 @@ * Module dependencies. */ -var AbstractGrantType = require('./abstract-grant-type'); -var InvalidArgumentError = require('../errors/invalid-argument-error'); -var InvalidGrantError = require('../errors/invalid-grant-error'); -var InvalidRequestError = require('../errors/invalid-request-error'); -var Promise = require('bluebird'); -var promisify = require('promisify-any').use(Promise); -var ServerError = require('../errors/server-error'); -var is = require('../validator/is'); -var util = require('util'); +const AbstractGrantType = require('./abstract-grant-type'); +const InvalidArgumentError = require('../errors/invalid-argument-error'); +const InvalidGrantError = require('../errors/invalid-grant-error'); +const InvalidRequestError = require('../errors/invalid-request-error'); +const Promise = require('bluebird'); +const promisify = require('promisify-any').use(Promise); +const ServerError = require('../errors/server-error'); +const is = require('../validator/is'); +const util = require('util'); /** * Constructor. @@ -138,7 +138,7 @@ AuthorizationCodeGrantType.prototype.validateRedirectUri = function(request, cod return; } - var redirectUri = request.body.redirect_uri || request.query.redirect_uri; + const redirectUri = request.body.redirect_uri || request.query.redirect_uri; if (!is.uri(redirectUri)) { throw new InvalidRequestError('Invalid request: `redirect_uri` is not a valid URI'); @@ -175,7 +175,7 @@ AuthorizationCodeGrantType.prototype.revokeAuthorizationCode = function(code) { */ AuthorizationCodeGrantType.prototype.saveToken = function(user, client, authorizationCode, scope) { - var fns = [ + const fns = [ this.validateScope(user, client, scope), this.generateAccessToken(client, user, scope), this.generateRefreshToken(client, user, scope), @@ -186,7 +186,7 @@ AuthorizationCodeGrantType.prototype.saveToken = function(user, client, authoriz return Promise.all(fns) .bind(this) .spread(function(scope, accessToken, refreshToken, accessTokenExpiresAt, refreshTokenExpiresAt) { - var token = { + const token = { accessToken: accessToken, authorizationCode: authorizationCode, accessTokenExpiresAt: accessTokenExpiresAt, diff --git a/lib/grant-types/client-credentials-grant-type.js b/lib/grant-types/client-credentials-grant-type.js index 138333e..d0af0fe 100644 --- a/lib/grant-types/client-credentials-grant-type.js +++ b/lib/grant-types/client-credentials-grant-type.js @@ -4,12 +4,12 @@ * Module dependencies. */ -var AbstractGrantType = require('./abstract-grant-type'); -var InvalidArgumentError = require('../errors/invalid-argument-error'); -var InvalidGrantError = require('../errors/invalid-grant-error'); -var Promise = require('bluebird'); -var promisify = require('promisify-any').use(Promise); -var util = require('util'); +const AbstractGrantType = require('./abstract-grant-type'); +const InvalidArgumentError = require('../errors/invalid-argument-error'); +const InvalidGrantError = require('../errors/invalid-grant-error'); +const Promise = require('bluebird'); +const promisify = require('promisify-any').use(Promise); +const util = require('util'); /** * Constructor. @@ -54,7 +54,7 @@ ClientCredentialsGrantType.prototype.handle = function(request, client) { throw new InvalidArgumentError('Missing parameter: `client`'); } - var scope = this.getScope(request); + const scope = this.getScope(request); return Promise.bind(this) .then(function() { @@ -85,7 +85,7 @@ ClientCredentialsGrantType.prototype.getUserFromClient = function(client) { */ ClientCredentialsGrantType.prototype.saveToken = function(user, client, scope) { - var fns = [ + const fns = [ this.validateScope(user, client, scope), this.generateAccessToken(client, user, scope), this.getAccessTokenExpiresAt(client, user, scope) @@ -94,7 +94,7 @@ ClientCredentialsGrantType.prototype.saveToken = function(user, client, scope) { return Promise.all(fns) .bind(this) .spread(function(scope, accessToken, accessTokenExpiresAt) { - var token = { + const token = { accessToken: accessToken, accessTokenExpiresAt: accessTokenExpiresAt, scope: scope diff --git a/lib/grant-types/password-grant-type.js b/lib/grant-types/password-grant-type.js index b7f1793..70a7c1b 100644 --- a/lib/grant-types/password-grant-type.js +++ b/lib/grant-types/password-grant-type.js @@ -4,14 +4,14 @@ * Module dependencies. */ -var AbstractGrantType = require('./abstract-grant-type'); -var InvalidArgumentError = require('../errors/invalid-argument-error'); -var InvalidGrantError = require('../errors/invalid-grant-error'); -var InvalidRequestError = require('../errors/invalid-request-error'); -var Promise = require('bluebird'); -var promisify = require('promisify-any').use(Promise); -var is = require('../validator/is'); -var util = require('util'); +const AbstractGrantType = require('./abstract-grant-type'); +const InvalidArgumentError = require('../errors/invalid-argument-error'); +const InvalidGrantError = require('../errors/invalid-grant-error'); +const InvalidRequestError = require('../errors/invalid-request-error'); +const Promise = require('bluebird'); +const promisify = require('promisify-any').use(Promise); +const is = require('../validator/is'); +const util = require('util'); /** * Constructor. @@ -56,7 +56,7 @@ PasswordGrantType.prototype.handle = function(request, client) { throw new InvalidArgumentError('Missing parameter: `client`'); } - var scope = this.getScope(request); + const scope = this.getScope(request); return Promise.bind(this) .then(function() { @@ -103,7 +103,7 @@ PasswordGrantType.prototype.getUser = function(request) { */ PasswordGrantType.prototype.saveToken = function(user, client, scope) { - var fns = [ + const fns = [ this.validateScope(user, client, scope), this.generateAccessToken(client, user, scope), this.generateRefreshToken(client, user, scope), @@ -114,7 +114,7 @@ PasswordGrantType.prototype.saveToken = function(user, client, scope) { return Promise.all(fns) .bind(this) .spread(function(scope, accessToken, refreshToken, accessTokenExpiresAt, refreshTokenExpiresAt) { - var token = { + const token = { accessToken: accessToken, accessTokenExpiresAt: accessTokenExpiresAt, refreshToken: refreshToken, diff --git a/lib/grant-types/refresh-token-grant-type.js b/lib/grant-types/refresh-token-grant-type.js index 19f9010..3eac92b 100644 --- a/lib/grant-types/refresh-token-grant-type.js +++ b/lib/grant-types/refresh-token-grant-type.js @@ -4,15 +4,15 @@ * Module dependencies. */ -var AbstractGrantType = require('./abstract-grant-type'); -var InvalidArgumentError = require('../errors/invalid-argument-error'); -var InvalidGrantError = require('../errors/invalid-grant-error'); -var InvalidRequestError = require('../errors/invalid-request-error'); -var Promise = require('bluebird'); -var promisify = require('promisify-any').use(Promise); -var ServerError = require('../errors/server-error'); -var is = require('../validator/is'); -var util = require('util'); +const AbstractGrantType = require('./abstract-grant-type'); +const InvalidArgumentError = require('../errors/invalid-argument-error'); +const InvalidGrantError = require('../errors/invalid-grant-error'); +const InvalidRequestError = require('../errors/invalid-request-error'); +const Promise = require('bluebird'); +const promisify = require('promisify-any').use(Promise); +const ServerError = require('../errors/server-error'); +const is = require('../validator/is'); +const util = require('util'); /** * Constructor. @@ -142,7 +142,7 @@ RefreshTokenGrantType.prototype.revokeToken = function(token) { */ RefreshTokenGrantType.prototype.saveToken = function(user, client, scope) { - var fns = [ + const fns = [ this.generateAccessToken(client, user, scope), this.generateRefreshToken(client, user, scope), this.getAccessTokenExpiresAt(), @@ -152,7 +152,7 @@ RefreshTokenGrantType.prototype.saveToken = function(user, client, scope) { return Promise.all(fns) .bind(this) .spread(function(accessToken, refreshToken, accessTokenExpiresAt, refreshTokenExpiresAt) { - var token = { + const token = { accessToken: accessToken, accessTokenExpiresAt: accessTokenExpiresAt, scope: scope diff --git a/lib/handlers/authenticate-handler.js b/lib/handlers/authenticate-handler.js index dc9117b..b02b123 100644 --- a/lib/handlers/authenticate-handler.js +++ b/lib/handlers/authenticate-handler.js @@ -4,17 +4,17 @@ * Module dependencies. */ -var InvalidArgumentError = require('../errors/invalid-argument-error'); -var InvalidRequestError = require('../errors/invalid-request-error'); -var InsufficientScopeError = require('../errors/insufficient-scope-error'); -var InvalidTokenError = require('../errors/invalid-token-error'); -var OAuthError = require('../errors/oauth-error'); -var Promise = require('bluebird'); -var promisify = require('promisify-any').use(Promise); -var Request = require('../request'); -var Response = require('../response'); -var ServerError = require('../errors/server-error'); -var UnauthorizedRequestError = require('../errors/unauthorized-request-error'); +const InvalidArgumentError = require('../errors/invalid-argument-error'); +const InvalidRequestError = require('../errors/invalid-request-error'); +const InsufficientScopeError = require('../errors/insufficient-scope-error'); +const InvalidTokenError = require('../errors/invalid-token-error'); +const OAuthError = require('../errors/oauth-error'); +const Promise = require('bluebird'); +const promisify = require('promisify-any').use(Promise); +const Request = require('../request'); +const Response = require('../response'); +const ServerError = require('../errors/server-error'); +const UnauthorizedRequestError = require('../errors/unauthorized-request-error'); /** * Constructor. @@ -109,9 +109,9 @@ AuthenticateHandler.prototype.handle = function(request, response) { */ AuthenticateHandler.prototype.getTokenFromRequest = function(request) { - var headerToken = request.get('Authorization'); - var queryToken = request.query.access_token; - var bodyToken = request.body.access_token; + const headerToken = request.get('Authorization'); + const queryToken = request.query.access_token; + const bodyToken = request.body.access_token; if (!!headerToken + !!queryToken + !!bodyToken > 1) { throw new InvalidRequestError('Invalid request: only one authentication method is allowed'); @@ -139,8 +139,8 @@ AuthenticateHandler.prototype.getTokenFromRequest = function(request) { */ AuthenticateHandler.prototype.getTokenFromRequestHeader = function(request) { - var token = request.get('Authorization'); - var matches = token.match(/Bearer\s(\S+)/); + const token = request.get('Authorization'); + const matches = token.match(/Bearer\s(\S+)/); if (!matches) { throw new InvalidRequestError('Invalid request: malformed authorization header'); diff --git a/lib/handlers/authorize-handler.js b/lib/handlers/authorize-handler.js index 7cd89a1..e825012 100644 --- a/lib/handlers/authorize-handler.js +++ b/lib/handlers/authorize-handler.js @@ -4,29 +4,29 @@ * Module dependencies. */ -var AccessDeniedError = require('../errors/access-denied-error'); -var AuthenticateHandler = require('../handlers/authenticate-handler'); -var InvalidArgumentError = require('../errors/invalid-argument-error'); -var InvalidClientError = require('../errors/invalid-client-error'); -var InvalidRequestError = require('../errors/invalid-request-error'); -var InvalidScopeError = require('../errors/invalid-scope-error'); -var UnsupportedResponseTypeError = require('../errors/unsupported-response-type-error'); -var OAuthError = require('../errors/oauth-error'); -var Promise = require('bluebird'); -var promisify = require('promisify-any').use(Promise); -var Request = require('../request'); -var Response = require('../response'); -var ServerError = require('../errors/server-error'); -var UnauthorizedClientError = require('../errors/unauthorized-client-error'); -var is = require('../validator/is'); -var tokenUtil = require('../utils/token-util'); -var url = require('url'); +const AccessDeniedError = require('../errors/access-denied-error'); +const AuthenticateHandler = require('../handlers/authenticate-handler'); +const InvalidArgumentError = require('../errors/invalid-argument-error'); +const InvalidClientError = require('../errors/invalid-client-error'); +const InvalidRequestError = require('../errors/invalid-request-error'); +const InvalidScopeError = require('../errors/invalid-scope-error'); +const UnsupportedResponseTypeError = require('../errors/unsupported-response-type-error'); +const OAuthError = require('../errors/oauth-error'); +const Promise = require('bluebird'); +const promisify = require('promisify-any').use(Promise); +const Request = require('../request'); +const Response = require('../response'); +const ServerError = require('../errors/server-error'); +const UnauthorizedClientError = require('../errors/unauthorized-client-error'); +const is = require('../validator/is'); +const tokenUtil = require('../utils/token-util'); +const url = require('url'); /** * Response types. */ -var responseTypes = { +const responseTypes = { code: require('../response-types/code-response-type'), //token: require('../response-types/token-response-type') }; @@ -81,7 +81,7 @@ AuthorizeHandler.prototype.handle = function(request, response) { return Promise.reject(new AccessDeniedError('Access denied: user denied access to application')); } - var fns = [ + const fns = [ this.getAuthorizationCodeLifetime(), this.getClient(request), this.getUser(request, response) @@ -90,14 +90,14 @@ AuthorizeHandler.prototype.handle = function(request, response) { return Promise.all(fns) .bind(this) .spread(function(expiresAt, client, user) { - var uri = this.getRedirectUri(request, client); - var scope; - var state; - var ResponseType; + const uri = this.getRedirectUri(request, client); + let scope; + let state; + let ResponseType; return Promise.bind(this) .then(function() { - var requestedScope = this.getScope(request); + const requestedScope = this.getScope(request); return this.validateScope(user, client, requestedScope); }) @@ -113,8 +113,8 @@ AuthorizeHandler.prototype.handle = function(request, response) { return this.saveAuthorizationCode(authorizationCode, expiresAt, scope, client, uri, user); }) .then(function(code) { - var responseType = new ResponseType(code.authorizationCode); - var redirectUri = this.buildSuccessRedirectUri(uri, responseType); + const responseType = new ResponseType(code.authorizationCode); + const redirectUri = this.buildSuccessRedirectUri(uri, responseType); this.updateResponse(response, redirectUri, state); @@ -124,7 +124,7 @@ AuthorizeHandler.prototype.handle = function(request, response) { if (!(e instanceof OAuthError)) { e = new ServerError(e); } - var redirectUri = this.buildErrorRedirectUri(uri, e); + const redirectUri = this.buildErrorRedirectUri(uri, e); this.updateResponse(response, redirectUri, state); @@ -149,7 +149,7 @@ AuthorizeHandler.prototype.generateAuthorizationCode = function(client, user, sc */ AuthorizeHandler.prototype.getAuthorizationCodeLifetime = function() { - var expires = new Date(); + const expires = new Date(); expires.setSeconds(expires.getSeconds() + this.authorizationCodeLifetime); return expires; @@ -160,7 +160,7 @@ AuthorizeHandler.prototype.getAuthorizationCodeLifetime = function() { */ AuthorizeHandler.prototype.getClient = function(request) { - var clientId = request.body.client_id || request.query.client_id; + const clientId = request.body.client_id || request.query.client_id; if (!clientId) { throw new InvalidRequestError('Missing parameter: `client_id`'); @@ -170,7 +170,7 @@ AuthorizeHandler.prototype.getClient = function(request) { throw new InvalidRequestError('Invalid parameter: `client_id`'); } - var redirectUri = request.body.redirect_uri || request.query.redirect_uri; + const redirectUri = request.body.redirect_uri || request.query.redirect_uri; if (redirectUri && !is.uri(redirectUri)) { throw new InvalidRequestError('Invalid request: `redirect_uri` is not a valid URI'); @@ -223,7 +223,7 @@ AuthorizeHandler.prototype.validateScope = function(user, client, scope) { */ AuthorizeHandler.prototype.getScope = function(request) { - var scope = request.body.scope || request.query.scope; + const scope = request.body.scope || request.query.scope; if (!is.nqschar(scope)) { throw new InvalidScopeError('Invalid parameter: `scope`'); @@ -237,7 +237,7 @@ AuthorizeHandler.prototype.getScope = function(request) { */ AuthorizeHandler.prototype.getState = function(request) { - var state = request.body.state || request.query.state; + const state = request.body.state || request.query.state; if (!this.allowEmptyState && !state) { throw new InvalidRequestError('Missing parameter: `state`'); @@ -280,7 +280,7 @@ AuthorizeHandler.prototype.getRedirectUri = function(request, client) { */ AuthorizeHandler.prototype.saveAuthorizationCode = function(authorizationCode, expiresAt, scope, client, redirectUri, user) { - var code = { + const code = { authorizationCode: authorizationCode, expiresAt: expiresAt, redirectUri: redirectUri, @@ -294,7 +294,7 @@ AuthorizeHandler.prototype.saveAuthorizationCode = function(authorizationCode, e */ AuthorizeHandler.prototype.getResponseType = function(request) { - var responseType = request.body.response_type || request.query.response_type; + const responseType = request.body.response_type || request.query.response_type; if (!responseType) { throw new InvalidRequestError('Missing parameter: `response_type`'); @@ -320,7 +320,7 @@ AuthorizeHandler.prototype.buildSuccessRedirectUri = function(redirectUri, respo */ AuthorizeHandler.prototype.buildErrorRedirectUri = function(redirectUri, error) { - var uri = url.parse(redirectUri); + const uri = url.parse(redirectUri); uri.query = { error: error.name diff --git a/lib/handlers/token-handler.js b/lib/handlers/token-handler.js index 895ce2e..8195969 100644 --- a/lib/handlers/token-handler.js +++ b/lib/handlers/token-handler.js @@ -4,27 +4,27 @@ * Module dependencies. */ -var BearerTokenType = require('../token-types/bearer-token-type'); -var InvalidArgumentError = require('../errors/invalid-argument-error'); -var InvalidClientError = require('../errors/invalid-client-error'); -var InvalidRequestError = require('../errors/invalid-request-error'); -var OAuthError = require('../errors/oauth-error'); -var Promise = require('bluebird'); -var promisify = require('promisify-any').use(Promise); -var Request = require('../request'); -var Response = require('../response'); -var ServerError = require('../errors/server-error'); -var TokenModel = require('../models/token-model'); -var UnauthorizedClientError = require('../errors/unauthorized-client-error'); -var UnsupportedGrantTypeError = require('../errors/unsupported-grant-type-error'); -var auth = require('basic-auth'); -var is = require('../validator/is'); +const BearerTokenType = require('../token-types/bearer-token-type'); +const InvalidArgumentError = require('../errors/invalid-argument-error'); +const InvalidClientError = require('../errors/invalid-client-error'); +const InvalidRequestError = require('../errors/invalid-request-error'); +const OAuthError = require('../errors/oauth-error'); +const Promise = require('bluebird'); +const promisify = require('promisify-any').use(Promise); +const Request = require('../request'); +const Response = require('../response'); +const ServerError = require('../errors/server-error'); +const TokenModel = require('../models/token-model'); +const UnauthorizedClientError = require('../errors/unauthorized-client-error'); +const UnsupportedGrantTypeError = require('../errors/unsupported-grant-type-error'); +const auth = require('basic-auth'); +const is = require('../validator/is'); /** * Grant types. */ -var grantTypes = { +const grantTypes = { authorization_code: require('../grant-types/authorization-code-grant-type'), client_credentials: require('../grant-types/client-credentials-grant-type'), password: require('../grant-types/password-grant-type'), @@ -92,8 +92,8 @@ TokenHandler.prototype.handle = function(request, response) { return this.handleGrantType(request, client); }) .tap(function(data) { - var model = new TokenModel(data, {allowExtendedTokenAttributes: this.allowExtendedTokenAttributes}); - var tokenType = this.getTokenType(model); + const model = new TokenModel(data, {allowExtendedTokenAttributes: this.allowExtendedTokenAttributes}); + const tokenType = this.getTokenType(model); this.updateSuccessResponse(response, tokenType); }).catch(function(e) { @@ -112,8 +112,8 @@ TokenHandler.prototype.handle = function(request, response) { */ TokenHandler.prototype.getClient = function(request, response) { - var credentials = this.getClientCredentials(request); - var grantType = request.body.grant_type; + const credentials = this.getClientCredentials(request); + const grantType = request.body.grant_type; if (!credentials.clientId) { throw new InvalidRequestError('Missing parameter: `client_id`'); @@ -172,8 +172,8 @@ TokenHandler.prototype.getClient = function(request, response) { */ TokenHandler.prototype.getClientCredentials = function(request) { - var credentials = auth(request); - var grantType = request.body.grant_type; + const credentials = auth(request); + const grantType = request.body.grant_type; if (credentials) { return { clientId: credentials.name, clientSecret: credentials.pass }; @@ -197,7 +197,7 @@ TokenHandler.prototype.getClientCredentials = function(request) { */ TokenHandler.prototype.handleGrantType = function(request, client) { - var grantType = request.body.grant_type; + const grantType = request.body.grant_type; if (!grantType) { throw new InvalidRequestError('Missing parameter: `grant_type`'); @@ -215,11 +215,11 @@ TokenHandler.prototype.handleGrantType = function(request, client) { throw new UnauthorizedClientError('Unauthorized client: `grant_type` is invalid'); } - var accessTokenLifetime = this.getAccessTokenLifetime(client); - var refreshTokenLifetime = this.getRefreshTokenLifetime(client); - var Type = this.grantTypes[grantType]; + const accessTokenLifetime = this.getAccessTokenLifetime(client); + const refreshTokenLifetime = this.getRefreshTokenLifetime(client); + const Type = this.grantTypes[grantType]; - var options = { + const options = { accessTokenLifetime: accessTokenLifetime, model: this.model, refreshTokenLifetime: refreshTokenLifetime, diff --git a/lib/models/token-model.js b/lib/models/token-model.js index 37bb133..473c7ac 100644 --- a/lib/models/token-model.js +++ b/lib/models/token-model.js @@ -4,13 +4,13 @@ * Module dependencies. */ -var InvalidArgumentError = require('../errors/invalid-argument-error'); +const InvalidArgumentError = require('../errors/invalid-argument-error'); /** * Constructor. */ -var modelAttributes = ['accessToken', 'accessTokenExpiresAt', 'refreshToken', 'refreshTokenExpiresAt', 'scope', 'client', 'user']; +const modelAttributes = ['accessToken', 'accessTokenExpiresAt', 'refreshToken', 'refreshTokenExpiresAt', 'scope', 'client', 'user']; function TokenModel(data, options) { data = data || {}; @@ -46,7 +46,7 @@ function TokenModel(data, options) { if (options && options.allowExtendedTokenAttributes) { this.customAttributes = {}; - for (var key in data) { + for (const key in data) { if ( Object.prototype.hasOwnProperty.call(data, key) && (modelAttributes.indexOf(key) < 0)) { this.customAttributes[key] = data[key]; } diff --git a/lib/request.js b/lib/request.js index 00b8795..560b29b 100644 --- a/lib/request.js +++ b/lib/request.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var InvalidArgumentError = require('./errors/invalid-argument-error'); -var typeis = require('type-is'); +const InvalidArgumentError = require('./errors/invalid-argument-error'); +const typeis = require('type-is'); /** * Constructor. @@ -32,14 +32,14 @@ function Request(options) { this.query = options.query; // Store the headers in lower case. - for (var field in options.headers) { + for (const field in options.headers) { if (Object.prototype.hasOwnProperty.call(options.headers, field)) { this.headers[field.toLowerCase()] = options.headers[field]; } } // Store additional properties of the request object passed in - for (var property in options) { + for (const property in options) { if (Object.prototype.hasOwnProperty.call(options, property) && !this[property]) { this[property] = options[property]; } diff --git a/lib/response-types/code-response-type.js b/lib/response-types/code-response-type.js index 6eaf23a..8252248 100644 --- a/lib/response-types/code-response-type.js +++ b/lib/response-types/code-response-type.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var InvalidArgumentError = require('../errors/invalid-argument-error'); -var url = require('url'); +const InvalidArgumentError = require('../errors/invalid-argument-error'); +const url = require('url'); /** * Constructor. @@ -28,7 +28,7 @@ CodeResponseType.prototype.buildRedirectUri = function(redirectUri) { throw new InvalidArgumentError('Missing parameter: `redirectUri`'); } - var uri = url.parse(redirectUri, true); + const uri = url.parse(redirectUri, true); uri.query.code = this.code; uri.search = null; diff --git a/lib/response-types/token-response-type.js b/lib/response-types/token-response-type.js index 2637f64..29c32e7 100644 --- a/lib/response-types/token-response-type.js +++ b/lib/response-types/token-response-type.js @@ -4,7 +4,7 @@ * Module dependencies. */ -var ServerError = require('../errors/server-error'); +const ServerError = require('../errors/server-error'); /** * Constructor. diff --git a/lib/response.js b/lib/response.js index 76fe854..29a2c51 100644 --- a/lib/response.js +++ b/lib/response.js @@ -12,14 +12,14 @@ function Response(options) { this.status = 200; // Store the headers in lower case. - for (var field in options.headers) { + for (const field in options.headers) { if (Object.prototype.hasOwnProperty.call(options.headers, field)) { this.headers[field.toLowerCase()] = options.headers[field]; } } // Store additional properties of the response object passed in - for (var property in options) { + for (const property in options) { if (Object.prototype.hasOwnProperty.call(options, property) && !this[property]) { this[property] = options[property]; } diff --git a/lib/server.js b/lib/server.js index a588f80..53bbd2a 100644 --- a/lib/server.js +++ b/lib/server.js @@ -4,10 +4,10 @@ * Module dependencies. */ -var AuthenticateHandler = require('./handlers/authenticate-handler'); -var AuthorizeHandler = require('./handlers/authorize-handler'); -var InvalidArgumentError = require('./errors/invalid-argument-error'); -var TokenHandler = require('./handlers/token-handler'); +const AuthenticateHandler = require('./handlers/authenticate-handler'); +const AuthorizeHandler = require('./handlers/authorize-handler'); +const InvalidArgumentError = require('./errors/invalid-argument-error'); +const TokenHandler = require('./handlers/token-handler'); /** * Constructor. diff --git a/lib/token-types/bearer-token-type.js b/lib/token-types/bearer-token-type.js index 9440849..0bf526d 100644 --- a/lib/token-types/bearer-token-type.js +++ b/lib/token-types/bearer-token-type.js @@ -4,7 +4,7 @@ * Module dependencies. */ -var InvalidArgumentError = require('../errors/invalid-argument-error'); +const InvalidArgumentError = require('../errors/invalid-argument-error'); /** * Constructor. @@ -30,7 +30,7 @@ function BearerTokenType(accessToken, accessTokenLifetime, refreshToken, scope, */ BearerTokenType.prototype.valueOf = function() { - var object = { + const object = { access_token: this.accessToken, token_type: 'Bearer' }; @@ -47,7 +47,7 @@ BearerTokenType.prototype.valueOf = function() { object.scope = this.scope; } - for (var key in this.customAttributes) { + for (const key in this.customAttributes) { if ( Object.prototype.hasOwnProperty.call(this.customAttributes, key) ) { object[key] = this.customAttributes[key]; } diff --git a/lib/token-types/mac-token-type.js b/lib/token-types/mac-token-type.js index 9fdc600..a5dd240 100644 --- a/lib/token-types/mac-token-type.js +++ b/lib/token-types/mac-token-type.js @@ -4,7 +4,7 @@ * Module dependencies. */ -var ServerError = require('../errors/server-error'); +const ServerError = require('../errors/server-error'); /** * Constructor. diff --git a/lib/utils/token-util.js b/lib/utils/token-util.js index 96d05c0..a66e252 100644 --- a/lib/utils/token-util.js +++ b/lib/utils/token-util.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var crypto = require('crypto'); -var randomBytes = require('bluebird').promisify(require('crypto').randomBytes); +const crypto = require('crypto'); +const randomBytes = require('bluebird').promisify(require('crypto').randomBytes); /** * Export `TokenUtil`. diff --git a/lib/validator/is.js b/lib/validator/is.js index a240e93..4bb58c5 100644 --- a/lib/validator/is.js +++ b/lib/validator/is.js @@ -5,7 +5,7 @@ * Validation rules. */ -var rules = { +const rules = { NCHAR: /^[\u002D\u002E\u005F\w]+$/, NQCHAR: /^[\u0021\u0023-\u005B\u005D-\u007E]+$/, NQSCHAR: /^[\u0020-\u0021\u0023-\u005B\u005D-\u007E]+$/, diff --git a/package-lock.json b/package-lock.json index 3f800f9..d9ecbca 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "@node-oauth/oauth2-server", - "version": "4.1.0", + "version": "4.1.1", "lockfileVersion": 1, "requires": true, "dependencies": { @@ -304,9 +304,9 @@ } }, "@eslint/eslintrc": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-1.0.2.tgz", - "integrity": "sha512-x1ZXdEFsvTcnbTZgqcWUL9w2ybgZCw/qbKTPQnab+XnYA2bMQpJCh+/bBzCRfDJaJdlrrQlOk49jNtru9gL/6Q==", + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-1.0.4.tgz", + "integrity": "sha512-h8Vx6MdxwWI2WM8/zREHMoqdgLNXEL4QX3MWSVMdyNJGvXVOs+6lp+m2hc3FnuMHDc4poxFNI20vCk0OmI4G0Q==", "dev": true, "requires": { "ajv": "^6.12.4", @@ -315,60 +315,20 @@ "globals": "^13.9.0", "ignore": "^4.0.6", "import-fresh": "^3.2.1", - "js-yaml": "^3.13.1", + "js-yaml": "^4.1.0", "minimatch": "^3.0.4", "strip-json-comments": "^3.1.1" }, "dependencies": { - "argparse": { - "version": "1.0.10", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", - "integrity": "sha512-o5Roy6tNG4SL/FOkCAN6RzjiakZS25RLYFrcMttJqbdd8BWrnA+fGz57iN5Pb06pvBGvl5gQ0B48dJlslXvoTg==", - "dev": true, - "requires": { - "sprintf-js": "~1.0.2" - } - }, - "debug": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.2.tgz", - "integrity": "sha512-mOp8wKcvj7XxC78zLgw/ZA+6TSgkoE2C/ienthhRD298T7UNwAg9diBpLRxC0mOezLl4B0xV7M0cCO6P/O0Xhw==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, "globals": { - "version": "13.11.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-13.11.0.tgz", - "integrity": "sha512-08/xrJ7wQjK9kkkRoI3OFUBbLx4f+6x3SGwcPvQ0QH6goFDrOU2oyAWrmh3dJezu65buo+HBMzAMQy6rovVC3g==", + "version": "13.12.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-13.12.0.tgz", + "integrity": "sha512-uS8X6lSKN2JumVoXrbUz+uG4BYG+eiawqm3qFcT7ammfbUHeCBoJMlHcec/S3krSk73/AE/f0szYFmgAA3kYZg==", "dev": true, "requires": { "type-fest": "^0.20.2" } }, - "js-yaml": { - "version": "3.14.1", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.1.tgz", - "integrity": "sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==", - "dev": true, - "requires": { - "argparse": "^1.0.7", - "esprima": "^4.0.0" - } - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, "type-fest": { "version": "0.20.2", "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", @@ -386,29 +346,12 @@ "@humanwhocodes/object-schema": "^1.2.0", "debug": "^4.1.1", "minimatch": "^3.0.4" - }, - "dependencies": { - "debug": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.2.tgz", - "integrity": "sha512-mOp8wKcvj7XxC78zLgw/ZA+6TSgkoE2C/ienthhRD298T7UNwAg9diBpLRxC0mOezLl4B0xV7M0cCO6P/O0Xhw==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - } } }, "@humanwhocodes/object-schema": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.0.tgz", - "integrity": "sha512-wdppn25U8z/2yiaT6YGquE6X8sSv7hNMWSXYSSU1jGv/yd6XqjXgTDJ8KP4NgjTXfJ3GbRjeeb8RTV7a/VpM+w==", + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.1.tgz", + "integrity": "sha512-ZnQMnLV4e7hDlUvw8H+U8ASL02SS2Gn6+9Ac3wGGLIe7+je2AeAOxPY+izIPJDfFDb7eDjev0Us8MO1iFRN8hA==", "dev": true }, "@istanbuljs/load-nyc-config": { @@ -504,9 +447,9 @@ } }, "@sinonjs/fake-timers": { - "version": "7.1.2", - "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-7.1.2.tgz", - "integrity": "sha512-iQADsW4LBMISqZ6Ci1dupJL9pprqwcVFTcOsEmQOEhW+KLCVn/Y4Jrvg2k19fIHCp+iFprriYPTdRcQR8NbUPg==", + "version": "8.1.0", + "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-8.1.0.tgz", + "integrity": "sha512-OAPJUAtgeINhh/TAlUID4QTs53Njm7xzddaVlEs/SXwgtiD1tW22zAB/W1wdqfrpmikgaWQ9Fw6Ws+hsiRm5Vg==", "dev": true, "requires": { "@sinonjs/commons": "^1.7.0" @@ -975,12 +918,12 @@ "dev": true }, "eslint": { - "version": "8.0.0", - "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.0.0.tgz", - "integrity": "sha512-03spzPzMAO4pElm44m60Nj08nYonPGQXmw6Ceai/S4QK82IgwWO1EXx1s9namKzVlbVu3Jf81hb+N+8+v21/HQ==", + "version": "8.2.0", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.2.0.tgz", + "integrity": "sha512-erw7XmM+CLxTOickrimJ1SiF55jiNlVSp2qqm0NuBWPtHYQCegD5ZMaW0c3i5ytPqL+SSLaCxdvQXFPLJn+ABw==", "dev": true, "requires": { - "@eslint/eslintrc": "^1.0.2", + "@eslint/eslintrc": "^1.0.4", "@humanwhocodes/config-array": "^0.6.0", "ajv": "^6.10.0", "chalk": "^4.0.0", @@ -1014,97 +957,21 @@ "progress": "^2.0.0", "regexpp": "^3.2.0", "semver": "^7.2.1", - "strip-ansi": "^6.0.0", + "strip-ansi": "^6.0.1", "strip-json-comments": "^3.1.0", "text-table": "^0.2.0", "v8-compile-cache": "^2.0.3" }, "dependencies": { - "ansi-styles": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", - "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", - "dev": true, - "requires": { - "color-convert": "^2.0.1" - } - }, - "argparse": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz", - "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==", - "dev": true - }, - "chalk": { - "version": "4.1.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz", - "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==", - "dev": true, - "requires": { - "ansi-styles": "^4.1.0", - "supports-color": "^7.1.0" - } - }, - "color-convert": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", - "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", - "dev": true, - "requires": { - "color-name": "~1.1.4" - } - }, - "color-name": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", - "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", - "dev": true - }, - "debug": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.2.tgz", - "integrity": "sha512-mOp8wKcvj7XxC78zLgw/ZA+6TSgkoE2C/ienthhRD298T7UNwAg9diBpLRxC0mOezLl4B0xV7M0cCO6P/O0Xhw==", - "dev": true, - "requires": { - "ms": "2.1.2" - } - }, - "escape-string-regexp": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", - "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==", - "dev": true - }, "globals": { - "version": "13.11.0", - "resolved": "https://registry.npmjs.org/globals/-/globals-13.11.0.tgz", - "integrity": "sha512-08/xrJ7wQjK9kkkRoI3OFUBbLx4f+6x3SGwcPvQ0QH6goFDrOU2oyAWrmh3dJezu65buo+HBMzAMQy6rovVC3g==", + "version": "13.12.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-13.12.0.tgz", + "integrity": "sha512-uS8X6lSKN2JumVoXrbUz+uG4BYG+eiawqm3qFcT7ammfbUHeCBoJMlHcec/S3krSk73/AE/f0szYFmgAA3kYZg==", "dev": true, "requires": { "type-fest": "^0.20.2" } }, - "has-flag": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz", - "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", - "dev": true - }, - "js-yaml": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz", - "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==", - "dev": true, - "requires": { - "argparse": "^2.0.1" - } - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, "semver": { "version": "7.3.5", "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.5.tgz", @@ -1114,21 +981,6 @@ "lru-cache": "^6.0.0" } }, - "strip-json-comments": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz", - "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==", - "dev": true - }, - "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", - "dev": true, - "requires": { - "has-flag": "^4.0.0" - } - }, "type-fest": { "version": "0.20.2", "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.20.2.tgz", @@ -1165,9 +1017,9 @@ } }, "eslint-visitor-keys": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.0.0.tgz", - "integrity": "sha512-mJOZa35trBTb3IyRmo8xmKBZlxf+N7OnUl4+ZhJHs/r+0770Wh/LEACE2pqMGMe27G/4y8P2bYGk4J70IC5k1Q==", + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.1.0.tgz", + "integrity": "sha512-yWJFpu4DtjsWKkt5GeNBBuZMlNcYVs6vRCLoCVEJrTjaSB6LC98gFipNK/erM2Heg/E8mIK+hXG/pJMLK+eRZA==", "dev": true }, "espree": { @@ -1206,9 +1058,9 @@ } }, "estraverse": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.2.0.tgz", - "integrity": "sha512-BxbNGGNm0RyRYvUdHpIwv9IWzeM9XClbOxwoATuFdOE7ZE6wHL+HQ5T8hoPM+zHvmKzzsEqhgy0GrQ5X13afiQ==", + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz", + "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==", "dev": true }, "esutils": { @@ -1291,9 +1143,9 @@ } }, "flatted": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.2.2.tgz", - "integrity": "sha512-JaTY/wtrcSyvXJl4IMFHPKyFur1sE9AUqc0QnhOaJ0CxHtAoIV8pYDzeEfAaNEtGkOfq4gr3LBFmdXW5mOQFnA==", + "version": "3.2.4", + "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.2.4.tgz", + "integrity": "sha512-8/sOawo8tJ4QOBX8YlQBMxL8+RLZfxMQOif9o0KUKTNTjMYElWPE0r/m5VNFxTRd0NSw8qSy8dajrwX4RYI1Hw==", "dev": true }, "foreground-child": { @@ -1875,6 +1727,17 @@ "@sinonjs/text-encoding": "^0.7.1", "just-extend": "^4.0.2", "path-to-regexp": "^1.7.0" + }, + "dependencies": { + "@sinonjs/fake-timers": { + "version": "7.1.2", + "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-7.1.2.tgz", + "integrity": "sha512-iQADsW4LBMISqZ6Ci1dupJL9pprqwcVFTcOsEmQOEhW+KLCVn/Y4Jrvg2k19fIHCp+iFprriYPTdRcQR8NbUPg==", + "dev": true, + "requires": { + "@sinonjs/commons": "^1.7.0" + } + } } }, "node-preload": { @@ -2363,13 +2226,13 @@ "dev": true }, "sinon": { - "version": "11.1.2", - "resolved": "https://registry.npmjs.org/sinon/-/sinon-11.1.2.tgz", - "integrity": "sha512-59237HChms4kg7/sXhiRcUzdSkKuydDeTiamT/jesUVHshBgL8XAmhgFo0GfK6RruMDM/iRSij1EybmMog9cJw==", + "version": "12.0.1", + "resolved": "https://registry.npmjs.org/sinon/-/sinon-12.0.1.tgz", + "integrity": "sha512-iGu29Xhym33ydkAT+aNQFBINakjq69kKO6ByPvTsm3yyIACfyQttRTP03aBP/I8GfhFmLzrnKwNNkr0ORb1udg==", "dev": true, "requires": { "@sinonjs/commons": "^1.8.3", - "@sinonjs/fake-timers": "^7.1.2", + "@sinonjs/fake-timers": "^8.1.0", "@sinonjs/samsam": "^6.0.2", "diff": "^5.0.0", "nise": "^5.1.0", diff --git a/package.json b/package.json index ad8cdce..c043554 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "@node-oauth/oauth2-server", "description": "Complete, framework-agnostic, compliant and well tested module for implementing an OAuth2 Server in node.js", - "version": "4.1.0", + "version": "4.1.1", "keywords": [ "oauth", "oauth2" @@ -17,6 +17,12 @@ "Daniel Reguero" ], "main": "index.js", + "types": "index.d.ts", + "files": [ + "index.js", + "index.d.ts", + "lib" + ], "dependencies": { "basic-auth": "2.0.1", "bluebird": "3.7.2", @@ -28,7 +34,7 @@ "eslint": "^8.0.0", "mocha": "^9.1.2", "nyc": "^15.1.0", - "sinon": "^11.1.2" + "sinon": "^12.0.1" }, "license": "MIT", "engines": { @@ -38,7 +44,9 @@ "pretest": "./node_modules/.bin/eslint lib test index.js", "test": "NODE_ENV=test ./node_modules/.bin/mocha 'test/**/*_test.js'", "test-debug": "NODE_ENV=test ./node_modules/.bin/mocha --inspect --debug-brk 'test/**/*_test.js'", - "test:coverage": "NODE_ENV=test nyc --reporter=html --reporter=text ./node_modules/.bin/mocha 'test/**/*_test.js'" + "test:coverage": "NODE_ENV=test nyc --reporter=html --reporter=text ./node_modules/.bin/mocha 'test/**/*_test.js'", + "lint": "npx eslint .", + "lint:fix": "npx eslint . --fix" }, "repository": { "type": "git", diff --git a/test/assertions.js b/test/assertions.js index 7ebf85f..7a95c80 100644 --- a/test/assertions.js +++ b/test/assertions.js @@ -4,7 +4,7 @@ * Module dependencies. */ -var chai = require('chai'); +const chai = require('chai'); /** * SHA-256 assertion. @@ -12,7 +12,7 @@ var chai = require('chai'); chai.use(function (_chai, utils) { chai.Assertion.addMethod('sha256', function (...args) { - var obj = utils.flag(this, 'object'); + const obj = utils.flag(this, 'object'); new chai.Assertion(obj).match(/^[a-f0-9]{64}$/i); }); }); diff --git a/test/integration/grant-types/abstract-grant-type_test.js b/test/integration/grant-types/abstract-grant-type_test.js index 160ba21..a6c4d2b 100644 --- a/test/integration/grant-types/abstract-grant-type_test.js +++ b/test/integration/grant-types/abstract-grant-type_test.js @@ -4,11 +4,11 @@ * Module dependencies. */ -var AbstractGrantType = require('../../../lib/grant-types/abstract-grant-type'); -var InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); -var Promise = require('bluebird'); -var Request = require('../../../lib/request'); -var should = require('chai').should(); +const AbstractGrantType = require('../../../lib/grant-types/abstract-grant-type'); +const InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); +const Promise = require('bluebird'); +const Request = require('../../../lib/request'); +const should = require('chai').should(); /** * Test `AbstractGrantType` integration. @@ -39,20 +39,20 @@ describe('AbstractGrantType integration', function() { }); it('should set the `accessTokenLifetime`', function() { - var grantType = new AbstractGrantType({ accessTokenLifetime: 123, model: {} }); + const grantType = new AbstractGrantType({ accessTokenLifetime: 123, model: {} }); grantType.accessTokenLifetime.should.equal(123); }); it('should set the `model`', function() { - var model = {}; - var grantType = new AbstractGrantType({ accessTokenLifetime: 123, model: model }); + const model = {}; + const grantType = new AbstractGrantType({ accessTokenLifetime: 123, model: model }); grantType.model.should.equal(model); }); it('should set the `refreshTokenLifetime`', function() { - var grantType = new AbstractGrantType({ accessTokenLifetime: 123, model: {}, refreshTokenLifetime: 456 }); + const grantType = new AbstractGrantType({ accessTokenLifetime: 123, model: {}, refreshTokenLifetime: 456 }); grantType.refreshTokenLifetime.should.equal(456); }); @@ -60,7 +60,7 @@ describe('AbstractGrantType integration', function() { describe('generateAccessToken()', function() { it('should return an access token', function() { - var handler = new AbstractGrantType({ accessTokenLifetime: 123, model: {}, refreshTokenLifetime: 456 }); + const handler = new AbstractGrantType({ accessTokenLifetime: 123, model: {}, refreshTokenLifetime: 456 }); return handler.generateAccessToken() .then(function(data) { @@ -70,23 +70,23 @@ describe('AbstractGrantType integration', function() { }); it('should support promises', function() { - var model = { + const model = { generateAccessToken: function() { return Promise.resolve({}); } }; - var handler = new AbstractGrantType({ accessTokenLifetime: 123, model: model, refreshTokenLifetime: 456 }); + const handler = new AbstractGrantType({ accessTokenLifetime: 123, model: model, refreshTokenLifetime: 456 }); handler.generateAccessToken().should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var model = { + const model = { generateAccessToken: function() { return {}; } }; - var handler = new AbstractGrantType({ accessTokenLifetime: 123, model: model, refreshTokenLifetime: 456 }); + const handler = new AbstractGrantType({ accessTokenLifetime: 123, model: model, refreshTokenLifetime: 456 }); handler.generateAccessToken().should.be.an.instanceOf(Promise); }); @@ -94,7 +94,7 @@ describe('AbstractGrantType integration', function() { describe('generateRefreshToken()', function() { it('should return a refresh token', function() { - var handler = new AbstractGrantType({ accessTokenLifetime: 123, model: {}, refreshTokenLifetime: 456 }); + const handler = new AbstractGrantType({ accessTokenLifetime: 123, model: {}, refreshTokenLifetime: 456 }); return handler.generateRefreshToken() .then(function(data) { @@ -104,23 +104,23 @@ describe('AbstractGrantType integration', function() { }); it('should support promises', function() { - var model = { + const model = { generateRefreshToken: function() { return Promise.resolve({}); } }; - var handler = new AbstractGrantType({ accessTokenLifetime: 123, model: model, refreshTokenLifetime: 456 }); + const handler = new AbstractGrantType({ accessTokenLifetime: 123, model: model, refreshTokenLifetime: 456 }); handler.generateRefreshToken().should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var model = { + const model = { generateRefreshToken: function() { return {}; } }; - var handler = new AbstractGrantType({ accessTokenLifetime: 123, model: model, refreshTokenLifetime: 456 }); + const handler = new AbstractGrantType({ accessTokenLifetime: 123, model: model, refreshTokenLifetime: 456 }); handler.generateRefreshToken().should.be.an.instanceOf(Promise); }); @@ -128,7 +128,7 @@ describe('AbstractGrantType integration', function() { describe('getAccessTokenExpiresAt()', function() { it('should return a date', function() { - var handler = new AbstractGrantType({ accessTokenLifetime: 123, model: {}, refreshTokenLifetime: 456 }); + const handler = new AbstractGrantType({ accessTokenLifetime: 123, model: {}, refreshTokenLifetime: 456 }); handler.getAccessTokenExpiresAt().should.be.an.instanceOf(Date); }); @@ -136,7 +136,7 @@ describe('AbstractGrantType integration', function() { describe('getRefreshTokenExpiresAt()', function() { it('should return a refresh token', function() { - var handler = new AbstractGrantType({ accessTokenLifetime: 123, model: {}, refreshTokenLifetime: 456 }); + const handler = new AbstractGrantType({ accessTokenLifetime: 123, model: {}, refreshTokenLifetime: 456 }); handler.getRefreshTokenExpiresAt().should.be.an.instanceOf(Date); }); @@ -144,8 +144,8 @@ describe('AbstractGrantType integration', function() { describe('getScope()', function() { it('should throw an error if `scope` is invalid', function() { - var handler = new AbstractGrantType({ accessTokenLifetime: 123, model: {}, refreshTokenLifetime: 456 }); - var request = new Request({ body: { scope: 'ø倣‰' }, headers: {}, method: {}, query: {} }); + const handler = new AbstractGrantType({ accessTokenLifetime: 123, model: {}, refreshTokenLifetime: 456 }); + const request = new Request({ body: { scope: 'ø倣‰' }, headers: {}, method: {}, query: {} }); try { handler.getScope(request); @@ -158,15 +158,15 @@ describe('AbstractGrantType integration', function() { }); it('should allow the `scope` to be `undefined`', function() { - var handler = new AbstractGrantType({ accessTokenLifetime: 123, model: {}, refreshTokenLifetime: 456 }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const handler = new AbstractGrantType({ accessTokenLifetime: 123, model: {}, refreshTokenLifetime: 456 }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); should.not.exist(handler.getScope(request)); }); it('should return the scope', function() { - var handler = new AbstractGrantType({ accessTokenLifetime: 123, model: {}, refreshTokenLifetime: 456 }); - var request = new Request({ body: { scope: 'foo' }, headers: {}, method: {}, query: {} }); + const handler = new AbstractGrantType({ accessTokenLifetime: 123, model: {}, refreshTokenLifetime: 456 }); + const request = new Request({ body: { scope: 'foo' }, headers: {}, method: {}, query: {} }); handler.getScope(request).should.equal('foo'); }); diff --git a/test/integration/grant-types/authorization-code-grant-type_test.js b/test/integration/grant-types/authorization-code-grant-type_test.js index 417a23a..6cddd53 100644 --- a/test/integration/grant-types/authorization-code-grant-type_test.js +++ b/test/integration/grant-types/authorization-code-grant-type_test.js @@ -4,14 +4,14 @@ * Module dependencies. */ -var AuthorizationCodeGrantType = require('../../../lib/grant-types/authorization-code-grant-type'); -var InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); -var InvalidGrantError = require('../../../lib/errors/invalid-grant-error'); -var InvalidRequestError = require('../../../lib/errors/invalid-request-error'); -var Promise = require('bluebird'); -var Request = require('../../../lib/request'); -var ServerError = require('../../../lib/errors/server-error'); -var should = require('chai').should(); +const AuthorizationCodeGrantType = require('../../../lib/grant-types/authorization-code-grant-type'); +const InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); +const InvalidGrantError = require('../../../lib/errors/invalid-grant-error'); +const InvalidRequestError = require('../../../lib/errors/invalid-request-error'); +const Promise = require('bluebird'); +const Request = require('../../../lib/request'); +const ServerError = require('../../../lib/errors/server-error'); +const should = require('chai').should(); /** * Test `AuthorizationCodeGrantType` integration. @@ -43,7 +43,7 @@ describe('AuthorizationCodeGrantType integration', function() { it('should throw an error if the model does not implement `revokeAuthorizationCode()`', function() { try { - var model = { + const model = { getAuthorizationCode: function() {} }; @@ -58,7 +58,7 @@ describe('AuthorizationCodeGrantType integration', function() { it('should throw an error if the model does not implement `saveToken()`', function() { try { - var model = { + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() {} }; @@ -75,12 +75,12 @@ describe('AuthorizationCodeGrantType integration', function() { describe('handle()', function() { it('should throw an error if `request` is missing', function() { - var model = { + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); try { grantType.handle(); @@ -93,14 +93,14 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should throw an error if `client` is invalid', function() { - var client = {}; - var model = { + const client = {}; + const model = { getAuthorizationCode: function() { return { authorizationCode: 12345, expiresAt: new Date(new Date() * 2), user: {} }; }, revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); return grantType.handle(request, client) .then(should.fail) @@ -112,13 +112,13 @@ describe('AuthorizationCodeGrantType integration', function() { it('should throw an error if `client` is missing', function() { - var model = { + const model = { getAuthorizationCode: function() { return { authorizationCode: 12345, expiresAt: new Date(new Date() * 2), user: {} }; }, revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); try { grantType.handle(request, null); @@ -130,16 +130,16 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should return a token', function() { - var client = { id: 'foobar' }; - var token = {}; - var model = { + const client = { id: 'foobar' }; + const token = {}; + const model = { getAuthorizationCode: function() { return { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }; }, revokeAuthorizationCode: function() { return true; }, saveToken: function() { return token; }, validateScope: function() { return 'foo'; } }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); return grantType.handle(request, client) .then(function(data) { @@ -149,40 +149,40 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should support promises', function() { - var client = { id: 'foobar' }; - var model = { + const client = { id: 'foobar' }; + const model = { getAuthorizationCode: function() { return Promise.resolve({ authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }); }, revokeAuthorizationCode: function() { return true; }, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); grantType.handle(request, client).should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var client = { id: 'foobar' }; - var model = { + const client = { id: 'foobar' }; + const model = { getAuthorizationCode: function() { return { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }; }, revokeAuthorizationCode: function() { return true; }, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); grantType.handle(request, client).should.be.an.instanceOf(Promise); }); it('should support callbacks', function() { - var client = { id: 'foobar' }; - var model = { + const client = { id: 'foobar' }; + const model = { getAuthorizationCode: function(code, callback) { callback(null, { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }); }, revokeAuthorizationCode: function(code, callback) { callback(null, { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() / 2), user: {} }); }, saveToken: function(tokenToSave, client, user, callback) { callback(null, tokenToSave); } }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); grantType.handle(request, client).should.be.an.instanceOf(Promise); }); @@ -190,14 +190,14 @@ describe('AuthorizationCodeGrantType integration', function() { describe('getAuthorizationCode()', function() { it('should throw an error if the request body does not contain `code`', function() { - var client = {}; - var model = { + const client = {}; + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { grantType.getAuthorizationCode(request, client); @@ -210,14 +210,14 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should throw an error if `code` is invalid', function() { - var client = {}; - var model = { + const client = {}; + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 'ø倣‰' }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 'ø倣‰' }, headers: {}, method: {}, query: {} }); try { grantType.getAuthorizationCode(request, client); @@ -230,14 +230,14 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should throw an error if `authorizationCode` is missing', function() { - var client = {}; - var model = { + const client = {}; + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); return grantType.getAuthorizationCode(request, client) .then(should.fail) @@ -248,14 +248,14 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should throw an error if `authorizationCode.client` is missing', function() { - var client = {}; - var model = { + const client = {}; + const model = { getAuthorizationCode: function() { return { authorizationCode: 12345 }; }, revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); return grantType.getAuthorizationCode(request, client) .then(should.fail) @@ -266,14 +266,14 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should throw an error if `authorizationCode.expiresAt` is missing', function() { - var client = {}; - var model = { + const client = {}; + const model = { getAuthorizationCode: function() { return { authorizationCode: 12345, client: {}, user: {} }; }, revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); return grantType.getAuthorizationCode(request, client) .then(should.fail) @@ -284,14 +284,14 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should throw an error if `authorizationCode.user` is missing', function() { - var client = {}; - var model = { + const client = {}; + const model = { getAuthorizationCode: function() { return { authorizationCode: 12345, client: {}, expiresAt: new Date() }; }, revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); return grantType.getAuthorizationCode(request, client) .then(should.fail) @@ -302,16 +302,16 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should throw an error if the client id does not match', function() { - var client = { id: 123 }; - var model = { + const client = { id: 123 }; + const model = { getAuthorizationCode: function() { return { authorizationCode: 12345, expiresAt: new Date(), client: { id: 456 }, user: {} }; }, revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); return grantType.getAuthorizationCode(request, client) .then(should.fail) @@ -322,17 +322,17 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should throw an error if the auth code is expired', function() { - var client = { id: 123 }; - var date = new Date(new Date() / 2); - var model = { + const client = { id: 123 }; + const date = new Date(new Date() / 2); + const model = { getAuthorizationCode: function() { return { authorizationCode: 12345, client: { id: 123 }, expiresAt: date, user: {} }; }, revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); return grantType.getAuthorizationCode(request, client) .then(should.fail) @@ -343,15 +343,15 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should throw an error if the `redirectUri` is invalid', function() { - var authorizationCode = { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), redirectUri: 'foobar', user: {} }; - var client = { id: 'foobar' }; - var model = { + const authorizationCode = { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), redirectUri: 'foobar', user: {} }; + const client = { id: 'foobar' }; + const model = { getAuthorizationCode: function() { return authorizationCode; }, revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); return grantType.getAuthorizationCode(request, client) .then(should.fail) @@ -362,15 +362,15 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should return an auth code', function() { - var authorizationCode = { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }; - var client = { id: 'foobar' }; - var model = { + const authorizationCode = { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }; + const client = { id: 'foobar' }; + const model = { getAuthorizationCode: function() { return authorizationCode; }, revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); return grantType.getAuthorizationCode(request, client) .then(function(data) { @@ -380,43 +380,43 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should support promises', function() { - var authorizationCode = { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }; - var client = { id: 'foobar' }; - var model = { + const authorizationCode = { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }; + const client = { id: 'foobar' }; + const model = { getAuthorizationCode: function() { return Promise.resolve(authorizationCode); }, revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); grantType.getAuthorizationCode(request, client).should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var authorizationCode = { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }; - var client = { id: 'foobar' }; - var model = { + const authorizationCode = { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }; + const client = { id: 'foobar' }; + const model = { getAuthorizationCode: function() { return authorizationCode; }, revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); grantType.getAuthorizationCode(request, client).should.be.an.instanceOf(Promise); }); it('should support callbacks', function() { - var authorizationCode = { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }; - var client = { id: 'foobar' }; - var model = { + const authorizationCode = { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }; + const client = { id: 'foobar' }; + const model = { getAuthorizationCode: function(code, callback) { callback(null, authorizationCode); }, revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); grantType.getAuthorizationCode(request, client).should.be.an.instanceOf(Promise); }); @@ -424,14 +424,14 @@ describe('AuthorizationCodeGrantType integration', function() { describe('validateRedirectUri()', function() { it('should throw an error if `redirectUri` is missing', function() { - var authorizationCode = { authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() / 2), redirectUri: 'http://foo.bar', user: {} }; - var model = { + const authorizationCode = { authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() / 2), redirectUri: 'http://foo.bar', user: {} }; + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() { return authorizationCode; }, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); try { grantType.validateRedirectUri(request, authorizationCode); @@ -444,14 +444,14 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should throw an error if `redirectUri` is invalid', function() { - var authorizationCode = { authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() / 2), redirectUri: 'http://foo.bar', user: {} }; - var model = { + const authorizationCode = { authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() / 2), redirectUri: 'http://foo.bar', user: {} }; + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() { return true; }, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { code: 12345, redirect_uri: 'http://bar.foo' }, headers: {}, method: {}, query: {} }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { code: 12345, redirect_uri: 'http://bar.foo' }, headers: {}, method: {}, query: {} }); try { grantType.validateRedirectUri(request, authorizationCode); @@ -466,13 +466,13 @@ describe('AuthorizationCodeGrantType integration', function() { describe('revokeAuthorizationCode()', function() { it('should revoke the auth code', function() { - var authorizationCode = { authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() / 2), user: {} }; - var model = { + const authorizationCode = { authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() / 2), user: {} }; + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() { return true; }, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); return grantType.revokeAuthorizationCode(authorizationCode) .then(function(data) { @@ -482,13 +482,13 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should throw an error when the auth code is invalid', function() { - var authorizationCode = { authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() / 2), user: {} }; - var model = { + const authorizationCode = { authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() / 2), user: {} }; + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() { return false; }, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); return grantType.revokeAuthorizationCode(authorizationCode) .then(function(data) { @@ -501,37 +501,37 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should support promises', function() { - var authorizationCode = { authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() / 2), user: {} }; - var model = { + const authorizationCode = { authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() / 2), user: {} }; + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() { return Promise.resolve(true); }, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); grantType.revokeAuthorizationCode(authorizationCode).should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var authorizationCode = { authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() / 2), user: {} }; - var model = { + const authorizationCode = { authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() / 2), user: {} }; + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() { return authorizationCode; }, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); grantType.revokeAuthorizationCode(authorizationCode).should.be.an.instanceOf(Promise); }); it('should support callbacks', function() { - var authorizationCode = { authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() / 2), user: {} }; - var model = { + const authorizationCode = { authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() / 2), user: {} }; + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function(code, callback) { callback(null, authorizationCode); }, saveToken: function() {} }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); grantType.revokeAuthorizationCode(authorizationCode).should.be.an.instanceOf(Promise); }); @@ -539,14 +539,14 @@ describe('AuthorizationCodeGrantType integration', function() { describe('saveToken()', function() { it('should save the token', function() { - var token = {}; - var model = { + const token = {}; + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() {}, saveToken: function() { return token; }, validateScope: function() { return 'foo'; } }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); return grantType.saveToken(token) .then(function(data) { @@ -556,37 +556,37 @@ describe('AuthorizationCodeGrantType integration', function() { }); it('should support promises', function() { - var token = {}; - var model = { + const token = {}; + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() {}, saveToken: function() { return Promise.resolve(token); } }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); grantType.saveToken(token).should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var token = {}; - var model = { + const token = {}; + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() {}, saveToken: function() { return token; } }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); grantType.saveToken(token).should.be.an.instanceOf(Promise); }); it('should support callbacks', function() { - var token = {}; - var model = { + const token = {}; + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() {}, saveToken: function(tokenToSave, client, user, callback) { callback(null, token); } }; - var grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new AuthorizationCodeGrantType({ accessTokenLifetime: 123, model: model }); grantType.saveToken(token).should.be.an.instanceOf(Promise); }); diff --git a/test/integration/grant-types/client-credentials-grant-type_test.js b/test/integration/grant-types/client-credentials-grant-type_test.js index 3bddec8..b13df08 100644 --- a/test/integration/grant-types/client-credentials-grant-type_test.js +++ b/test/integration/grant-types/client-credentials-grant-type_test.js @@ -4,12 +4,12 @@ * Module dependencies. */ -var ClientCredentialsGrantType = require('../../../lib/grant-types/client-credentials-grant-type'); -var InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); -var InvalidGrantError = require('../../../lib/errors/invalid-grant-error'); -var Promise = require('bluebird'); -var Request = require('../../../lib/request'); -var should = require('chai').should(); +const ClientCredentialsGrantType = require('../../../lib/grant-types/client-credentials-grant-type'); +const InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); +const InvalidGrantError = require('../../../lib/errors/invalid-grant-error'); +const Promise = require('bluebird'); +const Request = require('../../../lib/request'); +const should = require('chai').should(); /** * Test `ClientCredentialsGrantType` integration. @@ -41,7 +41,7 @@ describe('ClientCredentialsGrantType integration', function() { it('should throw an error if the model does not implement `saveToken()`', function() { try { - var model = { + const model = { getUserFromClient: function() {} }; @@ -57,11 +57,11 @@ describe('ClientCredentialsGrantType integration', function() { describe('handle()', function() { it('should throw an error if `request` is missing', function() { - var model = { + const model = { getUserFromClient: function() {}, saveToken: function() {} }; - var grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); + const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); try { grantType.handle(); @@ -74,12 +74,12 @@ describe('ClientCredentialsGrantType integration', function() { }); it('should throw an error if `client` is missing', function() { - var model = { + const model = { getUserFromClient: function() {}, saveToken: function() {} }; - var grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { grantType.handle(request); @@ -92,14 +92,14 @@ describe('ClientCredentialsGrantType integration', function() { }); it('should return a token', function() { - var token = {}; - var model = { + const token = {}; + const model = { getUserFromClient: function() { return {}; }, saveToken: function() { return token; }, validateScope: function() { return 'foo'; } }; - var grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); return grantType.handle(request, {}) .then(function(data) { @@ -109,25 +109,25 @@ describe('ClientCredentialsGrantType integration', function() { }); it('should support promises', function() { - var token = {}; - var model = { + const token = {}; + const model = { getUserFromClient: function() { return {}; }, saveToken: function() { return token; } }; - var grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); grantType.handle(request, {}).should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var token = {}; - var model = { + const token = {}; + const model = { getUserFromClient: function() { return {}; }, saveToken: function() { return token; } }; - var grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); grantType.handle(request, {}).should.be.an.instanceOf(Promise); }); @@ -135,12 +135,12 @@ describe('ClientCredentialsGrantType integration', function() { describe('getUserFromClient()', function() { it('should throw an error if `user` is missing', function() { - var model = { + const model = { getUserFromClient: function() {}, saveToken: function() {} }; - var grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); return grantType.getUserFromClient(request, {}) .then(should.fail) @@ -151,13 +151,13 @@ describe('ClientCredentialsGrantType integration', function() { }); it('should return a user', function() { - var user = { email: 'foo@bar.com' }; - var model = { + const user = { email: 'foo@bar.com' }; + const model = { getUserFromClient: function() { return user; }, saveToken: function() {} }; - var grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); return grantType.getUserFromClient(request, {}) .then(function(data) { @@ -167,37 +167,37 @@ describe('ClientCredentialsGrantType integration', function() { }); it('should support promises', function() { - var user = { email: 'foo@bar.com' }; - var model = { + const user = { email: 'foo@bar.com' }; + const model = { getUserFromClient: function() { return Promise.resolve(user); }, saveToken: function() {} }; - var grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); grantType.getUserFromClient(request, {}).should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var user = { email: 'foo@bar.com' }; - var model = { + const user = { email: 'foo@bar.com' }; + const model = { getUserFromClient: function() {return user; }, saveToken: function() {} }; - var grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); grantType.getUserFromClient(request, {}).should.be.an.instanceOf(Promise); }); it('should support callbacks', function() { - var user = { email: 'foo@bar.com' }; - var model = { + const user = { email: 'foo@bar.com' }; + const model = { getUserFromClient: function(userId, callback) { callback(null, user); }, saveToken: function() {} }; - var grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); grantType.getUserFromClient(request, {}).should.be.an.instanceOf(Promise); }); @@ -205,13 +205,13 @@ describe('ClientCredentialsGrantType integration', function() { describe('saveToken()', function() { it('should save the token', function() { - var token = {}; - var model = { + const token = {}; + const model = { getUserFromClient: function() {}, saveToken: function() { return token; }, validateScope: function() { return 'foo'; } }; - var grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 123, model: model }); return grantType.saveToken(token) .then(function(data) { @@ -221,34 +221,34 @@ describe('ClientCredentialsGrantType integration', function() { }); it('should support promises', function() { - var token = {}; - var model = { + const token = {}; + const model = { getUserFromClient: function() {}, saveToken: function() { return Promise.resolve(token); } }; - var grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 123, model: model }); grantType.saveToken(token).should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var token = {}; - var model = { + const token = {}; + const model = { getUserFromClient: function() {}, saveToken: function() { return token; } }; - var grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 123, model: model }); grantType.saveToken(token).should.be.an.instanceOf(Promise); }); it('should support callbacks', function() { - var token = {}; - var model = { + const token = {}; + const model = { getUserFromClient: function() {}, saveToken: function(tokenToSave, client, user, callback) { callback(null, token); } }; - var grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new ClientCredentialsGrantType({ accessTokenLifetime: 123, model: model }); grantType.saveToken(token).should.be.an.instanceOf(Promise); }); diff --git a/test/integration/grant-types/password-grant-type_test.js b/test/integration/grant-types/password-grant-type_test.js index 916355d..a8c4cda 100644 --- a/test/integration/grant-types/password-grant-type_test.js +++ b/test/integration/grant-types/password-grant-type_test.js @@ -4,13 +4,13 @@ * Module dependencies. */ -var InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); -var InvalidGrantError = require('../../../lib/errors/invalid-grant-error'); -var InvalidRequestError = require('../../../lib/errors/invalid-request-error'); -var PasswordGrantType = require('../../../lib/grant-types/password-grant-type'); -var Promise = require('bluebird'); -var Request = require('../../../lib/request'); -var should = require('chai').should(); +const InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); +const InvalidGrantError = require('../../../lib/errors/invalid-grant-error'); +const InvalidRequestError = require('../../../lib/errors/invalid-request-error'); +const PasswordGrantType = require('../../../lib/grant-types/password-grant-type'); +const Promise = require('bluebird'); +const Request = require('../../../lib/request'); +const should = require('chai').should(); /** * Test `PasswordGrantType` integration. @@ -42,7 +42,7 @@ describe('PasswordGrantType integration', function() { it('should throw an error if the model does not implement `saveToken()`', function() { try { - var model = { + const model = { getUser: function() {} }; @@ -58,11 +58,11 @@ describe('PasswordGrantType integration', function() { describe('handle()', function() { it('should throw an error if `request` is missing', function() { - var model = { + const model = { getUser: function() {}, saveToken: function() {} }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); try { grantType.handle(); @@ -75,11 +75,11 @@ describe('PasswordGrantType integration', function() { }); it('should throw an error if `client` is missing', function() { - var model = { + const model = { getUser: function() {}, saveToken: function() {} }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); try { grantType.handle({}); @@ -92,15 +92,15 @@ describe('PasswordGrantType integration', function() { }); it('should return a token', function() { - var client = { id: 'foobar' }; - var token = {}; - var model = { + const client = { id: 'foobar' }; + const token = {}; + const model = { getUser: function() { return {}; }, saveToken: function() { return token; }, validateScope: function() { return 'baz'; } }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { username: 'foo', password: 'bar', scope: 'baz' }, headers: {}, method: {}, query: {} }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { username: 'foo', password: 'bar', scope: 'baz' }, headers: {}, method: {}, query: {} }); return grantType.handle(request, client) .then(function(data) { @@ -110,40 +110,40 @@ describe('PasswordGrantType integration', function() { }); it('should support promises', function() { - var client = { id: 'foobar' }; - var token = {}; - var model = { + const client = { id: 'foobar' }; + const token = {}; + const model = { getUser: function() { return {}; }, saveToken: function() { return Promise.resolve(token); } }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); grantType.handle(request, client).should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var client = { id: 'foobar' }; - var token = {}; - var model = { + const client = { id: 'foobar' }; + const token = {}; + const model = { getUser: function() { return {}; }, saveToken: function() { return token; } }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); grantType.handle(request, client).should.be.an.instanceOf(Promise); }); it('should support callbacks', function() { - var client = { id: 'foobar' }; - var token = {}; - var model = { + const client = { id: 'foobar' }; + const token = {}; + const model = { getUser: function(username, password, callback) { callback(null, {}); }, saveToken: function(tokenToSave, client, user, callback) { callback(null, token); } }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); grantType.handle(request, client).should.be.an.instanceOf(Promise); }); @@ -151,12 +151,12 @@ describe('PasswordGrantType integration', function() { describe('getUser()', function() { it('should throw an error if the request body does not contain `username`', function() { - var model = { + const model = { getUser: function() {}, saveToken: function() {} }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { grantType.getUser(request); @@ -169,12 +169,12 @@ describe('PasswordGrantType integration', function() { }); it('should throw an error if the request body does not contain `password`', function() { - var model = { + const model = { getUser: function() {}, saveToken: function() {} }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { username: 'foo' }, headers: {}, method: {}, query: {} }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { username: 'foo' }, headers: {}, method: {}, query: {} }); try { grantType.getUser(request); @@ -187,12 +187,12 @@ describe('PasswordGrantType integration', function() { }); it('should throw an error if `username` is invalid', function() { - var model = { + const model = { getUser: function() {}, saveToken: function() {} }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { username: '\r\n', password: 'foobar' }, headers: {}, method: {}, query: {} }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { username: '\r\n', password: 'foobar' }, headers: {}, method: {}, query: {} }); try { grantType.getUser(request); @@ -205,12 +205,12 @@ describe('PasswordGrantType integration', function() { }); it('should throw an error if `password` is invalid', function() { - var model = { + const model = { getUser: function() {}, saveToken: function() {} }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { username: 'foobar', password: '\r\n' }, headers: {}, method: {}, query: {} }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { username: 'foobar', password: '\r\n' }, headers: {}, method: {}, query: {} }); try { grantType.getUser(request); @@ -223,12 +223,12 @@ describe('PasswordGrantType integration', function() { }); it('should throw an error if `user` is missing', function() { - var model = { + const model = { getUser: function() {}, saveToken: function() {} }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); return grantType.getUser(request) .then(should.fail) @@ -239,13 +239,13 @@ describe('PasswordGrantType integration', function() { }); it('should return a user', function() { - var user = { email: 'foo@bar.com' }; - var model = { + const user = { email: 'foo@bar.com' }; + const model = { getUser: function() { return user; }, saveToken: function() {} }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); return grantType.getUser(request) .then(function(data) { @@ -255,37 +255,37 @@ describe('PasswordGrantType integration', function() { }); it('should support promises', function() { - var user = { email: 'foo@bar.com' }; - var model = { + const user = { email: 'foo@bar.com' }; + const model = { getUser: function() { return Promise.resolve(user); }, saveToken: function() {} }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); grantType.getUser(request).should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var user = { email: 'foo@bar.com' }; - var model = { + const user = { email: 'foo@bar.com' }; + const model = { getUser: function() { return user; }, saveToken: function() {} }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); grantType.getUser(request).should.be.an.instanceOf(Promise); }); it('should support callbacks', function() { - var user = { email: 'foo@bar.com' }; - var model = { + const user = { email: 'foo@bar.com' }; + const model = { getUser: function(username, password, callback) { callback(null, user); }, saveToken: function() {} }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); grantType.getUser(request).should.be.an.instanceOf(Promise); }); @@ -293,13 +293,13 @@ describe('PasswordGrantType integration', function() { describe('saveToken()', function() { it('should save the token', function() { - var token = {}; - var model = { + const token = {}; + const model = { getUser: function() {}, saveToken: function() { return token; }, validateScope: function() { return 'foo'; } }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); return grantType.saveToken(token) .then(function(data) { @@ -309,34 +309,34 @@ describe('PasswordGrantType integration', function() { }); it('should support promises', function() { - var token = {}; - var model = { + const token = {}; + const model = { getUser: function() {}, saveToken: function() { return Promise.resolve(token); } }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); grantType.saveToken(token).should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var token = {}; - var model = { + const token = {}; + const model = { getUser: function() {}, saveToken: function() { return token; } }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); grantType.saveToken(token).should.be.an.instanceOf(Promise); }); it('should support callbacks', function() { - var token = {}; - var model = { + const token = {}; + const model = { getUser: function() {}, saveToken: function(tokenToSave, client, user, callback) { callback(null, token); } }; - var grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new PasswordGrantType({ accessTokenLifetime: 123, model: model }); grantType.saveToken(token).should.be.an.instanceOf(Promise); }); diff --git a/test/integration/grant-types/refresh-token-grant-type_test.js b/test/integration/grant-types/refresh-token-grant-type_test.js index cbc2947..945d51c 100644 --- a/test/integration/grant-types/refresh-token-grant-type_test.js +++ b/test/integration/grant-types/refresh-token-grant-type_test.js @@ -4,14 +4,14 @@ * Module dependencies. */ -var InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); -var InvalidGrantError = require('../../../lib/errors/invalid-grant-error'); -var InvalidRequestError = require('../../../lib/errors/invalid-request-error'); -var Promise = require('bluebird'); -var RefreshTokenGrantType = require('../../../lib/grant-types/refresh-token-grant-type'); -var Request = require('../../../lib/request'); -var ServerError = require('../../../lib/errors/server-error'); -var should = require('chai').should(); +const InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); +const InvalidGrantError = require('../../../lib/errors/invalid-grant-error'); +const InvalidRequestError = require('../../../lib/errors/invalid-request-error'); +const Promise = require('bluebird'); +const RefreshTokenGrantType = require('../../../lib/grant-types/refresh-token-grant-type'); +const Request = require('../../../lib/request'); +const ServerError = require('../../../lib/errors/server-error'); +const should = require('chai').should(); /** * Test `RefreshTokenGrantType` integration. @@ -43,7 +43,7 @@ describe('RefreshTokenGrantType integration', function() { it('should throw an error if the model does not implement `revokeToken()`', function() { try { - var model = { + const model = { getRefreshToken: function() {} }; @@ -58,7 +58,7 @@ describe('RefreshTokenGrantType integration', function() { it('should throw an error if the model does not implement `saveToken()`', function() { try { - var model = { + const model = { getRefreshToken: function() {}, revokeToken: function() {} }; @@ -75,12 +75,12 @@ describe('RefreshTokenGrantType integration', function() { describe('handle()', function() { it('should throw an error if `request` is missing', function() { - var model = { + const model = { getRefreshToken: function() {}, revokeToken: function() {}, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); try { grantType.handle(); @@ -93,13 +93,13 @@ describe('RefreshTokenGrantType integration', function() { }); it('should throw an error if `client` is missing', function() { - var model = { + const model = { getRefreshToken: function() {}, revokeToken: function() {}, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { grantType.handle(request); @@ -112,15 +112,15 @@ describe('RefreshTokenGrantType integration', function() { }); it('should return a token', function() { - var client = { id: 123 }; - var token = { accessToken: 'foo', client: { id: 123 }, user: {} }; - var model = { + const client = { id: 123 }; + const token = { accessToken: 'foo', client: { id: 123 }, user: {} }; + const model = { getRefreshToken: function() { return token; }, revokeToken: function() { return { accessToken: 'foo', client: { id: 123 }, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }; }, saveToken: function() { return token; } }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); return grantType.handle(request, client) .then(function(data) { @@ -130,40 +130,40 @@ describe('RefreshTokenGrantType integration', function() { }); it('should support promises', function() { - var client = { id: 123 }; - var model = { + const client = { id: 123 }; + const model = { getRefreshToken: function() { return Promise.resolve({ accessToken: 'foo', client: { id: 123 }, user: {} }); }, revokeToken: function() { return Promise.resolve({ accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }); }, saveToken: function() { return Promise.resolve({ accessToken: 'foo', client: {}, user: {} }); } }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); grantType.handle(request, client).should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var client = { id: 123 }; - var model = { + const client = { id: 123 }; + const model = { getRefreshToken: function() { return { accessToken: 'foo', client: { id: 123 }, user: {} }; }, revokeToken: function() { return { accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }; }, saveToken: function() { return { accessToken: 'foo', client: {}, user: {} }; } }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); grantType.handle(request, client).should.be.an.instanceOf(Promise); }); it('should support callbacks', function() { - var client = { id: 123 }; - var model = { + const client = { id: 123 }; + const model = { getRefreshToken: function(refreshToken, callback) { callback(null, { accessToken: 'foo', client: { id: 123 }, user: {} }); }, revokeToken: function(refreshToken, callback) { callback(null, { accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }); }, saveToken: function(tokenToSave, client, user, callback) { callback(null,{ accessToken: 'foo', client: {}, user: {} }); } }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); grantType.handle(request, client).should.be.an.instanceOf(Promise); }); @@ -171,14 +171,14 @@ describe('RefreshTokenGrantType integration', function() { describe('getRefreshToken()', function() { it('should throw an error if the `refreshToken` parameter is missing from the request body', function() { - var client = {}; - var model = { + const client = {}; + const model = { getRefreshToken: function() {}, revokeToken: function() {}, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { grantType.getRefreshToken(request, client); @@ -191,14 +191,14 @@ describe('RefreshTokenGrantType integration', function() { }); it('should throw an error if `refreshToken` is not found', function() { - var client = { id: 123 }; - var model = { + const client = { id: 123 }; + const model = { getRefreshToken: function() { return; }, revokeToken: function() {}, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: { refresh_token: '12345' }, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: { refresh_token: '12345' }, headers: {}, method: {}, query: {} }); return grantType.getRefreshToken(request, client) .then(should.fail) @@ -209,14 +209,14 @@ describe('RefreshTokenGrantType integration', function() { }); it('should throw an error if `refreshToken.client` is missing', function() { - var client = {}; - var model = { + const client = {}; + const model = { getRefreshToken: function() { return {}; }, revokeToken: function() {}, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: { refresh_token: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: { refresh_token: 12345 }, headers: {}, method: {}, query: {} }); return grantType.getRefreshToken(request, client) .then(should.fail) @@ -227,16 +227,16 @@ describe('RefreshTokenGrantType integration', function() { }); it('should throw an error if `refreshToken.user` is missing', function() { - var client = {}; - var model = { + const client = {}; + const model = { getRefreshToken: function() { return { accessToken: 'foo', client: {} }; }, revokeToken: function() {}, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: { refresh_token: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: { refresh_token: 12345 }, headers: {}, method: {}, query: {} }); return grantType.getRefreshToken(request, client) .then(should.fail) @@ -247,16 +247,16 @@ describe('RefreshTokenGrantType integration', function() { }); it('should throw an error if the client id does not match', function() { - var client = { id: 123 }; - var model = { + const client = { id: 123 }; + const model = { getRefreshToken: function() { return { accessToken: 'foo', client: { id: 456 }, user: {} }; }, revokeToken: function() {}, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: { refresh_token: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: { refresh_token: 12345 }, headers: {}, method: {}, query: {} }); return grantType.getRefreshToken(request, client) .then(should.fail) @@ -267,16 +267,16 @@ describe('RefreshTokenGrantType integration', function() { }); it('should throw an error if `refresh_token` contains invalid characters', function() { - var client = {}; - var model = { + const client = {}; + const model = { getRefreshToken: function() { return { client: { id: 456 }, user: {} }; }, revokeToken: function() {}, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: { refresh_token: 'ø倣‰' }, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: { refresh_token: 'ø倣‰' }, headers: {}, method: {}, query: {} }); try { grantType.getRefreshToken(request, client); @@ -289,16 +289,16 @@ describe('RefreshTokenGrantType integration', function() { }); it('should throw an error if `refresh_token` is missing', function() { - var client = {}; - var model = { + const client = {}; + const model = { getRefreshToken: function() { return { accessToken: 'foo', client: { id: 456 }, user: {} }; }, revokeToken: function() {}, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: { refresh_token: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: { refresh_token: 12345 }, headers: {}, method: {}, query: {} }); return grantType.getRefreshToken(request, client) .then(should.fail) @@ -309,17 +309,17 @@ describe('RefreshTokenGrantType integration', function() { }); it('should throw an error if `refresh_token` is expired', function() { - var client = { id: 123 }; - var date = new Date(new Date() / 2); - var model = { + const client = { id: 123 }; + const date = new Date(new Date() / 2); + const model = { getRefreshToken: function() { return { accessToken: 'foo', client: { id: 123 }, refreshTokenExpiresAt: date, user: {} }; }, revokeToken: function() {}, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: { refresh_token: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: { refresh_token: 12345 }, headers: {}, method: {}, query: {} }); return grantType.getRefreshToken(request, client) .then(should.fail) @@ -330,16 +330,16 @@ describe('RefreshTokenGrantType integration', function() { }); it('should throw an error if `refreshTokenExpiresAt` is not a date value', function() { - var client = { id: 123 }; - var model = { + const client = { id: 123 }; + const model = { getRefreshToken: function() { return { accessToken: 'foo', client: { id: 123 }, refreshTokenExpiresAt: 'stringvalue', user: {} }; }, revokeToken: function() {}, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: { refresh_token: 12345 }, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: { refresh_token: 12345 }, headers: {}, method: {}, query: {} }); return grantType.getRefreshToken(request, client) .then(should.fail) @@ -350,15 +350,15 @@ describe('RefreshTokenGrantType integration', function() { }); it('should return a token', function() { - var client = { id: 123 }; - var token = { accessToken: 'foo', client: { id: 123 }, user: {} }; - var model = { + const client = { id: 123 }; + const token = { accessToken: 'foo', client: { id: 123 }, user: {} }; + const model = { getRefreshToken: function() { return token; }, revokeToken: function() {}, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); return grantType.getRefreshToken(request, client) .then(function(data) { @@ -368,43 +368,43 @@ describe('RefreshTokenGrantType integration', function() { }); it('should support promises', function() { - var client = { id: 123 }; - var token = { accessToken: 'foo', client: { id: 123 }, user: {} }; - var model = { + const client = { id: 123 }; + const token = { accessToken: 'foo', client: { id: 123 }, user: {} }; + const model = { getRefreshToken: function() { return Promise.resolve(token); }, revokeToken: function() {}, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); grantType.getRefreshToken(request, client).should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var client = { id: 123 }; - var token = { accessToken: 'foo', client: { id: 123 }, user: {} }; - var model = { + const client = { id: 123 }; + const token = { accessToken: 'foo', client: { id: 123 }, user: {} }; + const model = { getRefreshToken: function() { return token; }, revokeToken: function() {}, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); grantType.getRefreshToken(request, client).should.be.an.instanceOf(Promise); }); it('should support callbacks', function() { - var client = { id: 123 }; - var token = { accessToken: 'foo', client: { id: 123 }, user: {} }; - var model = { + const client = { id: 123 }; + const token = { accessToken: 'foo', client: { id: 123 }, user: {} }; + const model = { getRefreshToken: function(refreshToken, callback) { callback(null, token); }, revokeToken: function() {}, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); - var request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); + const request = new Request({ body: { refresh_token: 'foobar' }, headers: {}, method: {}, query: {} }); grantType.getRefreshToken(request, client).should.be.an.instanceOf(Promise); }); @@ -412,12 +412,12 @@ describe('RefreshTokenGrantType integration', function() { describe('revokeToken()', function() { it('should throw an error if the `token` is invalid', function() { - var model = { + const model = { getRefreshToken: function() {}, revokeToken: function() {}, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); grantType.revokeToken({}) .then(should.fail) @@ -428,13 +428,13 @@ describe('RefreshTokenGrantType integration', function() { }); it('should revoke the token', function() { - var token = { accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }; - var model = { + const token = { accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }; + const model = { getRefreshToken: function() {}, revokeToken: function() { return token; }, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); return grantType.revokeToken(token) .then(function(data) { @@ -444,37 +444,37 @@ describe('RefreshTokenGrantType integration', function() { }); it('should support promises', function() { - var token = { accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }; - var model = { + const token = { accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }; + const model = { getRefreshToken: function() {}, revokeToken: function() { return Promise.resolve(token); }, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); grantType.revokeToken(token).should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var token = { accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }; - var model = { + const token = { accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }; + const model = { getRefreshToken: function() {}, revokeToken: function() { return token; }, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); grantType.revokeToken(token).should.be.an.instanceOf(Promise); }); it('should support callbacks', function() { - var token = { accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }; - var model = { + const token = { accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }; + const model = { getRefreshToken: function() {}, revokeToken: function(refreshToken, callback) { callback(null, token); }, saveToken: function() {} }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); grantType.revokeToken(token).should.be.an.instanceOf(Promise); }); @@ -482,13 +482,13 @@ describe('RefreshTokenGrantType integration', function() { describe('saveToken()', function() { it('should save the token', function() { - var token = {}; - var model = { + const token = {}; + const model = { getRefreshToken: function() {}, revokeToken: function() {}, saveToken: function() { return token; } }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); return grantType.saveToken(token) .then(function(data) { @@ -498,37 +498,37 @@ describe('RefreshTokenGrantType integration', function() { }); it('should support promises', function() { - var token = {}; - var model = { + const token = {}; + const model = { getRefreshToken: function() {}, revokeToken: function() {}, saveToken: function() { return Promise.resolve(token); } }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); grantType.saveToken(token).should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var token = {}; - var model = { + const token = {}; + const model = { getRefreshToken: function() {}, revokeToken: function() {}, saveToken: function() { return token; } }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); grantType.saveToken(token).should.be.an.instanceOf(Promise); }); it('should support callbacks', function() { - var token = {}; - var model = { + const token = {}; + const model = { getRefreshToken: function() {}, revokeToken: function() {}, saveToken: function(tokenToSave, client, user, callback) { callback(null, token); } }; - var grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); + const grantType = new RefreshTokenGrantType({ accessTokenLifetime: 123, model: model }); grantType.saveToken(token).should.be.an.instanceOf(Promise); }); diff --git a/test/integration/handlers/authenticate-handler_test.js b/test/integration/handlers/authenticate-handler_test.js index 1e98a62..3e0eefd 100644 --- a/test/integration/handlers/authenticate-handler_test.js +++ b/test/integration/handlers/authenticate-handler_test.js @@ -4,18 +4,18 @@ * Module dependencies. */ -var AccessDeniedError = require('../../../lib/errors/access-denied-error'); -var AuthenticateHandler = require('../../../lib/handlers/authenticate-handler'); -var InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); -var InvalidRequestError = require('../../../lib/errors/invalid-request-error'); -var InsufficientScopeError = require('../../../lib/errors/insufficient-scope-error'); -var InvalidTokenError = require('../../../lib/errors/invalid-token-error'); -var Promise = require('bluebird'); -var Request = require('../../../lib/request'); -var Response = require('../../../lib/response'); -var ServerError = require('../../../lib/errors/server-error'); -var UnauthorizedRequestError = require('../../../lib/errors/unauthorized-request-error'); -var should = require('chai').should(); +const AccessDeniedError = require('../../../lib/errors/access-denied-error'); +const AuthenticateHandler = require('../../../lib/handlers/authenticate-handler'); +const InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); +const InvalidRequestError = require('../../../lib/errors/invalid-request-error'); +const InsufficientScopeError = require('../../../lib/errors/insufficient-scope-error'); +const InvalidTokenError = require('../../../lib/errors/invalid-token-error'); +const Promise = require('bluebird'); +const Request = require('../../../lib/request'); +const Response = require('../../../lib/response'); +const ServerError = require('../../../lib/errors/server-error'); +const UnauthorizedRequestError = require('../../../lib/errors/unauthorized-request-error'); +const should = require('chai').should(); /** * Test `AuthenticateHandler` integration. @@ -79,18 +79,18 @@ describe('AuthenticateHandler integration', function() { }); it('should set the `model`', function() { - var model = { getAccessToken: function() {} }; - var grantType = new AuthenticateHandler({ model: model }); + const model = { getAccessToken: function() {} }; + const grantType = new AuthenticateHandler({ model: model }); grantType.model.should.equal(model); }); it('should set the `scope`', function() { - var model = { + const model = { getAccessToken: function() {}, verifyScope: function() {} }; - var grantType = new AuthenticateHandler({ + const grantType = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: true, model: model, @@ -103,7 +103,7 @@ describe('AuthenticateHandler integration', function() { describe('handle()', function() { it('should throw an error if `request` is missing', function() { - var handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); + const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); try { handler.handle(); @@ -116,14 +116,14 @@ describe('AuthenticateHandler integration', function() { }); it('should set the `WWW-Authenticate` header if an unauthorized request error is thrown', function() { - var model = { + const model = { getAccessToken: function() { throw new UnauthorizedRequestError(); } }; - var handler = new AuthenticateHandler({ model: model }); - var request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); - var response = new Response({ body: {}, headers: {} }); + const handler = new AuthenticateHandler({ model: model }); + const request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(should.fail) @@ -133,14 +133,14 @@ describe('AuthenticateHandler integration', function() { }); it('should throw the error if an oauth error is thrown', function() { - var model = { + const model = { getAccessToken: function() { throw new AccessDeniedError('Cannot request this access token'); } }; - var handler = new AuthenticateHandler({ model: model }); - var request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); - var response = new Response({ body: {}, headers: {} }); + const handler = new AuthenticateHandler({ model: model }); + const request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(should.fail) @@ -151,14 +151,14 @@ describe('AuthenticateHandler integration', function() { }); it('should throw a server error if a non-oauth error is thrown', function() { - var model = { + const model = { getAccessToken: function() { throw new Error('Unhandled exception'); } }; - var handler = new AuthenticateHandler({ model: model }); - var request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); - var response = new Response({ body: {}, headers: {} }); + const handler = new AuthenticateHandler({ model: model }); + const request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(should.fail) @@ -169,11 +169,11 @@ describe('AuthenticateHandler integration', function() { }); it('should return an access token', function() { - var accessToken = { + const accessToken = { user: {}, accessTokenExpiresAt: new Date(new Date().getTime() + 10000) }; - var model = { + const model = { getAccessToken: function() { return accessToken; }, @@ -181,14 +181,14 @@ describe('AuthenticateHandler integration', function() { return true; } }; - var handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: true, model: model, scope: 'foo' }); - var request = new Request({ + const handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: true, model: model, scope: 'foo' }); + const request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(function(data) { @@ -200,8 +200,8 @@ describe('AuthenticateHandler integration', function() { describe('getTokenFromRequest()', function() { it('should throw an error if more than one authentication method is used', function() { - var handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); - var request = new Request({ + const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); + const request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, @@ -219,8 +219,8 @@ describe('AuthenticateHandler integration', function() { }); it('should throw an error if `accessToken` is missing', function() { - var handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { handler.getTokenFromRequest(request); @@ -235,8 +235,8 @@ describe('AuthenticateHandler integration', function() { describe('getTokenFromRequestHeader()', function() { it('should throw an error if the token is malformed', function() { - var handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); - var request = new Request({ + const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); + const request = new Request({ body: {}, headers: { 'Authorization': 'foobar' @@ -256,8 +256,8 @@ describe('AuthenticateHandler integration', function() { }); it('should return the bearer token', function() { - var handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); - var request = new Request({ + const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); + const request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' @@ -266,7 +266,7 @@ describe('AuthenticateHandler integration', function() { query: {} }); - var bearerToken = handler.getTokenFromRequestHeader(request); + const bearerToken = handler.getTokenFromRequestHeader(request); bearerToken.should.equal('foo'); }); @@ -274,7 +274,7 @@ describe('AuthenticateHandler integration', function() { describe('getTokenFromRequestQuery()', function() { it('should throw an error if the query contains a token', function() { - var handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); + const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); try { handler.getTokenFromRequestQuery(); @@ -287,7 +287,7 @@ describe('AuthenticateHandler integration', function() { }); it('should return the bearer token if `allowBearerTokensInQueryString` is true', function() { - var handler = new AuthenticateHandler({ allowBearerTokensInQueryString: true, model: { getAccessToken: function() {} } }); + const handler = new AuthenticateHandler({ allowBearerTokensInQueryString: true, model: { getAccessToken: function() {} } }); handler.getTokenFromRequestQuery({ query: { access_token: 'foo' } }).should.equal('foo'); }); @@ -295,8 +295,8 @@ describe('AuthenticateHandler integration', function() { describe('getTokenFromRequestBody()', function() { it('should throw an error if the method is `GET`', function() { - var handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); - var request = new Request({ + const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); + const request = new Request({ body: { access_token: 'foo' }, headers: {}, method: 'GET', @@ -314,8 +314,8 @@ describe('AuthenticateHandler integration', function() { }); it('should throw an error if the media type is not `application/x-www-form-urlencoded`', function() { - var handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); - var request = new Request({ + const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); + const request = new Request({ body: { access_token: 'foo' }, headers: {}, method: {}, @@ -333,8 +333,8 @@ describe('AuthenticateHandler integration', function() { }); it('should return the bearer token', function() { - var handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); - var request = new Request({ + const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); + const request = new Request({ body: { access_token: 'foo' }, headers: { 'content-type': 'application/x-www-form-urlencoded', 'transfer-encoding': 'chunked' }, method: {}, @@ -347,10 +347,10 @@ describe('AuthenticateHandler integration', function() { describe('getAccessToken()', function() { it('should throw an error if `accessToken` is missing', function() { - var model = { + const model = { getAccessToken: function() {} }; - var handler = new AuthenticateHandler({ model: model }); + const handler = new AuthenticateHandler({ model: model }); return handler.getAccessToken('foo') .then(should.fail) @@ -361,12 +361,12 @@ describe('AuthenticateHandler integration', function() { }); it('should throw an error if `accessToken.user` is missing', function() { - var model = { + const model = { getAccessToken: function() { return {}; } }; - var handler = new AuthenticateHandler({ model: model }); + const handler = new AuthenticateHandler({ model: model }); return handler.getAccessToken('foo') .then(should.fail) @@ -377,13 +377,13 @@ describe('AuthenticateHandler integration', function() { }); it('should return an access token', function() { - var accessToken = { user: {} }; - var model = { + const accessToken = { user: {} }; + const model = { getAccessToken: function() { return accessToken; } }; - var handler = new AuthenticateHandler({ model: model }); + const handler = new AuthenticateHandler({ model: model }); return handler.getAccessToken('foo') .then(function(data) { @@ -393,34 +393,34 @@ describe('AuthenticateHandler integration', function() { }); it('should support promises', function() { - var model = { + const model = { getAccessToken: function() { return Promise.resolve({ user: {} }); } }; - var handler = new AuthenticateHandler({ model: model }); + const handler = new AuthenticateHandler({ model: model }); handler.getAccessToken('foo').should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var model = { + const model = { getAccessToken: function() { return { user: {} }; } }; - var handler = new AuthenticateHandler({ model: model }); + const handler = new AuthenticateHandler({ model: model }); handler.getAccessToken('foo').should.be.an.instanceOf(Promise); }); it('should support callbacks', function() { - var model = { + const model = { getAccessToken: function(token, callback) { callback(null, { user: {} }); } }; - var handler = new AuthenticateHandler({ model: model }); + const handler = new AuthenticateHandler({ model: model }); handler.getAccessToken('foo').should.be.an.instanceOf(Promise); }); @@ -428,8 +428,8 @@ describe('AuthenticateHandler integration', function() { describe('validateAccessToken()', function() { it('should throw an error if `accessToken` is expired', function() { - var accessToken = { accessTokenExpiresAt: new Date(new Date() / 2) }; - var handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); + const accessToken = { accessTokenExpiresAt: new Date(new Date() / 2) }; + const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); try { handler.validateAccessToken(accessToken); @@ -442,11 +442,11 @@ describe('AuthenticateHandler integration', function() { }); it('should return an access token', function() { - var accessToken = { + const accessToken = { user: {}, accessTokenExpiresAt: new Date(new Date().getTime() + 10000) }; - var handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); + const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); handler.validateAccessToken(accessToken).should.equal(accessToken); }); @@ -454,13 +454,13 @@ describe('AuthenticateHandler integration', function() { describe('verifyScope()', function() { it('should throw an error if `scope` is insufficient', function() { - var model = { + const model = { getAccessToken: function() {}, verifyScope: function() { return false; } }; - var handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: true, model: model, scope: 'foo' }); + const handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: true, model: model, scope: 'foo' }); return handler.verifyScope('foo') .then(should.fail) @@ -471,37 +471,37 @@ describe('AuthenticateHandler integration', function() { }); it('should support promises', function() { - var model = { + const model = { getAccessToken: function() {}, verifyScope: function() { return true; } }; - var handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: true, model: model, scope: 'foo' }); + const handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: true, model: model, scope: 'foo' }); handler.verifyScope('foo').should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var model = { + const model = { getAccessToken: function() {}, verifyScope: function() { return true; } }; - var handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: true, model: model, scope: 'foo' }); + const handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: true, model: model, scope: 'foo' }); handler.verifyScope('foo').should.be.an.instanceOf(Promise); }); it('should support callbacks', function() { - var model = { + const model = { getAccessToken: function() {}, verifyScope: function(token, scope, callback) { callback(null, true); } }; - var handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: true, model: model, scope: 'foo' }); + const handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: true, model: model, scope: 'foo' }); handler.verifyScope('foo').should.be.an.instanceOf(Promise); }); @@ -509,12 +509,12 @@ describe('AuthenticateHandler integration', function() { describe('updateResponse()', function() { it('should not set the `X-Accepted-OAuth-Scopes` header if `scope` is not specified', function() { - var model = { + const model = { getAccessToken: function() {}, verifyScope: function() {} }; - var handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: false, model: model }); - var response = new Response({ body: {}, headers: {} }); + const handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: false, model: model }); + const response = new Response({ body: {}, headers: {} }); handler.updateResponse(response, { scope: 'foo biz' }); @@ -522,12 +522,12 @@ describe('AuthenticateHandler integration', function() { }); it('should set the `X-Accepted-OAuth-Scopes` header if `scope` is specified', function() { - var model = { + const model = { getAccessToken: function() {}, verifyScope: function() {} }; - var handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: false, model: model, scope: 'foo bar' }); - var response = new Response({ body: {}, headers: {} }); + const handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: false, model: model, scope: 'foo bar' }); + const response = new Response({ body: {}, headers: {} }); handler.updateResponse(response, { scope: 'foo biz' }); @@ -535,12 +535,12 @@ describe('AuthenticateHandler integration', function() { }); it('should not set the `X-Authorized-OAuth-Scopes` header if `scope` is not specified', function() { - var model = { + const model = { getAccessToken: function() {}, verifyScope: function() {} }; - var handler = new AuthenticateHandler({ addAcceptedScopesHeader: false, addAuthorizedScopesHeader: true, model: model }); - var response = new Response({ body: {}, headers: {} }); + const handler = new AuthenticateHandler({ addAcceptedScopesHeader: false, addAuthorizedScopesHeader: true, model: model }); + const response = new Response({ body: {}, headers: {} }); handler.updateResponse(response, { scope: 'foo biz' }); @@ -548,12 +548,12 @@ describe('AuthenticateHandler integration', function() { }); it('should set the `X-Authorized-OAuth-Scopes` header', function() { - var model = { + const model = { getAccessToken: function() {}, verifyScope: function() {} }; - var handler = new AuthenticateHandler({ addAcceptedScopesHeader: false, addAuthorizedScopesHeader: true, model: model, scope: 'foo bar' }); - var response = new Response({ body: {}, headers: {} }); + const handler = new AuthenticateHandler({ addAcceptedScopesHeader: false, addAuthorizedScopesHeader: true, model: model, scope: 'foo bar' }); + const response = new Response({ body: {}, headers: {} }); handler.updateResponse(response, { scope: 'foo biz' }); diff --git a/test/integration/handlers/authorize-handler_test.js b/test/integration/handlers/authorize-handler_test.js index afe737e..49d2c0d 100644 --- a/test/integration/handlers/authorize-handler_test.js +++ b/test/integration/handlers/authorize-handler_test.js @@ -4,22 +4,22 @@ * Module dependencies. */ -var AccessDeniedError = require('../../../lib/errors/access-denied-error'); -var AuthenticateHandler = require('../../../lib/handlers/authenticate-handler'); -var AuthorizeHandler = require('../../../lib/handlers/authorize-handler'); -var CodeResponseType = require('../../../lib/response-types/code-response-type'); -var InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); -var InvalidClientError = require('../../../lib/errors/invalid-client-error'); -var InvalidRequestError = require('../../../lib/errors/invalid-request-error'); -var InvalidScopeError = require('../../../lib/errors/invalid-scope-error'); -var UnsupportedResponseTypeError = require('../../../lib/errors/unsupported-response-type-error'); -var Promise = require('bluebird'); -var Request = require('../../../lib/request'); -var Response = require('../../../lib/response'); -var ServerError = require('../../../lib/errors/server-error'); -var UnauthorizedClientError = require('../../../lib/errors/unauthorized-client-error'); -var should = require('chai').should(); -var url = require('url'); +const AccessDeniedError = require('../../../lib/errors/access-denied-error'); +const AuthenticateHandler = require('../../../lib/handlers/authenticate-handler'); +const AuthorizeHandler = require('../../../lib/handlers/authorize-handler'); +const CodeResponseType = require('../../../lib/response-types/code-response-type'); +const InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); +const InvalidClientError = require('../../../lib/errors/invalid-client-error'); +const InvalidRequestError = require('../../../lib/errors/invalid-request-error'); +const InvalidScopeError = require('../../../lib/errors/invalid-scope-error'); +const UnsupportedResponseTypeError = require('../../../lib/errors/unsupported-response-type-error'); +const Promise = require('bluebird'); +const Request = require('../../../lib/request'); +const Response = require('../../../lib/response'); +const ServerError = require('../../../lib/errors/server-error'); +const UnauthorizedClientError = require('../../../lib/errors/unauthorized-client-error'); +const should = require('chai').should(); +const url = require('url'); /** * Test `AuthorizeHandler` integration. @@ -72,7 +72,7 @@ describe('AuthorizeHandler integration', function() { }); it('should throw an error if the model does not implement `getAccessToken()`', function() { - var model = { + const model = { getClient: function() {}, saveAuthorizationCode: function() {} }; @@ -88,34 +88,34 @@ describe('AuthorizeHandler integration', function() { }); it('should set the `authorizationCodeLifetime`', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); handler.authorizationCodeLifetime.should.equal(120); }); it('should set the `authenticateHandler`', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); handler.authenticateHandler.should.be.an.instanceOf(AuthenticateHandler); }); it('should set the `model`', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); handler.model.should.equal(model); }); @@ -123,12 +123,12 @@ describe('AuthorizeHandler integration', function() { describe('handle()', function() { it('should throw an error if `request` is missing', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); try { handler.handle(); @@ -141,13 +141,13 @@ describe('AuthorizeHandler integration', function() { }); it('should throw an error if `response` is missing', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { handler.handle(request); @@ -160,14 +160,14 @@ describe('AuthorizeHandler integration', function() { }); it('should throw an error if `allowed` is `false`', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: { allowed: 'false' } }); - var response = new Response({ body: {}, headers: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: { allowed: 'false' } }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(should.fail) @@ -178,7 +178,7 @@ describe('AuthorizeHandler integration', function() { }); it('should redirect to an error response if a non-oauth error is thrown', function() { - var model = { + const model = { getAccessToken: function() { return { user: {}, @@ -192,8 +192,8 @@ describe('AuthorizeHandler integration', function() { throw new Error('Unhandled exception'); } }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, response_type: 'code' @@ -206,7 +206,7 @@ describe('AuthorizeHandler integration', function() { state: 'foobar' } }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(should.fail) @@ -216,7 +216,7 @@ describe('AuthorizeHandler integration', function() { }); it('should redirect to an error response if an oauth error is thrown', function() { - var model = { + const model = { getAccessToken: function() { return { user: {}, @@ -230,8 +230,8 @@ describe('AuthorizeHandler integration', function() { throw new AccessDeniedError('Cannot request this auth code'); } }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, response_type: 'code' @@ -244,7 +244,7 @@ describe('AuthorizeHandler integration', function() { state: 'foobar' } }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(should.fail) @@ -254,8 +254,8 @@ describe('AuthorizeHandler integration', function() { }); it('should redirect to a successful response with `code` and `state` if successful', function() { - var client = { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }; - var model = { + const client = { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }; + const model = { getAccessToken: function() { return { client: client, @@ -270,8 +270,8 @@ describe('AuthorizeHandler integration', function() { return { authorizationCode: 12345, client: client }; } }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, response_type: 'code' @@ -284,7 +284,7 @@ describe('AuthorizeHandler integration', function() { state: 'foobar' } }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(function() { @@ -294,7 +294,7 @@ describe('AuthorizeHandler integration', function() { }); it('should redirect to an error response if `scope` is invalid', function() { - var model = { + const model = { getAccessToken: function() { return { user: {}, @@ -308,8 +308,8 @@ describe('AuthorizeHandler integration', function() { return {}; } }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, response_type: 'code' @@ -323,7 +323,7 @@ describe('AuthorizeHandler integration', function() { state: 'foobar' } }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(should.fail) @@ -333,8 +333,8 @@ describe('AuthorizeHandler integration', function() { }); it('should redirect to a successful response if `model.validateScope` is not defined', function() { - var client = { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }; - var model = { + const client = { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }; + const model = { getAccessToken: function() { return { client: client, @@ -349,8 +349,8 @@ describe('AuthorizeHandler integration', function() { return { authorizationCode: 12345, client: client }; } }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, response_type: 'code' @@ -364,7 +364,7 @@ describe('AuthorizeHandler integration', function() { state: 'foobar' } }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(function(data) { @@ -377,8 +377,8 @@ describe('AuthorizeHandler integration', function() { }); it('should redirect to an error response if `scope` is insufficient', function() { - var client = { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }; - var model = { + const client = { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }; + const model = { getAccessToken: function() { return { client: client, @@ -396,8 +396,8 @@ describe('AuthorizeHandler integration', function() { return false; } }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, response_type: 'code' @@ -411,7 +411,7 @@ describe('AuthorizeHandler integration', function() { state: 'foobar' } }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(should.fail) @@ -421,7 +421,7 @@ describe('AuthorizeHandler integration', function() { }); it('should redirect to an error response if `state` is missing', function() { - var model = { + const model = { getAccessToken: function() { return { user: {}, @@ -435,8 +435,8 @@ describe('AuthorizeHandler integration', function() { throw new AccessDeniedError('Cannot request this auth code'); } }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, response_type: 'code' @@ -447,7 +447,7 @@ describe('AuthorizeHandler integration', function() { method: {}, query: {} }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(should.fail) @@ -457,7 +457,7 @@ describe('AuthorizeHandler integration', function() { }); it('should redirect to an error response if `response_type` is invalid', function() { - var model = { + const model = { getAccessToken: function() { return { user: {}, @@ -471,8 +471,8 @@ describe('AuthorizeHandler integration', function() { return { authorizationCode: 12345, client: {} }; } }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, response_type: 'test' @@ -485,7 +485,7 @@ describe('AuthorizeHandler integration', function() { state: 'foobar' } }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(should.fail) @@ -495,7 +495,7 @@ describe('AuthorizeHandler integration', function() { }); it('should fail on invalid `response_type` before calling model.saveAuthorizationCode()', function() { - var model = { + const model = { getAccessToken: function() { return { user: {}, @@ -509,8 +509,8 @@ describe('AuthorizeHandler integration', function() { throw new Error('must not be reached'); } }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, response_type: 'test' @@ -523,7 +523,7 @@ describe('AuthorizeHandler integration', function() { state: 'foobar' } }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(should.fail) @@ -533,8 +533,8 @@ describe('AuthorizeHandler integration', function() { }); it('should return the `code` if successful', function() { - var client = { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }; - var model = { + const client = { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }; + const model = { getAccessToken: function() { return { client: client, @@ -549,8 +549,8 @@ describe('AuthorizeHandler integration', function() { return { authorizationCode: 12345, client: client }; } }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, response_type: 'code' @@ -563,7 +563,7 @@ describe('AuthorizeHandler integration', function() { state: 'foobar' } }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(function(data) { @@ -578,12 +578,12 @@ describe('AuthorizeHandler integration', function() { describe('generateAuthorizationCode()', function() { it('should return an auth code', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); return handler.generateAuthorizationCode() .then(function(data) { @@ -593,7 +593,7 @@ describe('AuthorizeHandler integration', function() { }); it('should support promises', function() { - var model = { + const model = { generateAuthorizationCode: function() { return Promise.resolve({}); }, @@ -601,13 +601,13 @@ describe('AuthorizeHandler integration', function() { getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); handler.generateAuthorizationCode().should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var model = { + const model = { generateAuthorizationCode: function() { return {}; }, @@ -615,7 +615,7 @@ describe('AuthorizeHandler integration', function() { getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); handler.generateAuthorizationCode().should.be.an.instanceOf(Promise); }); @@ -623,12 +623,12 @@ describe('AuthorizeHandler integration', function() { describe('getAuthorizationCodeLifetime()', function() { it('should return a date', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); handler.getAuthorizationCodeLifetime().should.be.an.instanceOf(Date); }); @@ -636,13 +636,13 @@ describe('AuthorizeHandler integration', function() { describe('getClient()', function() { it('should throw an error if `client_id` is missing', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: { response_type: 'code' }, headers: {}, method: {}, query: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { response_type: 'code' }, headers: {}, method: {}, query: {} }); try { handler.getClient(request); @@ -655,13 +655,13 @@ describe('AuthorizeHandler integration', function() { }); it('should throw an error if `client_id` is invalid', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: { client_id: 'ø倣‰', response_type: 'code' }, headers: {}, method: {}, query: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 'ø倣‰', response_type: 'code' }, headers: {}, method: {}, query: {} }); try { handler.getClient(request); @@ -674,13 +674,13 @@ describe('AuthorizeHandler integration', function() { }); it('should throw an error if `client.redirectUri` is invalid', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: { client_id: 12345, response_type: 'code', redirect_uri: 'foobar' }, headers: {}, method: {}, query: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, response_type: 'code', redirect_uri: 'foobar' }, headers: {}, method: {}, query: {} }); try { handler.getClient(request); @@ -693,13 +693,13 @@ describe('AuthorizeHandler integration', function() { }); it('should throw an error if `client` is missing', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: { client_id: 12345, response_type: 'code' }, headers: {}, method: {}, query: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, response_type: 'code' }, headers: {}, method: {}, query: {} }); return handler.getClient(request) .then(should.fail) @@ -710,15 +710,15 @@ describe('AuthorizeHandler integration', function() { }); it('should throw an error if `client.grants` is missing', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() { return {}; }, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: { client_id: 12345, response_type: 'code' }, headers: {}, method: {}, query: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, response_type: 'code' }, headers: {}, method: {}, query: {} }); return handler.getClient(request) .then(should.fail) @@ -729,15 +729,15 @@ describe('AuthorizeHandler integration', function() { }); it('should throw an error if `client` is unauthorized', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() { return { grants: [] }; }, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: { client_id: 12345, response_type: 'code' }, headers: {}, method: {}, query: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, response_type: 'code' }, headers: {}, method: {}, query: {} }); return handler.getClient(request) .then(should.fail) @@ -748,13 +748,13 @@ describe('AuthorizeHandler integration', function() { }); it('should throw an error if `client.redirectUri` is missing', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() { return { grants: ['authorization_code'] }; }, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: { client_id: 12345, response_type: 'code' }, headers: {}, method: {}, query: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, response_type: 'code' }, headers: {}, method: {}, query: {} }); return handler.getClient(request) .then(should.fail) @@ -765,15 +765,15 @@ describe('AuthorizeHandler integration', function() { }); it('should throw an error if `client.redirectUri` is not equal to `redirectUri`', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() { return { grants: ['authorization_code'], redirectUris: ['https://example.com'] }; }, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: { client_id: 12345, response_type: 'code', redirect_uri: 'https://foobar.com' }, headers: {}, method: {}, query: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, response_type: 'code', redirect_uri: 'https://foobar.com' }, headers: {}, method: {}, query: {} }); return handler.getClient(request) .then(should.fail) @@ -784,15 +784,15 @@ describe('AuthorizeHandler integration', function() { }); it('should support promises', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() { return Promise.resolve({ grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }); }, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345 }, headers: {}, method: {}, @@ -803,15 +803,15 @@ describe('AuthorizeHandler integration', function() { }); it('should support non-promises', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() { return { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }; }, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345 }, headers: {}, method: {}, @@ -822,7 +822,7 @@ describe('AuthorizeHandler integration', function() { }); it('should support callbacks', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function(clientId, clientSecret, callback) { should.equal(clientSecret, null); @@ -830,8 +830,8 @@ describe('AuthorizeHandler integration', function() { }, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345 }, headers: {}, method: {}, @@ -843,16 +843,16 @@ describe('AuthorizeHandler integration', function() { describe('with `client_id` in the request query', function() { it('should return a client', function() { - var client = { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }; - var model = { + const client = { grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }; + const model = { getAccessToken: function() {}, getClient: function() { return client; }, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: { response_type: 'code' }, headers: {}, method: {}, query: { client_id: 12345 } }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { response_type: 'code' }, headers: {}, method: {}, query: { client_id: 12345 } }); return handler.getClient(request) .then(function(data) { @@ -865,13 +865,13 @@ describe('AuthorizeHandler integration', function() { describe('getScope()', function() { it('should throw an error if `scope` is invalid', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: { scope: 'ø倣‰' }, headers: {}, method: {}, query: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { scope: 'ø倣‰' }, headers: {}, method: {}, query: {} }); try { handler.getScope(request); @@ -885,13 +885,13 @@ describe('AuthorizeHandler integration', function() { describe('with `scope` in the request body', function() { it('should return the scope', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: { scope: 'foo' }, headers: {}, method: {}, query: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { scope: 'foo' }, headers: {}, method: {}, query: {} }); handler.getScope(request).should.equal('foo'); }); @@ -899,13 +899,13 @@ describe('AuthorizeHandler integration', function() { describe('with `scope` in the request query', function() { it('should return the scope', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: { scope: 'foo' } }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: { scope: 'foo' } }); handler.getScope(request).should.equal('foo'); }); @@ -914,13 +914,13 @@ describe('AuthorizeHandler integration', function() { describe('getState()', function() { it('should throw an error if `allowEmptyState` is false and `state` is missing', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ allowEmptyState: false, authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const handler = new AuthorizeHandler({ allowEmptyState: false, authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { handler.getState(request); @@ -933,13 +933,13 @@ describe('AuthorizeHandler integration', function() { }); it('should throw an error if `state` is invalid', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: { state: 'ø倣‰' } }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: { state: 'ø倣‰' } }); try { handler.getState(request); @@ -953,13 +953,13 @@ describe('AuthorizeHandler integration', function() { describe('with `state` in the request body', function() { it('should return the state', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: { state: 'foobar' }, headers: {}, method: {}, query: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { state: 'foobar' }, headers: {}, method: {}, query: {} }); handler.getState(request).should.equal('foobar'); }); @@ -967,13 +967,13 @@ describe('AuthorizeHandler integration', function() { describe('with `state` in the request query', function() { it('should return the state', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: { state: 'foobar' } }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: { state: 'foobar' } }); handler.getState(request).should.equal('foobar'); }); @@ -982,14 +982,14 @@ describe('AuthorizeHandler integration', function() { describe('getUser()', function() { it('should throw an error if `user` is missing', function() { - var authenticateHandler = { handle: function() {} }; - var model = { + const authenticateHandler = { handle: function() {} }; + const model = { getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authenticateHandler: authenticateHandler, authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); - var response = new Response(); + const handler = new AuthorizeHandler({ authenticateHandler: authenticateHandler, authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const response = new Response(); return handler.getUser(request, response) .then(should.fail) @@ -1000,8 +1000,8 @@ describe('AuthorizeHandler integration', function() { }); it('should return a user', function() { - var user = {}; - var model = { + const user = {}; + const model = { getAccessToken: function() { return { user: user, @@ -1011,9 +1011,9 @@ describe('AuthorizeHandler integration', function() { getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); - var response = new Response({ body: {}, headers: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.getUser(request, response) .then(function(data) { @@ -1025,15 +1025,15 @@ describe('AuthorizeHandler integration', function() { describe('saveAuthorizationCode()', function() { it('should return an auth code', function() { - var authorizationCode = {}; - var model = { + const authorizationCode = {}; + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() { return authorizationCode; } }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); return handler.saveAuthorizationCode('foo', 'bar', 'biz', 'baz') .then(function(data) { @@ -1043,40 +1043,40 @@ describe('AuthorizeHandler integration', function() { }); it('should support promises when calling `model.saveAuthorizationCode()`', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() { return Promise.resolve({}); } }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); handler.saveAuthorizationCode('foo', 'bar', 'biz', 'baz').should.be.an.instanceOf(Promise); }); it('should support non-promises when calling `model.saveAuthorizationCode()`', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() { return {}; } }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); handler.saveAuthorizationCode('foo', 'bar', 'biz', 'baz').should.be.an.instanceOf(Promise); }); it('should support callbacks when calling `model.saveAuthorizationCode()`', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function(code, client, user, callback) { return callback(null, true); } }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); handler.saveAuthorizationCode('foo', 'bar', 'biz', 'baz').should.be.an.instanceOf(Promise); }); @@ -1084,13 +1084,13 @@ describe('AuthorizeHandler integration', function() { describe('getResponseType()', function() { it('should throw an error if `response_type` is missing', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { handler.getResponseType(request); @@ -1103,13 +1103,13 @@ describe('AuthorizeHandler integration', function() { }); it('should throw an error if `response_type` is not `code`', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: { response_type: 'foobar' }, headers: {}, method: {}, query: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { response_type: 'foobar' }, headers: {}, method: {}, query: {} }); try { handler.getResponseType(request); @@ -1123,14 +1123,14 @@ describe('AuthorizeHandler integration', function() { describe('with `response_type` in the request body', function() { it('should return a response type', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: { response_type: 'code' }, headers: {}, method: {}, query: {} }); - var ResponseType = handler.getResponseType(request); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { response_type: 'code' }, headers: {}, method: {}, query: {} }); + const ResponseType = handler.getResponseType(request); ResponseType.should.equal(CodeResponseType); }); @@ -1138,14 +1138,14 @@ describe('AuthorizeHandler integration', function() { describe('with `response_type` in the request query', function() { it('should return a response type', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: { response_type: 'code' } }); - var ResponseType = handler.getResponseType(request); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: { response_type: 'code' } }); + const ResponseType = handler.getResponseType(request); ResponseType.should.equal(CodeResponseType); }); @@ -1154,14 +1154,14 @@ describe('AuthorizeHandler integration', function() { describe('buildSuccessRedirectUri()', function() { it('should return a redirect uri', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var responseType = new CodeResponseType(12345); - var redirectUri = handler.buildSuccessRedirectUri('http://example.com/cb', responseType); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const responseType = new CodeResponseType(12345); + const redirectUri = handler.buildSuccessRedirectUri('http://example.com/cb', responseType); url.format(redirectUri).should.equal('http://example.com/cb?code=12345'); }); @@ -1169,27 +1169,27 @@ describe('AuthorizeHandler integration', function() { describe('buildErrorRedirectUri()', function() { it('should set `error_description` if available', function() { - var error = new InvalidClientError('foo bar'); - var model = { + const error = new InvalidClientError('foo bar'); + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var redirectUri = handler.buildErrorRedirectUri('http://example.com/cb', error); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const redirectUri = handler.buildErrorRedirectUri('http://example.com/cb', error); url.format(redirectUri).should.equal('http://example.com/cb?error=invalid_client&error_description=foo%20bar'); }); it('should return a redirect uri', function() { - var error = new InvalidClientError(); - var model = { + const error = new InvalidClientError(); + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var redirectUri = handler.buildErrorRedirectUri('http://example.com/cb', error); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const redirectUri = handler.buildErrorRedirectUri('http://example.com/cb', error); url.format(redirectUri).should.equal('http://example.com/cb?error=invalid_client&error_description=Bad%20Request'); }); @@ -1197,14 +1197,14 @@ describe('AuthorizeHandler integration', function() { describe('updateResponse()', function() { it('should set the `location` header', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var response = new Response({ body: {}, headers: {} }); - var uri = url.parse('http://example.com/cb'); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const response = new Response({ body: {}, headers: {} }); + const uri = url.parse('http://example.com/cb'); handler.updateResponse(response, uri, 'foobar'); diff --git a/test/integration/handlers/token-handler_test.js b/test/integration/handlers/token-handler_test.js index 19b69b5..41ec524 100644 --- a/test/integration/handlers/token-handler_test.js +++ b/test/integration/handlers/token-handler_test.js @@ -4,22 +4,22 @@ * Module dependencies. */ -var AccessDeniedError = require('../../../lib/errors/access-denied-error'); -var BearerTokenType = require('../../../lib/token-types/bearer-token-type'); -var InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); -var InvalidClientError = require('../../../lib/errors/invalid-client-error'); -var InvalidGrantError = require('../../../lib/errors/invalid-grant-error'); -var InvalidRequestError = require('../../../lib/errors/invalid-request-error'); -var PasswordGrantType = require('../../../lib/grant-types/password-grant-type'); -var Promise = require('bluebird'); -var Request = require('../../../lib/request'); -var Response = require('../../../lib/response'); -var ServerError = require('../../../lib/errors/server-error'); -var TokenHandler = require('../../../lib/handlers/token-handler'); -var UnauthorizedClientError = require('../../../lib/errors/unauthorized-client-error'); -var UnsupportedGrantTypeError = require('../../../lib/errors/unsupported-grant-type-error'); -var should = require('chai').should(); -var util = require('util'); +const AccessDeniedError = require('../../../lib/errors/access-denied-error'); +const BearerTokenType = require('../../../lib/token-types/bearer-token-type'); +const InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); +const InvalidClientError = require('../../../lib/errors/invalid-client-error'); +const InvalidGrantError = require('../../../lib/errors/invalid-grant-error'); +const InvalidRequestError = require('../../../lib/errors/invalid-request-error'); +const PasswordGrantType = require('../../../lib/grant-types/password-grant-type'); +const Promise = require('bluebird'); +const Request = require('../../../lib/request'); +const Response = require('../../../lib/response'); +const ServerError = require('../../../lib/errors/server-error'); +const TokenHandler = require('../../../lib/handlers/token-handler'); +const UnauthorizedClientError = require('../../../lib/errors/unauthorized-client-error'); +const UnsupportedGrantTypeError = require('../../../lib/errors/unsupported-grant-type-error'); +const should = require('chai').should(); +const util = require('util'); /** * Test `TokenHandler` integration. @@ -72,75 +72,75 @@ describe('TokenHandler integration', function() { }); it('should set the `accessTokenLifetime`', function() { - var accessTokenLifetime = {}; - var model = { + const accessTokenLifetime = {}; + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: accessTokenLifetime, model: model, refreshTokenLifetime: 120 }); + const handler = new TokenHandler({ accessTokenLifetime: accessTokenLifetime, model: model, refreshTokenLifetime: 120 }); handler.accessTokenLifetime.should.equal(accessTokenLifetime); }); it('should set the `alwaysIssueNewRefreshToken`', function() { - var alwaysIssueNewRefreshToken = true; - var model = { + const alwaysIssueNewRefreshToken = true; + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 123, model: model, refreshTokenLifetime: 120, alwaysIssueNewRefreshToken: alwaysIssueNewRefreshToken }); + const handler = new TokenHandler({ accessTokenLifetime: 123, model: model, refreshTokenLifetime: 120, alwaysIssueNewRefreshToken: alwaysIssueNewRefreshToken }); handler.alwaysIssueNewRefreshToken.should.equal(alwaysIssueNewRefreshToken); }); it('should set the `alwaysIssueNewRefreshToken` to false', function() { - var alwaysIssueNewRefreshToken = false; - var model = { + const alwaysIssueNewRefreshToken = false; + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 123, model: model, refreshTokenLifetime: 120, alwaysIssueNewRefreshToken: alwaysIssueNewRefreshToken }); + const handler = new TokenHandler({ accessTokenLifetime: 123, model: model, refreshTokenLifetime: 120, alwaysIssueNewRefreshToken: alwaysIssueNewRefreshToken }); handler.alwaysIssueNewRefreshToken.should.equal(alwaysIssueNewRefreshToken); }); it('should return the default `alwaysIssueNewRefreshToken` value', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 123, model: model, refreshTokenLifetime: 120 }); + const handler = new TokenHandler({ accessTokenLifetime: 123, model: model, refreshTokenLifetime: 120 }); handler.alwaysIssueNewRefreshToken.should.equal(true); }); it('should set the `extendedGrantTypes`', function() { - var extendedGrantTypes = { foo: 'bar' }; - var model = { + const extendedGrantTypes = { foo: 'bar' }; + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, extendedGrantTypes: extendedGrantTypes, model: model, refreshTokenLifetime: 120 }); + const handler = new TokenHandler({ accessTokenLifetime: 120, extendedGrantTypes: extendedGrantTypes, model: model, refreshTokenLifetime: 120 }); handler.grantTypes.should.deep.include(extendedGrantTypes); }); it('should set the `model`', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); handler.model.should.equal(model); }); it('should set the `refreshTokenLifetime`', function() { - var refreshTokenLifetime = {}; - var model = { + const refreshTokenLifetime = {}; + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: refreshTokenLifetime }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: refreshTokenLifetime }); handler.refreshTokenLifetime.should.equal(refreshTokenLifetime); }); @@ -148,11 +148,11 @@ describe('TokenHandler integration', function() { describe('handle()', function() { it('should throw an error if `request` is missing', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); try { handler.handle(); @@ -165,12 +165,12 @@ describe('TokenHandler integration', function() { }); it('should throw an error if `response` is missing', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { handler.handle(request); @@ -183,13 +183,13 @@ describe('TokenHandler integration', function() { }); it('should throw an error if the method is not `POST`', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: {}, headers: {}, method: 'GET', query: {} }); - var response = new Response({ body: {}, headers: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: {}, headers: {}, method: 'GET', query: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(should.fail) @@ -200,13 +200,13 @@ describe('TokenHandler integration', function() { }); it('should throw an error if the media type is not `application/x-www-form-urlencoded`', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: {}, headers: {}, method: 'POST', query: {} }); - var response = new Response({ body: {}, headers: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: {}, headers: {}, method: 'POST', query: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(should.fail) @@ -217,13 +217,13 @@ describe('TokenHandler integration', function() { }); it('should throw the error if an oauth error is thrown', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: {}, headers: { 'content-type': 'application/x-www-form-urlencoded', 'transfer-encoding': 'chunked' }, method: 'POST', query: {} }); - var response = new Response({ body: {}, headers: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: {}, headers: { 'content-type': 'application/x-www-form-urlencoded', 'transfer-encoding': 'chunked' }, method: 'POST', query: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(should.fail) @@ -234,15 +234,15 @@ describe('TokenHandler integration', function() { }); it('should throw a server error if a non-oauth error is thrown', function() { - var model = { + const model = { getClient: function() { throw new Error('Unhandled exception'); }, getUser: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 12345, client_secret: 'secret', @@ -254,7 +254,7 @@ describe('TokenHandler integration', function() { method: 'POST', query: {} }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(should.fail) @@ -266,15 +266,15 @@ describe('TokenHandler integration', function() { }); it('should update the response if an error is thrown', function() { - var model = { + const model = { getClient: function() { throw new Error('Unhandled exception'); }, getUser: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 12345, client_secret: 'secret', @@ -286,7 +286,7 @@ describe('TokenHandler integration', function() { method: 'POST', query: {} }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(should.fail) @@ -297,15 +297,15 @@ describe('TokenHandler integration', function() { }); it('should return a bearer token if successful', function() { - var token = { accessToken: 'foo', client: {}, refreshToken: 'bar', scope: 'foobar', user: {} }; - var model = { + const token = { accessToken: 'foo', client: {}, refreshToken: 'bar', scope: 'foobar', user: {} }; + const model = { getClient: function() { return { grants: ['password'] }; }, getUser: function() { return {}; }, saveToken: function() { return token; }, validateScope: function() { return 'baz'; } }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 12345, client_secret: 'secret', @@ -318,7 +318,7 @@ describe('TokenHandler integration', function() { method: 'POST', query: {} }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(function(data) { @@ -328,15 +328,15 @@ describe('TokenHandler integration', function() { }); it('should not return custom attributes in a bearer token if the allowExtendedTokenAttributes is not set', function() { - var token = { accessToken: 'foo', client: {}, refreshToken: 'bar', scope: 'foobar', user: {}, foo: 'bar' }; - var model = { + const token = { accessToken: 'foo', client: {}, refreshToken: 'bar', scope: 'foobar', user: {}, foo: 'bar' }; + const model = { getClient: function() { return { grants: ['password'] }; }, getUser: function() { return {}; }, saveToken: function() { return token; }, validateScope: function() { return 'baz'; } }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 12345, client_secret: 'secret', @@ -349,7 +349,7 @@ describe('TokenHandler integration', function() { method: 'POST', query: {} }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(function() { @@ -363,15 +363,15 @@ describe('TokenHandler integration', function() { }); it('should return custom attributes in a bearer token if the allowExtendedTokenAttributes is set', function() { - var token = { accessToken: 'foo', client: {}, refreshToken: 'bar', scope: 'foobar', user: {}, foo: 'bar' }; - var model = { + const token = { accessToken: 'foo', client: {}, refreshToken: 'bar', scope: 'foobar', user: {}, foo: 'bar' }; + const model = { getClient: function() { return { grants: ['password'] }; }, getUser: function() { return {}; }, saveToken: function() { return token; }, validateScope: function() { return 'baz'; } }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120, allowExtendedTokenAttributes: true }); - var request = new Request({ + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120, allowExtendedTokenAttributes: true }); + const request = new Request({ body: { client_id: 12345, client_secret: 'secret', @@ -384,7 +384,7 @@ describe('TokenHandler integration', function() { method: 'POST', query: {} }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.handle(request, response) .then(function() { @@ -401,12 +401,12 @@ describe('TokenHandler integration', function() { describe('getClient()', function() { it('should throw an error if `clientId` is invalid', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { client_id: 'ø倣‰', client_secret: 'foo' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 'ø倣‰', client_secret: 'foo' }, headers: {}, method: {}, query: {} }); try { handler.getClient(request); @@ -419,12 +419,12 @@ describe('TokenHandler integration', function() { }); it('should throw an error if `clientSecret` is invalid', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { client_id: 'foo', client_secret: 'ø倣‰' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 'foo', client_secret: 'ø倣‰' }, headers: {}, method: {}, query: {} }); try { handler.getClient(request); @@ -437,12 +437,12 @@ describe('TokenHandler integration', function() { }); it('should throw an error if `client` is missing', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); return handler.getClient(request) .then(should.fail) @@ -453,12 +453,12 @@ describe('TokenHandler integration', function() { }); it('should throw an error if `client.grants` is missing', function() { - var model = { + const model = { getClient: function() { return {}; }, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); return handler.getClient(request) .then(should.fail) @@ -469,12 +469,12 @@ describe('TokenHandler integration', function() { }); it('should throw an error if `client.grants` is invalid', function() { - var model = { + const model = { getClient: function() { return { grants: 'foobar' }; }, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); return handler.getClient(request) .then(should.fail) @@ -485,18 +485,18 @@ describe('TokenHandler integration', function() { }); it('should throw a 401 error if the client is invalid and the request contains an authorization header', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: {}, headers: { 'authorization': util.format('Basic %s', Buffer.from('foo:bar').toString('base64')) }, method: {}, query: {} }); - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); return handler.getClient(request, response) .then(should.fail) @@ -510,13 +510,13 @@ describe('TokenHandler integration', function() { }); it('should return a client', function() { - var client = { id: 12345, grants: [] }; - var model = { + const client = { id: 12345, grants: [] }; + const model = { getClient: function() { return client; }, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); return handler.getClient(request) .then(function(data) { @@ -528,13 +528,13 @@ describe('TokenHandler integration', function() { describe('with `password` grant type and `requireClientAuthentication` is false', function() { it('should return a client ', function() { - var client = { id: 12345, grants: [] }; - var model = { + const client = { id: 12345, grants: [] }; + const model = { getClient: function() { return client; }, saveToken: function() {} }; - var handler = new TokenHandler({ + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120, @@ -542,7 +542,7 @@ describe('TokenHandler integration', function() { password: false } }); - var request = new Request({ body: { client_id: 'blah', grant_type: 'password'}, headers: {}, method: {}, query: {} }); + const request = new Request({ body: { client_id: 'blah', grant_type: 'password'}, headers: {}, method: {}, query: {} }); return handler.getClient(request) .then(function(data) { @@ -555,13 +555,13 @@ describe('TokenHandler integration', function() { describe('with `password` grant type and `requireClientAuthentication` is false and Authorization header', function() { it('should return a client ', function() { - var client = { id: 12345, grants: [] }; - var model = { + const client = { id: 12345, grants: [] }; + const model = { getClient: function() { return client; }, saveToken: function() {} }; - var handler = new TokenHandler({ + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120, @@ -569,7 +569,7 @@ describe('TokenHandler integration', function() { password: false } }); - var request = new Request({ + const request = new Request({ body: { grant_type: 'password'}, headers: { 'authorization': util.format('Basic %s', Buffer.from('blah:').toString('base64')) }, method: {}, @@ -585,34 +585,34 @@ describe('TokenHandler integration', function() { }); it('should support promises', function() { - var model = { + const model = { getClient: function() { return Promise.resolve({ grants: [] }); }, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); handler.getClient(request).should.be.an.instanceOf(Promise); }); it('should support non-promises', function() { - var model = { + const model = { getClient: function() { return { grants: [] }; }, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); handler.getClient(request).should.be.an.instanceOf(Promise); }); it('should support callbacks', function() { - var model = { + const model = { getClient: function(clientId, clientSecret, callback) { callback(null, { grants: [] }); }, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); handler.getClient(request).should.be.an.instanceOf(Promise); }); @@ -620,12 +620,12 @@ describe('TokenHandler integration', function() { describe('getClientCredentials()', function() { it('should throw an error if `client_id` is missing', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { client_secret: 'foo' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_secret: 'foo' }, headers: {}, method: {}, query: {} }); try { handler.getClientCredentials(request); @@ -638,12 +638,12 @@ describe('TokenHandler integration', function() { }); it('should throw an error if `client_secret` is missing', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { client_id: 'foo' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 'foo' }, headers: {}, method: {}, query: {} }); try { handler.getClientCredentials(request); @@ -657,13 +657,13 @@ describe('TokenHandler integration', function() { describe('with `client_id` and grant type is `password` and `requireClientAuthentication` is false', function() { it('should return a client', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120, requireClientAuthentication: { password: false} }); - var request = new Request({ body: { client_id: 'foo', grant_type: 'password' }, headers: {}, method: {}, query: {} }); - var credentials = handler.getClientCredentials(request); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120, requireClientAuthentication: { password: false} }); + const request = new Request({ body: { client_id: 'foo', grant_type: 'password' }, headers: {}, method: {}, query: {} }); + const credentials = handler.getClientCredentials(request); credentials.should.eql({ clientId: 'foo' }); }); @@ -671,12 +671,12 @@ describe('TokenHandler integration', function() { describe('with `client_id` and `client_secret` in the request header as basic auth', function() { it('should return a client', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: {}, headers: { 'authorization': util.format('Basic %s', Buffer.from('foo:bar').toString('base64')) @@ -684,7 +684,7 @@ describe('TokenHandler integration', function() { method: {}, query: {} }); - var credentials = handler.getClientCredentials(request); + const credentials = handler.getClientCredentials(request); credentials.should.eql({ clientId: 'foo', clientSecret: 'bar' }); }); @@ -692,13 +692,13 @@ describe('TokenHandler integration', function() { describe('with `client_id` and `client_secret` in the request body', function() { it('should return a client', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { client_id: 'foo', client_secret: 'bar' }, headers: {}, method: {}, query: {} }); - var credentials = handler.getClientCredentials(request); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 'foo', client_secret: 'bar' }, headers: {}, method: {}, query: {} }); + const credentials = handler.getClientCredentials(request); credentials.should.eql({ clientId: 'foo', clientSecret: 'bar' }); }); @@ -707,12 +707,12 @@ describe('TokenHandler integration', function() { describe('handleGrantType()', function() { it('should throw an error if `grant_type` is missing', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); try { handler.handleGrantType(request); @@ -725,12 +725,12 @@ describe('TokenHandler integration', function() { }); it('should throw an error if `grant_type` is invalid', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { grant_type: '~foo~' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { grant_type: '~foo~' }, headers: {}, method: {}, query: {} }); try { handler.handleGrantType(request); @@ -743,12 +743,12 @@ describe('TokenHandler integration', function() { }); it('should throw an error if `grant_type` is unsupported', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { grant_type: 'foobar' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { grant_type: 'foobar' }, headers: {}, method: {}, query: {} }); try { handler.handleGrantType(request); @@ -761,13 +761,13 @@ describe('TokenHandler integration', function() { }); it('should throw an error if `grant_type` is unauthorized', function() { - var client = { grants: ['client_credentials'] }; - var model = { + const client = { grants: ['client_credentials'] }; + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { grant_type: 'password' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { grant_type: 'password' }, headers: {}, method: {}, query: {} }); try { handler.handleGrantType(request, client); @@ -780,14 +780,14 @@ describe('TokenHandler integration', function() { }); it('should throw an invalid grant error if a non-oauth error is thrown', function() { - var client = { grants: ['password'] }; - var model = { + const client = { grants: ['password'] }; + const model = { getClient: function(clientId, password, callback) { callback(null, client); }, getUser: function(uid, pwd, callback) { callback(); }, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { grant_type: 'password', username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { grant_type: 'password', username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); return handler.handleGrantType(request, client) .then(should.fail) @@ -799,17 +799,17 @@ describe('TokenHandler integration', function() { describe('with grant_type `authorization_code`', function() { it('should return a token', function() { - var client = { id: 'foobar', grants: ['authorization_code'] }; - var token = {}; - var model = { + const client = { id: 'foobar', grants: ['authorization_code'] }; + const token = {}; + const model = { getAuthorizationCode: function() { return { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() * 2), user: {} }; }, getClient: function() {}, saveToken: function() { return token; }, validateScope: function() { return 'foo'; }, revokeAuthorizationCode: function() { return { authorizationCode: 12345, client: { id: 'foobar' }, expiresAt: new Date(new Date() / 2), user: {} }; } }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { code: 12345, grant_type: 'authorization_code' @@ -829,16 +829,16 @@ describe('TokenHandler integration', function() { describe('with grant_type `client_credentials`', function() { it('should return a token', function() { - var client = { grants: ['client_credentials'] }; - var token = {}; - var model = { + const client = { grants: ['client_credentials'] }; + const token = {}; + const model = { getClient: function() {}, getUserFromClient: function() { return {}; }, saveToken: function() { return token; }, validateScope: function() { return 'foo'; } }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { grant_type: 'client_credentials', scope: 'foo' @@ -858,16 +858,16 @@ describe('TokenHandler integration', function() { describe('with grant_type `password`', function() { it('should return a token', function() { - var client = { grants: ['password'] }; - var token = {}; - var model = { + const client = { grants: ['password'] }; + const token = {}; + const model = { getClient: function() {}, getUser: function() { return {}; }, saveToken: function() { return token; }, validateScope: function() { return 'baz'; } }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 12345, client_secret: 'secret', @@ -891,16 +891,16 @@ describe('TokenHandler integration', function() { describe('with grant_type `refresh_token`', function() { it('should return a token', function() { - var client = { grants: ['refresh_token'] }; - var token = { accessToken: 'foo', client: {}, user: {} }; - var model = { + const client = { grants: ['refresh_token'] }; + const token = { accessToken: 'foo', client: {}, user: {} }; + const model = { getClient: function() {}, getRefreshToken: function() { return { accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() * 2), user: {} }; }, saveToken: function() { return token; }, revokeToken: function() { return { accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }; } }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { grant_type: 'refresh_token', refresh_token: 12345 @@ -920,16 +920,16 @@ describe('TokenHandler integration', function() { describe('with custom grant_type', function() { it('should return a token', function() { - var client = { grants: ['urn:ietf:params:oauth:grant-type:saml2-bearer'] }; - var token = {}; - var model = { + const client = { grants: ['urn:ietf:params:oauth:grant-type:saml2-bearer'] }; + const token = {}; + const model = { getClient: function() {}, getUser: function() { return {}; }, saveToken: function() { return token; }, validateScope: function() { return 'foo'; } }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120, extendedGrantTypes: { 'urn:ietf:params:oauth:grant-type:saml2-bearer': PasswordGrantType } }); - var request = new Request({ body: { grant_type: 'urn:ietf:params:oauth:grant-type:saml2-bearer', username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120, extendedGrantTypes: { 'urn:ietf:params:oauth:grant-type:saml2-bearer': PasswordGrantType } }); + const request = new Request({ body: { grant_type: 'urn:ietf:params:oauth:grant-type:saml2-bearer', username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); return handler.handleGrantType(request, client) .then(function(data) { @@ -942,23 +942,23 @@ describe('TokenHandler integration', function() { describe('getAccessTokenLifetime()', function() { it('should return the client access token lifetime', function() { - var client = { accessTokenLifetime: 60 }; - var model = { + const client = { accessTokenLifetime: 60 }; + const model = { getClient: function() { return client; }, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); handler.getAccessTokenLifetime(client).should.equal(60); }); it('should return the default access token lifetime', function() { - var client = {}; - var model = { + const client = {}; + const model = { getClient: function() { return client; }, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); handler.getAccessTokenLifetime(client).should.equal(120); }); @@ -966,23 +966,23 @@ describe('TokenHandler integration', function() { describe('getRefreshTokenLifetime()', function() { it('should return the client access token lifetime', function() { - var client = { refreshTokenLifetime: 60 }; - var model = { + const client = { refreshTokenLifetime: 60 }; + const model = { getClient: function() { return client; }, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); handler.getRefreshTokenLifetime(client).should.equal(60); }); it('should return the default access token lifetime', function() { - var client = {}; - var model = { + const client = {}; + const model = { getClient: function() { return client; }, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); handler.getRefreshTokenLifetime(client).should.equal(120); }); @@ -990,25 +990,25 @@ describe('TokenHandler integration', function() { describe('getTokenType()', function() { it('should return a token type', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var tokenType = handler.getTokenType({ accessToken: 'foo', refreshToken: 'bar', scope: 'foobar' }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const tokenType = handler.getTokenType({ accessToken: 'foo', refreshToken: 'bar', scope: 'foobar' }); tokenType.should.deep.include({ accessToken: 'foo', accessTokenLifetime: undefined, refreshToken: 'bar', scope: 'foobar' }); }); }); describe('updateSuccessResponse()', function() { it('should set the `body`', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var tokenType = new BearerTokenType('foo', 'bar', 'biz'); - var response = new Response({ body: {}, headers: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const tokenType = new BearerTokenType('foo', 'bar', 'biz'); + const response = new Response({ body: {}, headers: {} }); handler.updateSuccessResponse(response, tokenType); @@ -1016,13 +1016,13 @@ describe('TokenHandler integration', function() { }); it('should set the `Cache-Control` header', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var tokenType = new BearerTokenType('foo', 'bar', 'biz'); - var response = new Response({ body: {}, headers: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const tokenType = new BearerTokenType('foo', 'bar', 'biz'); + const response = new Response({ body: {}, headers: {} }); handler.updateSuccessResponse(response, tokenType); @@ -1030,13 +1030,13 @@ describe('TokenHandler integration', function() { }); it('should set the `Pragma` header', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var tokenType = new BearerTokenType('foo', 'bar', 'biz'); - var response = new Response({ body: {}, headers: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const tokenType = new BearerTokenType('foo', 'bar', 'biz'); + const response = new Response({ body: {}, headers: {} }); handler.updateSuccessResponse(response, tokenType); @@ -1046,13 +1046,13 @@ describe('TokenHandler integration', function() { describe('updateErrorResponse()', function() { it('should set the `body`', function() { - var error = new AccessDeniedError('Cannot request a token'); - var model = { + const error = new AccessDeniedError('Cannot request a token'); + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var response = new Response({ body: {}, headers: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const response = new Response({ body: {}, headers: {} }); handler.updateErrorResponse(response, error); @@ -1061,13 +1061,13 @@ describe('TokenHandler integration', function() { }); it('should set the `status`', function() { - var error = new AccessDeniedError('Cannot request a token'); - var model = { + const error = new AccessDeniedError('Cannot request a token'); + const model = { getClient: function() {}, saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var response = new Response({ body: {}, headers: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const response = new Response({ body: {}, headers: {} }); handler.updateErrorResponse(response, error); diff --git a/test/integration/request_test.js b/test/integration/request_test.js index a62309d..e0c98f1 100644 --- a/test/integration/request_test.js +++ b/test/integration/request_test.js @@ -4,9 +4,9 @@ * Module dependencies. */ -var Request = require('../../lib/request'); -var InvalidArgumentError = require('../../lib/errors/invalid-argument-error'); -var should = require('chai').should(); +const Request = require('../../lib/request'); +const InvalidArgumentError = require('../../lib/errors/invalid-argument-error'); +const should = require('chai').should(); /** * Test `Request` integration. @@ -48,25 +48,25 @@ describe('Request integration', function() { }); it('should set the `body`', function() { - var request = new Request({ body: 'foo', headers: {}, method: {}, query: {} }); + const request = new Request({ body: 'foo', headers: {}, method: {}, query: {} }); request.body.should.equal('foo'); }); it('should set the `headers`', function() { - var request = new Request({ body: {}, headers: { foo: 'bar', QuX: 'biz' }, method: {}, query: {} }); + const request = new Request({ body: {}, headers: { foo: 'bar', QuX: 'biz' }, method: {}, query: {} }); request.headers.should.eql({ foo: 'bar', qux: 'biz' }); }); it('should set the `method`', function() { - var request = new Request({ body: {}, headers: {}, method: 'biz', query: {} }); + const request = new Request({ body: {}, headers: {}, method: 'biz', query: {} }); request.method.should.equal('biz'); }); it('should set the `query`', function() { - var request = new Request({ body: {}, headers: {}, method: {}, query: 'baz' }); + const request = new Request({ body: {}, headers: {}, method: {}, query: 'baz' }); request.query.should.equal('baz'); }); @@ -74,13 +74,13 @@ describe('Request integration', function() { describe('get()', function() { it('should return `undefined` if the field does not exist', function() { - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); (undefined === request.get('content-type')).should.be.true; }); it('should return the value if the field exists', function() { - var request = new Request({ + const request = new Request({ body: {}, headers: { 'content-type': 'text/html; charset=utf-8' @@ -95,7 +95,7 @@ describe('Request integration', function() { describe('is()', function() { it('should accept an array of `types`', function() { - var request = new Request({ + const request = new Request({ body: {}, headers: { 'content-type': 'application/json', @@ -109,7 +109,7 @@ describe('Request integration', function() { }); it('should accept multiple `types` as arguments', function() { - var request = new Request({ + const request = new Request({ body: {}, headers: { 'content-type': 'application/json', @@ -123,7 +123,7 @@ describe('Request integration', function() { }); it('should return the first matching type', function() { - var request = new Request({ + const request = new Request({ body: {}, headers: { 'content-type': 'text/html; charset=utf-8', @@ -137,7 +137,7 @@ describe('Request integration', function() { }); it('should return `false` if none of the `types` match', function() { - var request = new Request({ + const request = new Request({ body: {}, headers: { 'content-type': 'text/html; charset=utf-8', @@ -151,7 +151,7 @@ describe('Request integration', function() { }); it('should return `false` if the request has no body', function() { - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); request.is('text/html').should.be.false; }); diff --git a/test/integration/response-types/code-response-type_test.js b/test/integration/response-types/code-response-type_test.js index e03b4a2..44bd53b 100644 --- a/test/integration/response-types/code-response-type_test.js +++ b/test/integration/response-types/code-response-type_test.js @@ -4,10 +4,10 @@ * Module dependencies. */ -var CodeResponseType = require('../../../lib/response-types/code-response-type'); -var InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); -var should = require('chai').should(); -var url = require('url'); +const CodeResponseType = require('../../../lib/response-types/code-response-type'); +const InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); +const should = require('chai').should(); +const url = require('url'); /** * Test `CodeResponseType` integration. @@ -27,7 +27,7 @@ describe('CodeResponseType integration', function() { }); it('should set the `code`', function() { - var responseType = new CodeResponseType('foo'); + const responseType = new CodeResponseType('foo'); responseType.code.should.equal('foo'); }); @@ -35,7 +35,7 @@ describe('CodeResponseType integration', function() { describe('buildRedirectUri()', function() { it('should throw an error if the `redirectUri` is missing', function() { - var responseType = new CodeResponseType('foo'); + const responseType = new CodeResponseType('foo'); try { responseType.buildRedirectUri(); @@ -48,15 +48,15 @@ describe('CodeResponseType integration', function() { }); it('should return the new redirect uri and set the `code` and `state` in the query', function() { - var responseType = new CodeResponseType('foo'); - var redirectUri = responseType.buildRedirectUri('http://example.com/cb'); + const responseType = new CodeResponseType('foo'); + const redirectUri = responseType.buildRedirectUri('http://example.com/cb'); url.format(redirectUri).should.equal('http://example.com/cb?code=foo'); }); it('should return the new redirect uri and append the `code` and `state` in the query', function() { - var responseType = new CodeResponseType('foo'); - var redirectUri = responseType.buildRedirectUri('http://example.com/cb?foo=bar'); + const responseType = new CodeResponseType('foo'); + const redirectUri = responseType.buildRedirectUri('http://example.com/cb?foo=bar'); url.format(redirectUri).should.equal('http://example.com/cb?foo=bar&code=foo'); }); diff --git a/test/integration/response_test.js b/test/integration/response_test.js index 1e1e020..d6c37e4 100644 --- a/test/integration/response_test.js +++ b/test/integration/response_test.js @@ -4,7 +4,7 @@ * Module dependencies. */ -var Response = require('../../lib/response'); +const Response = require('../../lib/response'); /** * Test `Response` integration. @@ -13,19 +13,19 @@ var Response = require('../../lib/response'); describe('Response integration', function() { describe('constructor()', function() { it('should set the `body`', function() { - var response = new Response({ body: 'foo', headers: {} }); + const response = new Response({ body: 'foo', headers: {} }); response.body.should.equal('foo'); }); it('should set the `headers`', function() { - var response = new Response({ body: {}, headers: { foo: 'bar', QuX: 'biz' } }); + const response = new Response({ body: {}, headers: { foo: 'bar', QuX: 'biz' } }); response.headers.should.eql({ foo: 'bar', qux: 'biz' }); }); it('should set the `status` to 200', function() { - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); response.status.should.equal(200); }); @@ -33,13 +33,13 @@ describe('Response integration', function() { describe('get()', function() { it('should return `undefined` if the field does not exist', function() { - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); (undefined === response.get('content-type')).should.be.true; }); it('should return the value if the field exists', function() { - var response = new Response({ body: {}, headers: { 'content-type': 'text/html; charset=utf-8' } }); + const response = new Response({ body: {}, headers: { 'content-type': 'text/html; charset=utf-8' } }); response.get('Content-Type').should.equal('text/html; charset=utf-8'); }); @@ -47,7 +47,7 @@ describe('Response integration', function() { describe('redirect()', function() { it('should set the location header to `url`', function() { - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); response.redirect('http://example.com'); @@ -55,7 +55,7 @@ describe('Response integration', function() { }); it('should set the `status` to 302', function() { - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); response.redirect('http://example.com'); @@ -65,7 +65,7 @@ describe('Response integration', function() { describe('set()', function() { it('should set the `field`', function() { - var response = new Response({ body: {}, headers: {} }); + const response = new Response({ body: {}, headers: {} }); response.set('foo', 'bar'); diff --git a/test/integration/server_test.js b/test/integration/server_test.js index 1851e21..db10544 100644 --- a/test/integration/server_test.js +++ b/test/integration/server_test.js @@ -4,12 +4,12 @@ * Module dependencies. */ -var InvalidArgumentError = require('../../lib/errors/invalid-argument-error'); -var Promise = require('bluebird'); -var Request = require('../../lib/request'); -var Response = require('../../lib/response'); -var Server = require('../../lib/server'); -var should = require('chai').should(); +const InvalidArgumentError = require('../../lib/errors/invalid-argument-error'); +const Promise = require('bluebird'); +const Request = require('../../lib/request'); +const Response = require('../../lib/response'); +const Server = require('../../lib/server'); +const should = require('chai').should(); /** * Test `Server` integration. @@ -29,8 +29,8 @@ describe('Server integration', function() { }); it('should set the `model`', function() { - var model = {}; - var server = new Server({ model: model }); + const model = {}; + const server = new Server({ model: model }); server.options.model.should.equal(model); }); @@ -38,7 +38,7 @@ describe('Server integration', function() { describe('authenticate()', function() { it('should set the default `options`', function() { - var model = { + const model = { getAccessToken: function() { return { user: {}, @@ -46,9 +46,9 @@ describe('Server integration', function() { }; } }; - var server = new Server({ model: model }); - var request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); - var response = new Response({ body: {}, headers: {} }); + const server = new Server({ model: model }); + const request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); + const response = new Response({ body: {}, headers: {} }); return server.authenticate(request, response) .then(function() { @@ -60,7 +60,7 @@ describe('Server integration', function() { }); it('should return a promise', function() { - var model = { + const model = { getAccessToken: function(token, callback) { callback(null, { user: {}, @@ -68,16 +68,16 @@ describe('Server integration', function() { }); } }; - var server = new Server({ model: model }); - var request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); - var response = new Response({ body: {}, headers: {} }); - var handler = server.authenticate(request, response); + const server = new Server({ model: model }); + const request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); + const response = new Response({ body: {}, headers: {} }); + const handler = server.authenticate(request, response); handler.should.be.an.instanceOf(Promise); }); it('should support callbacks', function(next) { - var model = { + const model = { getAccessToken: function() { return { user: {}, @@ -85,9 +85,9 @@ describe('Server integration', function() { }; } }; - var server = new Server({ model: model }); - var request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); - var response = new Response({ body: {}, headers: {} }); + const server = new Server({ model: model }); + const request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: {} }); + const response = new Response({ body: {}, headers: {} }); server.authenticate(request, response, null, next); }); @@ -95,7 +95,7 @@ describe('Server integration', function() { describe('authorize()', function() { it('should set the default `options`', function() { - var model = { + const model = { getAccessToken: function() { return { user: {}, @@ -109,9 +109,9 @@ describe('Server integration', function() { return { authorizationCode: 123 }; } }; - var server = new Server({ model: model }); - var request = new Request({ body: { client_id: 1234, client_secret: 'secret', response_type: 'code' }, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: { state: 'foobar' } }); - var response = new Response({ body: {}, headers: {} }); + const server = new Server({ model: model }); + const request = new Request({ body: { client_id: 1234, client_secret: 'secret', response_type: 'code' }, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: { state: 'foobar' } }); + const response = new Response({ body: {}, headers: {} }); return server.authorize(request, response) .then(function() { @@ -122,7 +122,7 @@ describe('Server integration', function() { }); it('should return a promise', function() { - var model = { + const model = { getAccessToken: function() { return { user: {}, @@ -136,16 +136,16 @@ describe('Server integration', function() { return { authorizationCode: 123 }; } }; - var server = new Server({ model: model }); - var request = new Request({ body: { client_id: 1234, client_secret: 'secret', response_type: 'code' }, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: { state: 'foobar' } }); - var response = new Response({ body: {}, headers: {} }); - var handler = server.authorize(request, response); + const server = new Server({ model: model }); + const request = new Request({ body: { client_id: 1234, client_secret: 'secret', response_type: 'code' }, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: { state: 'foobar' } }); + const response = new Response({ body: {}, headers: {} }); + const handler = server.authorize(request, response); handler.should.be.an.instanceOf(Promise); }); it('should support callbacks', function(next) { - var model = { + const model = { getAccessToken: function() { return { user: {}, @@ -159,9 +159,9 @@ describe('Server integration', function() { return { authorizationCode: 123 }; } }; - var server = new Server({ model: model }); - var request = new Request({ body: { client_id: 1234, client_secret: 'secret', response_type: 'code' }, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: { state: 'foobar' } }); - var response = new Response({ body: {}, headers: {} }); + const server = new Server({ model: model }); + const request = new Request({ body: { client_id: 1234, client_secret: 'secret', response_type: 'code' }, headers: { 'Authorization': 'Bearer foo' }, method: {}, query: { state: 'foobar' } }); + const response = new Response({ body: {}, headers: {} }); server.authorize(request, response, null, next); }); @@ -169,7 +169,7 @@ describe('Server integration', function() { describe('token()', function() { it('should set the default `options`', function() { - var model = { + const model = { getClient: function() { return { grants: ['password'] }; }, @@ -181,9 +181,9 @@ describe('Server integration', function() { }, validateScope: function() { return 'foo'; } }; - var server = new Server({ model: model }); - var request = new Request({ body: { client_id: 1234, client_secret: 'secret', grant_type: 'password', username: 'foo', password: 'pass', scope: 'foo' }, headers: { 'content-type': 'application/x-www-form-urlencoded', 'transfer-encoding': 'chunked' }, method: 'POST', query: {} }); - var response = new Response({ body: {}, headers: {} }); + const server = new Server({ model: model }); + const request = new Request({ body: { client_id: 1234, client_secret: 'secret', grant_type: 'password', username: 'foo', password: 'pass', scope: 'foo' }, headers: { 'content-type': 'application/x-www-form-urlencoded', 'transfer-encoding': 'chunked' }, method: 'POST', query: {} }); + const response = new Response({ body: {}, headers: {} }); return server.token(request, response) .then(function() { @@ -194,7 +194,7 @@ describe('Server integration', function() { }); it('should return a promise', function() { - var model = { + const model = { getClient: function() { return { grants: ['password'] }; }, @@ -205,16 +205,16 @@ describe('Server integration', function() { return { accessToken: 1234, client: {}, user: {} }; } }; - var server = new Server({ model: model }); - var request = new Request({ body: { client_id: 1234, client_secret: 'secret', grant_type: 'password', username: 'foo', password: 'pass' }, headers: { 'content-type': 'application/x-www-form-urlencoded', 'transfer-encoding': 'chunked' }, method: 'POST', query: {} }); - var response = new Response({ body: {}, headers: {} }); - var handler = server.token(request, response); + const server = new Server({ model: model }); + const request = new Request({ body: { client_id: 1234, client_secret: 'secret', grant_type: 'password', username: 'foo', password: 'pass' }, headers: { 'content-type': 'application/x-www-form-urlencoded', 'transfer-encoding': 'chunked' }, method: 'POST', query: {} }); + const response = new Response({ body: {}, headers: {} }); + const handler = server.token(request, response); handler.should.be.an.instanceOf(Promise); }); it('should support callbacks', function(next) { - var model = { + const model = { getClient: function() { return { grants: ['password'] }; }, @@ -228,9 +228,9 @@ describe('Server integration', function() { return 'foo'; } }; - var server = new Server({ model: model }); - var request = new Request({ body: { client_id: 1234, client_secret: 'secret', grant_type: 'password', username: 'foo', password: 'pass', scope: 'foo' }, headers: { 'content-type': 'application/x-www-form-urlencoded', 'transfer-encoding': 'chunked' }, method: 'POST', query: {} }); - var response = new Response({ body: {}, headers: {} }); + const server = new Server({ model: model }); + const request = new Request({ body: { client_id: 1234, client_secret: 'secret', grant_type: 'password', username: 'foo', password: 'pass', scope: 'foo' }, headers: { 'content-type': 'application/x-www-form-urlencoded', 'transfer-encoding': 'chunked' }, method: 'POST', query: {} }); + const response = new Response({ body: {}, headers: {} }); server.token(request, response, null, next); }); diff --git a/test/integration/token-types/bearer-token-type_test.js b/test/integration/token-types/bearer-token-type_test.js index c8ad306..47b1daa 100644 --- a/test/integration/token-types/bearer-token-type_test.js +++ b/test/integration/token-types/bearer-token-type_test.js @@ -4,9 +4,9 @@ * Module dependencies. */ -var BearerTokenType = require('../../../lib/token-types/bearer-token-type'); -var InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); -var should = require('chai').should(); +const BearerTokenType = require('../../../lib/token-types/bearer-token-type'); +const InvalidArgumentError = require('../../../lib/errors/invalid-argument-error'); +const should = require('chai').should(); /** * Test `BearerTokenType` integration. @@ -26,19 +26,19 @@ describe('BearerTokenType integration', function() { }); it('should set the `accessToken`', function() { - var responseType = new BearerTokenType('foo', 'bar'); + const responseType = new BearerTokenType('foo', 'bar'); responseType.accessToken.should.equal('foo'); }); it('should set the `accessTokenLifetime`', function() { - var responseType = new BearerTokenType('foo', 'bar'); + const responseType = new BearerTokenType('foo', 'bar'); responseType.accessTokenLifetime.should.equal('bar'); }); it('should set the `refreshToken`', function() { - var responseType = new BearerTokenType('foo', 'bar', 'biz'); + const responseType = new BearerTokenType('foo', 'bar', 'biz'); responseType.refreshToken.should.equal('biz'); }); @@ -46,8 +46,8 @@ describe('BearerTokenType integration', function() { describe('valueOf()', function() { it('should return the value representation', function() { - var responseType = new BearerTokenType('foo', 'bar'); - var value = responseType.valueOf(); + const responseType = new BearerTokenType('foo', 'bar'); + const value = responseType.valueOf(); value.should.eql({ access_token: 'foo', @@ -57,8 +57,8 @@ describe('BearerTokenType integration', function() { }); it('should not include the `expires_in` if not given', function() { - var responseType = new BearerTokenType('foo'); - var value = responseType.valueOf(); + const responseType = new BearerTokenType('foo'); + const value = responseType.valueOf(); value.should.eql({ access_token: 'foo', @@ -67,8 +67,8 @@ describe('BearerTokenType integration', function() { }); it('should set `refresh_token` if `refreshToken` is defined', function() { - var responseType = new BearerTokenType('foo', 'bar', 'biz'); - var value = responseType.valueOf(); + const responseType = new BearerTokenType('foo', 'bar', 'biz'); + const value = responseType.valueOf(); value.should.eql({ access_token: 'foo', @@ -79,8 +79,8 @@ describe('BearerTokenType integration', function() { }); it('should set `expires_in` if `accessTokenLifetime` is defined', function() { - var responseType = new BearerTokenType('foo', 'bar', 'biz'); - var value = responseType.valueOf(); + const responseType = new BearerTokenType('foo', 'bar', 'biz'); + const value = responseType.valueOf(); value.should.eql({ access_token: 'foo', diff --git a/test/integration/utils/token-util_test.js b/test/integration/utils/token-util_test.js index b6aa650..d4f368e 100644 --- a/test/integration/utils/token-util_test.js +++ b/test/integration/utils/token-util_test.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var TokenUtil = require('../../../lib/utils/token-util'); -var should = require('chai').should(); +const TokenUtil = require('../../../lib/utils/token-util'); +const should = require('chai').should(); /** * Test `TokenUtil` integration. diff --git a/test/unit/grant-types/abstract-grant-type_test.js b/test/unit/grant-types/abstract-grant-type_test.js index d2ccf72..f6cb13a 100644 --- a/test/unit/grant-types/abstract-grant-type_test.js +++ b/test/unit/grant-types/abstract-grant-type_test.js @@ -4,9 +4,9 @@ * Module dependencies. */ -var AbstractGrantType = require('../../../lib/grant-types/abstract-grant-type'); -var sinon = require('sinon'); -var should = require('chai').should(); +const AbstractGrantType = require('../../../lib/grant-types/abstract-grant-type'); +const sinon = require('sinon'); +const should = require('chai').should(); /** * Test `AbstractGrantType`. @@ -15,10 +15,10 @@ var should = require('chai').should(); describe('AbstractGrantType', function() { describe('generateAccessToken()', function() { it('should call `model.generateAccessToken()`', function() { - var model = { + const model = { generateAccessToken: sinon.stub().returns({ client: {}, expiresAt: new Date(), user: {} }) }; - var handler = new AbstractGrantType({ accessTokenLifetime: 120, model: model }); + const handler = new AbstractGrantType({ accessTokenLifetime: 120, model: model }); return handler.generateAccessToken() .then(function() { @@ -31,10 +31,10 @@ describe('AbstractGrantType', function() { describe('generateRefreshToken()', function() { it('should call `model.generateRefreshToken()`', function() { - var model = { + const model = { generateRefreshToken: sinon.stub().returns({ client: {}, expiresAt: new Date(new Date() / 2), user: {} }) }; - var handler = new AbstractGrantType({ accessTokenLifetime: 120, model: model }); + const handler = new AbstractGrantType({ accessTokenLifetime: 120, model: model }); return handler.generateRefreshToken() .then(function() { diff --git a/test/unit/grant-types/authorization-code-grant-type_test.js b/test/unit/grant-types/authorization-code-grant-type_test.js index a9220cb..83cc854 100644 --- a/test/unit/grant-types/authorization-code-grant-type_test.js +++ b/test/unit/grant-types/authorization-code-grant-type_test.js @@ -4,11 +4,11 @@ * Module dependencies. */ -var AuthorizationCodeGrantType = require('../../../lib/grant-types/authorization-code-grant-type'); -var Promise = require('bluebird'); -var Request = require('../../../lib/request'); -var sinon = require('sinon'); -var should = require('chai').should(); +const AuthorizationCodeGrantType = require('../../../lib/grant-types/authorization-code-grant-type'); +const Promise = require('bluebird'); +const Request = require('../../../lib/request'); +const sinon = require('sinon'); +const should = require('chai').should(); /** * Test `AuthorizationCodeGrantType`. @@ -17,14 +17,14 @@ var should = require('chai').should(); describe('AuthorizationCodeGrantType', function() { describe('getAuthorizationCode()', function() { it('should call `model.getAuthorizationCode()`', function() { - var model = { + const model = { getAuthorizationCode: sinon.stub().returns({ authorizationCode: 12345, client: {}, expiresAt: new Date(new Date() * 2), user: {} }), revokeAuthorizationCode: function() {}, saveToken: function() {} }; - var handler = new AuthorizationCodeGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); - var client = {}; + const handler = new AuthorizationCodeGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: { code: 12345 }, headers: {}, method: {}, query: {} }); + const client = {}; return handler.getAuthorizationCode(request, client) .then(function() { @@ -39,13 +39,13 @@ describe('AuthorizationCodeGrantType', function() { describe('revokeAuthorizationCode()', function() { it('should call `model.revokeAuthorizationCode()`', function() { - var model = { + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: sinon.stub().returns(true), saveToken: function() {} }; - var handler = new AuthorizationCodeGrantType({ accessTokenLifetime: 120, model: model }); - var authorizationCode = {}; + const handler = new AuthorizationCodeGrantType({ accessTokenLifetime: 120, model: model }); + const authorizationCode = {}; return handler.revokeAuthorizationCode(authorizationCode) .then(function() { @@ -60,14 +60,14 @@ describe('AuthorizationCodeGrantType', function() { describe('saveToken()', function() { it('should call `model.saveToken()`', function() { - var client = {}; - var user = {}; - var model = { + const client = {}; + const user = {}; + const model = { getAuthorizationCode: function() {}, revokeAuthorizationCode: function() {}, saveToken: sinon.stub().returns(true) }; - var handler = new AuthorizationCodeGrantType({ accessTokenLifetime: 120, model: model }); + const handler = new AuthorizationCodeGrantType({ accessTokenLifetime: 120, model: model }); sinon.stub(handler, 'validateScope').returns('foobiz'); sinon.stub(handler, 'generateAccessToken').returns(Promise.resolve('foo')); diff --git a/test/unit/grant-types/client-credentials-grant-type_test.js b/test/unit/grant-types/client-credentials-grant-type_test.js index 4b1c8b6..3997823 100644 --- a/test/unit/grant-types/client-credentials-grant-type_test.js +++ b/test/unit/grant-types/client-credentials-grant-type_test.js @@ -4,9 +4,9 @@ * Module dependencies. */ -var ClientCredentialsGrantType = require('../../../lib/grant-types/client-credentials-grant-type'); -var sinon = require('sinon'); -var should = require('chai').should(); +const ClientCredentialsGrantType = require('../../../lib/grant-types/client-credentials-grant-type'); +const sinon = require('sinon'); +const should = require('chai').should(); /** * Test `ClientCredentialsGrantType`. @@ -15,12 +15,12 @@ var should = require('chai').should(); describe('ClientCredentialsGrantType', function() { describe('getUserFromClient()', function() { it('should call `model.getUserFromClient()`', function() { - var model = { + const model = { getUserFromClient: sinon.stub().returns(true), saveToken: function() {} }; - var handler = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); - var client = {}; + const handler = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); + const client = {}; return handler.getUserFromClient(client) .then(function() { @@ -35,13 +35,13 @@ describe('ClientCredentialsGrantType', function() { describe('saveToken()', function() { it('should call `model.saveToken()`', function() { - var client = {}; - var user = {}; - var model = { + const client = {}; + const user = {}; + const model = { getUserFromClient: function() {}, saveToken: sinon.stub().returns(true) }; - var handler = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); + const handler = new ClientCredentialsGrantType({ accessTokenLifetime: 120, model: model }); sinon.stub(handler, 'validateScope').returns('foobar'); sinon.stub(handler, 'generateAccessToken').returns('foo'); diff --git a/test/unit/grant-types/password-grant-type_test.js b/test/unit/grant-types/password-grant-type_test.js index c99c2ef..ceb2ad9 100644 --- a/test/unit/grant-types/password-grant-type_test.js +++ b/test/unit/grant-types/password-grant-type_test.js @@ -4,10 +4,10 @@ * Module dependencies. */ -var PasswordGrantType = require('../../../lib/grant-types/password-grant-type'); -var Request = require('../../../lib/request'); -var sinon = require('sinon'); -var should = require('chai').should(); +const PasswordGrantType = require('../../../lib/grant-types/password-grant-type'); +const Request = require('../../../lib/request'); +const sinon = require('sinon'); +const should = require('chai').should(); /** * Test `PasswordGrantType`. @@ -16,12 +16,12 @@ var should = require('chai').should(); describe('PasswordGrantType', function() { describe('getUser()', function() { it('should call `model.getUser()`', function() { - var model = { + const model = { getUser: sinon.stub().returns(true), saveToken: function() {} }; - var handler = new PasswordGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); + const handler = new PasswordGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: { username: 'foo', password: 'bar' }, headers: {}, method: {}, query: {} }); return handler.getUser(request) .then(function() { @@ -37,13 +37,13 @@ describe('PasswordGrantType', function() { describe('saveToken()', function() { it('should call `model.saveToken()`', function() { - var client = {}; - var user = {}; - var model = { + const client = {}; + const user = {}; + const model = { getUser: function() {}, saveToken: sinon.stub().returns(true) }; - var handler = new PasswordGrantType({ accessTokenLifetime: 120, model: model }); + const handler = new PasswordGrantType({ accessTokenLifetime: 120, model: model }); sinon.stub(handler, 'validateScope').returns('foobar'); sinon.stub(handler, 'generateAccessToken').returns('foo'); diff --git a/test/unit/grant-types/refresh-token-grant-type_test.js b/test/unit/grant-types/refresh-token-grant-type_test.js index 5775f43..c91a37e 100644 --- a/test/unit/grant-types/refresh-token-grant-type_test.js +++ b/test/unit/grant-types/refresh-token-grant-type_test.js @@ -4,10 +4,10 @@ * Module dependencies. */ -var RefreshTokenGrantType = require('../../../lib/grant-types/refresh-token-grant-type'); -var Request = require('../../../lib/request'); -var sinon = require('sinon'); -var should = require('chai').should(); +const RefreshTokenGrantType = require('../../../lib/grant-types/refresh-token-grant-type'); +const Request = require('../../../lib/request'); +const sinon = require('sinon'); +const should = require('chai').should(); /** * Test `RefreshTokenGrantType`. @@ -16,15 +16,15 @@ var should = require('chai').should(); describe('RefreshTokenGrantType', function() { describe('handle()', function() { it('should revoke the previous token', function() { - var token = { accessToken: 'foo', client: {}, user: {} }; - var model = { + const token = { accessToken: 'foo', client: {}, user: {} }; + const model = { getRefreshToken: function() { return token; }, saveToken: function() { return { accessToken: 'bar', client: {}, user: {} }; }, revokeToken: sinon.stub().returns({ accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }) }; - var handler = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: { refresh_token: 'bar' }, headers: {}, method: {}, query: {} }); - var client = {}; + const handler = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: { refresh_token: 'bar' }, headers: {}, method: {}, query: {} }); + const client = {}; return handler.handle(request, client) .then(function() { @@ -39,14 +39,14 @@ describe('RefreshTokenGrantType', function() { describe('getRefreshToken()', function() { it('should call `model.getRefreshToken()`', function() { - var model = { + const model = { getRefreshToken: sinon.stub().returns({ accessToken: 'foo', client: {}, user: {} }), saveToken: function() {}, revokeToken: function() {} }; - var handler = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); - var request = new Request({ body: { refresh_token: 'bar' }, headers: {}, method: {}, query: {} }); - var client = {}; + const handler = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); + const request = new Request({ body: { refresh_token: 'bar' }, headers: {}, method: {}, query: {} }); + const client = {}; return handler.getRefreshToken(request, client) .then(function() { @@ -61,13 +61,13 @@ describe('RefreshTokenGrantType', function() { describe('revokeToken()', function() { it('should call `model.revokeToken()`', function() { - var model = { + const model = { getRefreshToken: function() {}, revokeToken: sinon.stub().returns({ accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }), saveToken: function() {} }; - var handler = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); - var token = {}; + const handler = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); + const token = {}; return handler.revokeToken(token) .then(function() { @@ -80,13 +80,13 @@ describe('RefreshTokenGrantType', function() { }); it('should not call `model.revokeToken()`', function() { - var model = { + const model = { getRefreshToken: function() {}, revokeToken: sinon.stub().returns({ accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }), saveToken: function() {} }; - var handler = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model, alwaysIssueNewRefreshToken: false }); - var token = {}; + const handler = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model, alwaysIssueNewRefreshToken: false }); + const token = {}; return handler.revokeToken(token) .then(function() { @@ -96,13 +96,13 @@ describe('RefreshTokenGrantType', function() { }); it('should not call `model.revokeToken()`', function() { - var model = { + const model = { getRefreshToken: function() {}, revokeToken: sinon.stub().returns({ accessToken: 'foo', client: {}, refreshTokenExpiresAt: new Date(new Date() / 2), user: {} }), saveToken: function() {} }; - var handler = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model, alwaysIssueNewRefreshToken: true }); - var token = {}; + const handler = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model, alwaysIssueNewRefreshToken: true }); + const token = {}; return handler.revokeToken(token) .then(function() { @@ -117,14 +117,14 @@ describe('RefreshTokenGrantType', function() { describe('saveToken()', function() { it('should call `model.saveToken()`', function() { - var client = {}; - var user = {}; - var model = { + const client = {}; + const user = {}; + const model = { getRefreshToken: function() {}, revokeToken: function() {}, saveToken: sinon.stub().returns(true) }; - var handler = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); + const handler = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model }); sinon.stub(handler, 'generateAccessToken').returns('foo'); sinon.stub(handler, 'generateRefreshToken').returns('bar'); @@ -144,14 +144,14 @@ describe('RefreshTokenGrantType', function() { }); it('should call `model.saveToken()` without refresh token', function() { - var client = {}; - var user = {}; - var model = { + const client = {}; + const user = {}; + const model = { getRefreshToken: function() {}, revokeToken: function() {}, saveToken: sinon.stub().returns(true) }; - var handler = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model, alwaysIssueNewRefreshToken: false }); + const handler = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model, alwaysIssueNewRefreshToken: false }); sinon.stub(handler, 'generateAccessToken').returns('foo'); sinon.stub(handler, 'generateRefreshToken').returns('bar'); @@ -171,14 +171,14 @@ describe('RefreshTokenGrantType', function() { }); it('should call `model.saveToken()` with refresh token', function() { - var client = {}; - var user = {}; - var model = { + const client = {}; + const user = {}; + const model = { getRefreshToken: function() {}, revokeToken: function() {}, saveToken: sinon.stub().returns(true) }; - var handler = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model, alwaysIssueNewRefreshToken: true}); + const handler = new RefreshTokenGrantType({ accessTokenLifetime: 120, model: model, alwaysIssueNewRefreshToken: true}); sinon.stub(handler, 'generateAccessToken').returns('foo'); sinon.stub(handler, 'generateRefreshToken').returns('bar'); diff --git a/test/unit/handlers/authenticate-handler_test.js b/test/unit/handlers/authenticate-handler_test.js index c280002..4d63428 100644 --- a/test/unit/handlers/authenticate-handler_test.js +++ b/test/unit/handlers/authenticate-handler_test.js @@ -4,11 +4,11 @@ * Module dependencies. */ -var AuthenticateHandler = require('../../../lib/handlers/authenticate-handler'); -var Request = require('../../../lib/request'); -var sinon = require('sinon'); -var should = require('chai').should(); -var ServerError = require('../../../lib/errors/server-error'); +const AuthenticateHandler = require('../../../lib/handlers/authenticate-handler'); +const Request = require('../../../lib/request'); +const sinon = require('sinon'); +const should = require('chai').should(); +const ServerError = require('../../../lib/errors/server-error'); /** * Test `AuthenticateHandler`. @@ -18,8 +18,8 @@ describe('AuthenticateHandler', function() { describe('getTokenFromRequest()', function() { describe('with bearer token in the request authorization header', function() { it('should call `getTokenFromRequestHeader()`', function() { - var handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); - var request = new Request({ + const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); + const request = new Request({ body: {}, headers: { 'Authorization': 'Bearer foo' }, method: {}, @@ -38,8 +38,8 @@ describe('AuthenticateHandler', function() { describe('with bearer token in the request query', function() { it('should call `getTokenFromRequestQuery()`', function() { - var handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); - var request = new Request({ + const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); + const request = new Request({ body: {}, headers: {}, method: {}, @@ -58,8 +58,8 @@ describe('AuthenticateHandler', function() { describe('with bearer token in the request body', function() { it('should call `getTokenFromRequestBody()`', function() { - var handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); - var request = new Request({ + const handler = new AuthenticateHandler({ model: { getAccessToken: function() {} } }); + const request = new Request({ body: { access_token: 'foo' }, headers: {}, method: {}, @@ -79,10 +79,10 @@ describe('AuthenticateHandler', function() { describe('getAccessToken()', function() { it('should call `model.getAccessToken()`', function() { - var model = { + const model = { getAccessToken: sinon.stub().returns({ user: {} }) }; - var handler = new AuthenticateHandler({ model: model }); + const handler = new AuthenticateHandler({ model: model }); return handler.getAccessToken('foo') .then(function() { @@ -97,12 +97,12 @@ describe('AuthenticateHandler', function() { describe('validateAccessToken()', function() { it('should fail if token has no valid `accessTokenExpiresAt` date', function() { - var model = { + const model = { getAccessToken: function() {} }; - var handler = new AuthenticateHandler({ model: model }); + const handler = new AuthenticateHandler({ model: model }); - var failed = false; + let failed = false; try { handler.validateAccessToken({ user: {} @@ -116,10 +116,10 @@ describe('AuthenticateHandler', function() { }); it('should succeed if token has valid `accessTokenExpiresAt` date', function() { - var model = { + const model = { getAccessToken: function() {} }; - var handler = new AuthenticateHandler({ model: model }); + const handler = new AuthenticateHandler({ model: model }); try { handler.validateAccessToken({ user: {}, @@ -134,11 +134,11 @@ describe('AuthenticateHandler', function() { describe('verifyScope()', function() { it('should call `model.getAccessToken()` if scope is defined', function() { - var model = { + const model = { getAccessToken: function() {}, verifyScope: sinon.stub().returns(true) }; - var handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: true, model: model, scope: 'bar' }); + const handler = new AuthenticateHandler({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: true, model: model, scope: 'bar' }); return handler.verifyScope('foo') .then(function() { diff --git a/test/unit/handlers/authorize-handler_test.js b/test/unit/handlers/authorize-handler_test.js index 35ece25..86ce336 100644 --- a/test/unit/handlers/authorize-handler_test.js +++ b/test/unit/handlers/authorize-handler_test.js @@ -4,12 +4,12 @@ * Module dependencies. */ -var AuthorizeHandler = require('../../../lib/handlers/authorize-handler'); -var Request = require('../../../lib/request'); -var Response = require('../../../lib/response'); -var Promise = require('bluebird'); -var sinon = require('sinon'); -var should = require('chai').should(); +const AuthorizeHandler = require('../../../lib/handlers/authorize-handler'); +const Request = require('../../../lib/request'); +const Response = require('../../../lib/response'); +const Promise = require('bluebird'); +const sinon = require('sinon'); +const should = require('chai').should(); /** * Test `AuthorizeHandler`. @@ -18,13 +18,13 @@ var should = require('chai').should(); describe('AuthorizeHandler', function() { describe('generateAuthorizationCode()', function() { it('should call `model.generateAuthorizationCode()`', function() { - var model = { + const model = { generateAuthorizationCode: sinon.stub().returns({}), getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); return handler.generateAuthorizationCode() .then(function() { @@ -37,13 +37,13 @@ describe('AuthorizeHandler', function() { describe('getClient()', function() { it('should call `model.getClient()`', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: sinon.stub().returns({ grants: ['authorization_code'], redirectUris: ['http://example.com/cb'] }), saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); return handler.getClient(request) .then(function() { @@ -58,14 +58,14 @@ describe('AuthorizeHandler', function() { describe('getUser()', function() { it('should call `authenticateHandler.getUser()`', function() { - var authenticateHandler = { handle: sinon.stub().returns(Promise.resolve({})) }; - var model = { + const authenticateHandler = { handle: sinon.stub().returns(Promise.resolve({})) }; + const model = { getClient: function() {}, saveAuthorizationCode: function() {} }; - var handler = new AuthorizeHandler({ authenticateHandler: authenticateHandler, authorizationCodeLifetime: 120, model: model }); - var request = new Request({ body: {}, headers: {}, method: {}, query: {} }); - var response = new Response(); + const handler = new AuthorizeHandler({ authenticateHandler: authenticateHandler, authorizationCodeLifetime: 120, model: model }); + const request = new Request({ body: {}, headers: {}, method: {}, query: {} }); + const response = new Response(); return handler.getUser(request, response) .then(function() { @@ -80,12 +80,12 @@ describe('AuthorizeHandler', function() { describe('saveAuthorizationCode()', function() { it('should call `model.saveAuthorizationCode()`', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: sinon.stub().returns({}) }; - var handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); + const handler = new AuthorizeHandler({ authorizationCodeLifetime: 120, model: model }); return handler.saveAuthorizationCode('foo', 'bar', 'qux', 'biz', 'baz', 'boz') .then(function() { diff --git a/test/unit/handlers/token-handler_test.js b/test/unit/handlers/token-handler_test.js index 4dd2199..8fe258b 100644 --- a/test/unit/handlers/token-handler_test.js +++ b/test/unit/handlers/token-handler_test.js @@ -4,10 +4,10 @@ * Module dependencies. */ -var Request = require('../../../lib/request'); -var TokenHandler = require('../../../lib/handlers/token-handler'); -var sinon = require('sinon'); -var should = require('chai').should(); +const Request = require('../../../lib/request'); +const TokenHandler = require('../../../lib/handlers/token-handler'); +const sinon = require('sinon'); +const should = require('chai').should(); /** * Test `TokenHandler`. @@ -16,12 +16,12 @@ var should = require('chai').should(); describe('TokenHandler', function() { describe('getClient()', function() { it('should call `model.getClient()`', function() { - var model = { + const model = { getClient: sinon.stub().returns({ grants: ['password'] }), saveToken: function() {} }; - var handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); - var request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); + const handler = new TokenHandler({ accessTokenLifetime: 120, model: model, refreshTokenLifetime: 120 }); + const request = new Request({ body: { client_id: 12345, client_secret: 'secret' }, headers: {}, method: {}, query: {} }); return handler.getClient(request) .then(function() { diff --git a/test/unit/models/token-model_test.js b/test/unit/models/token-model_test.js index 6fa0110..7dcac61 100644 --- a/test/unit/models/token-model_test.js +++ b/test/unit/models/token-model_test.js @@ -1,5 +1,5 @@ -var TokenModel = require('../../../lib/models/token-model'); -var should = require('chai').should(); +const TokenModel = require('../../../lib/models/token-model'); +const should = require('chai').should(); /** * Test `Server`. */ @@ -7,17 +7,17 @@ var should = require('chai').should(); describe('Model', function() { describe('constructor()', function() { it('should calculate `accessTokenLifetime` if `accessTokenExpiresAt` is set', function() { - var atExpiresAt = new Date(); + const atExpiresAt = new Date(); atExpiresAt.setHours(new Date().getHours() + 1); - var data = { + const data = { accessToken: 'foo', client: 'bar', user: 'tar', accessTokenExpiresAt: atExpiresAt }; - var model = new TokenModel(data); + const model = new TokenModel(data); should.exist(model.accessTokenLifetime); model.accessTokenLifetime.should.a('number'); model.accessTokenLifetime.should.be.approximately(3600, 2); diff --git a/test/unit/request_test.js b/test/unit/request_test.js index a86005a..f292e2b 100644 --- a/test/unit/request_test.js +++ b/test/unit/request_test.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var Request = require('../../lib/request'); -var should = require('chai').should(); +const Request = require('../../lib/request'); +const should = require('chai').should(); /** * Test `Request`. @@ -28,9 +28,9 @@ function generateBaseRequest() { describe('Request', function() { it('should instantiate with a basic request', function() { - var originalRequest = generateBaseRequest(); + const originalRequest = generateBaseRequest(); - var request = new Request(originalRequest); + const request = new Request(originalRequest); request.headers.should.eql(originalRequest.headers); request.method.should.eql(originalRequest.method); request.query.should.eql(originalRequest.query); @@ -38,10 +38,10 @@ describe('Request', function() { }); it('should allow a request to be passed without a body', function() { - var originalRequest = generateBaseRequest(); + const originalRequest = generateBaseRequest(); delete originalRequest.body; - var request = new Request(originalRequest); + const request = new Request(originalRequest); request.headers.should.eql(originalRequest.headers); request.method.should.eql(originalRequest.method); request.query.should.eql(originalRequest.query); @@ -49,7 +49,7 @@ describe('Request', function() { }); it('should throw if headers are not passed to the constructor', function() { - var originalRequest = generateBaseRequest(); + const originalRequest = generateBaseRequest(); delete originalRequest.headers; (function() { @@ -58,7 +58,7 @@ describe('Request', function() { }); it('should throw if query string isn\'t passed to the constructor', function() { - var originalRequest = generateBaseRequest(); + const originalRequest = generateBaseRequest(); delete originalRequest.query; (function() { @@ -67,7 +67,7 @@ describe('Request', function() { }); it('should throw if method isn\'t passed to the constructor', function() { - var originalRequest = generateBaseRequest(); + const originalRequest = generateBaseRequest(); delete originalRequest.method; (function() { @@ -76,13 +76,13 @@ describe('Request', function() { }); it('should convert all header keys to lowercase', function() { - var originalRequest = generateBaseRequest(); + const originalRequest = generateBaseRequest(); originalRequest.headers = { Foo: 'bar', BAR: 'foo' }; - var request = new Request(originalRequest); + const request = new Request(originalRequest); request.headers.foo.should.eql('bar'); request.headers.bar.should.eql('foo'); should.not.exist(request.headers.Foo); @@ -90,7 +90,7 @@ describe('Request', function() { }); it('should include additional properties passed in the request', function() { - var originalRequest = generateBaseRequest(); + const originalRequest = generateBaseRequest(); originalRequest.custom = { newFoo: 'newBar' }; @@ -99,7 +99,7 @@ describe('Request', function() { newBar: 'newFoo' }; - var request = new Request(originalRequest); + const request = new Request(originalRequest); request.headers.should.eql(originalRequest.headers); request.method.should.eql(originalRequest.method); request.query.should.eql(originalRequest.query); @@ -109,7 +109,7 @@ describe('Request', function() { }); it('should include additional properties passed in the request', function() { - var originalRequest = generateBaseRequest(); + const originalRequest = generateBaseRequest(); originalRequest.custom = { newFoo: 'newBar' }; @@ -118,7 +118,7 @@ describe('Request', function() { newBar: 'newFoo' }; - var request = new Request(originalRequest); + const request = new Request(originalRequest); request.headers.should.eql(originalRequest.headers); request.method.should.eql(originalRequest.method); request.query.should.eql(originalRequest.query); @@ -128,41 +128,41 @@ describe('Request', function() { }); it('should allow getting of headers using `request.get`', function() { - var originalRequest = generateBaseRequest(); + const originalRequest = generateBaseRequest(); - var request = new Request(originalRequest); + const request = new Request(originalRequest); request.get('bar').should.eql(originalRequest.headers.bar); }); it('should allow getting of headers using `request.get`', function() { - var originalRequest = generateBaseRequest(); + const originalRequest = generateBaseRequest(); - var request = new Request(originalRequest); + const request = new Request(originalRequest); request.get('bar').should.eql(originalRequest.headers.bar); }); it('should allow getting of headers using `request.get`', function() { - var originalRequest = generateBaseRequest(); + const originalRequest = generateBaseRequest(); - var request = new Request(originalRequest); + const request = new Request(originalRequest); request.get('bar').should.eql(originalRequest.headers.bar); }); it('should validate the content-type', function() { - var originalRequest = generateBaseRequest(); + const originalRequest = generateBaseRequest(); originalRequest.headers['content-type'] = 'application/x-www-form-urlencoded'; originalRequest.headers['content-length'] = JSON.stringify(originalRequest.body).length; - var request = new Request(originalRequest); + const request = new Request(originalRequest); request.is('application/x-www-form-urlencoded').should.eql('application/x-www-form-urlencoded'); }); it('should return false if the content-type is invalid', function() { - var originalRequest = generateBaseRequest(); + const originalRequest = generateBaseRequest(); originalRequest.headers['content-type'] = 'application/x-www-form-urlencoded'; originalRequest.headers['content-length'] = JSON.stringify(originalRequest.body).length; - var request = new Request(originalRequest); + const request = new Request(originalRequest); request.is('application/json').should.eql(false); }); }); diff --git a/test/unit/response_test.js b/test/unit/response_test.js index 0ef54a8..8d4897c 100644 --- a/test/unit/response_test.js +++ b/test/unit/response_test.js @@ -4,8 +4,8 @@ * Module dependencies. */ -var Response = require('../../lib/response'); -var should = require('chai').should(); +const Response = require('../../lib/response'); +const should = require('chai').should(); /** * Test `Request`. @@ -24,42 +24,42 @@ function generateBaseResponse() { describe('Request', function() { it('should instantiate with a basic request', function() { - var originalResponse = generateBaseResponse(); + const originalResponse = generateBaseResponse(); - var response = new Response(originalResponse); + const response = new Response(originalResponse); response.headers.should.eql(originalResponse.headers); response.body.should.eql(originalResponse.body); response.status.should.eql(200); }); it('should allow a response to be passed without a body', function() { - var originalResponse = generateBaseResponse(); + const originalResponse = generateBaseResponse(); delete originalResponse.body; - var response = new Response(originalResponse); + const response = new Response(originalResponse); response.headers.should.eql(originalResponse.headers); response.body.should.eql({}); response.status.should.eql(200); }); it('should allow a response to be passed without headers', function() { - var originalResponse = generateBaseResponse(); + const originalResponse = generateBaseResponse(); delete originalResponse.headers; - var response = new Response(originalResponse); + const response = new Response(originalResponse); response.headers.should.eql({}); response.body.should.eql(originalResponse.body); response.status.should.eql(200); }); it('should convert all header keys to lowercase', function() { - var originalResponse = generateBaseResponse(); + const originalResponse = generateBaseResponse(); originalResponse.headers = { Foo: 'bar', BAR: 'foo' }; - var response = new Response(originalResponse); + const response = new Response(originalResponse); response.headers.foo.should.eql('bar'); response.headers.bar.should.eql('foo'); should.not.exist(response.headers.Foo); @@ -67,7 +67,7 @@ describe('Request', function() { }); it('should include additional properties passed in the response', function() { - var originalResponse = generateBaseResponse(); + const originalResponse = generateBaseResponse(); originalResponse.custom = { newFoo: 'newBar' }; @@ -76,7 +76,7 @@ describe('Request', function() { newBar: 'newFoo' }; - var response = new Response(originalResponse); + const response = new Response(originalResponse); response.headers.should.eql(originalResponse.headers); response.body.should.eql(originalResponse.body); response.custom.should.eql(originalResponse.custom); @@ -84,23 +84,23 @@ describe('Request', function() { }); it('should allow getting of headers using `response.get`', function() { - var originalResponse = generateBaseResponse(); + const originalResponse = generateBaseResponse(); - var response = new Response(originalResponse); + const response = new Response(originalResponse); response.get('bar').should.eql(originalResponse.headers.bar); }); it('should allow getting of headers using `response.get`', function() { - var originalResponse = generateBaseResponse(); + const originalResponse = generateBaseResponse(); - var response = new Response(originalResponse); + const response = new Response(originalResponse); response.get('bar').should.eql(originalResponse.headers.bar); }); it('should allow setting of headers using `response.set`', function() { - var originalResponse = generateBaseResponse(); + const originalResponse = generateBaseResponse(); - var response = new Response(originalResponse); + const response = new Response(originalResponse); response.headers.should.eql(originalResponse.headers); response.set('newheader', 'newvalue'); response.headers.bar.should.eql('foo'); @@ -108,9 +108,9 @@ describe('Request', function() { }); it('should process redirect', function() { - var originalResponse = generateBaseResponse(); + const originalResponse = generateBaseResponse(); - var response = new Response(originalResponse); + const response = new Response(originalResponse); response.headers.should.eql(originalResponse.headers); response.status.should.eql(200); response.redirect('http://foo.bar'); diff --git a/test/unit/server_test.js b/test/unit/server_test.js index e7c343f..3987df7 100644 --- a/test/unit/server_test.js +++ b/test/unit/server_test.js @@ -4,12 +4,12 @@ * Module dependencies. */ -var AuthenticateHandler = require('../../lib/handlers/authenticate-handler'); -var AuthorizeHandler = require('../../lib/handlers/authorize-handler'); -var Promise = require('bluebird'); -var Server = require('../../lib/server'); -var TokenHandler = require('../../lib/handlers/token-handler'); -var sinon = require('sinon'); +const AuthenticateHandler = require('../../lib/handlers/authenticate-handler'); +const AuthorizeHandler = require('../../lib/handlers/authorize-handler'); +const Promise = require('bluebird'); +const Server = require('../../lib/server'); +const TokenHandler = require('../../lib/handlers/token-handler'); +const sinon = require('sinon'); /** * Test `Server`. @@ -18,10 +18,10 @@ var sinon = require('sinon'); describe('Server', function() { describe('authenticate()', function() { it('should call `handle`', function() { - var model = { + const model = { getAccessToken: function() {} }; - var server = new Server({ model: model }); + const server = new Server({ model: model }); sinon.stub(AuthenticateHandler.prototype, 'handle').returns(Promise.resolve()); @@ -33,11 +33,11 @@ describe('Server', function() { }); it('should map string passed as `options` to `options.scope`', function() { - var model = { + const model = { getAccessToken: function() {}, verifyScope: function() {} }; - var server = new Server({ model: model }); + const server = new Server({ model: model }); sinon.stub(AuthenticateHandler.prototype, 'handle').returns(Promise.resolve()); @@ -53,12 +53,12 @@ describe('Server', function() { describe('authorize()', function() { it('should call `handle`', function() { - var model = { + const model = { getAccessToken: function() {}, getClient: function() {}, saveAuthorizationCode: function() {} }; - var server = new Server({ model: model }); + const server = new Server({ model: model }); sinon.stub(AuthorizeHandler.prototype, 'handle').returns(Promise.resolve()); @@ -72,11 +72,11 @@ describe('Server', function() { describe('token()', function() { it('should call `handle`', function() { - var model = { + const model = { getClient: function() {}, saveToken: function() {} }; - var server = new Server({ model: model }); + const server = new Server({ model: model }); sinon.stub(TokenHandler.prototype, 'handle').returns(Promise.resolve()); diff --git a/test/unit/validator/is_test.js b/test/unit/validator/is_test.js index c6827d8..016371a 100644 --- a/test/unit/validator/is_test.js +++ b/test/unit/validator/is_test.js @@ -1,13 +1,13 @@ -var is = require('../../../lib/validator/is'); +const is = require('../../../lib/validator/is'); require('chai').should(); function runRanges (ranges, fn, expected) { ranges.forEach(function (range) { - var lower = range[0]; - var upper = range[1]; + const lower = range[0]; + const upper = range[1]; - for (var i = lower; i <= upper; i++) { - var unicodeChar = String.fromCodePoint(i); + for (let i = lower; i <= upper; i++) { + const unicodeChar = String.fromCodePoint(i); // single char fn(unicodeChar).should.eql(expected, i + ' ' + unicodeChar); // multiple chars @@ -19,7 +19,7 @@ function runRanges (ranges, fn, expected) { describe('Validator', function () { describe('is', function () { it('validates if a value matches a unicode character (nchar)', function () { - var validRanges = [ + const validRanges = [ [45, 46], // \u002D \u002E [48, 57], // 0-9 [65, 90], // A-Z @@ -29,7 +29,7 @@ describe('Validator', function () { runRanges(validRanges, is.nchar, true); - var invalidRanges = [ + const invalidRanges = [ [0, 44], [47, 47], [58, 64], @@ -41,7 +41,7 @@ describe('Validator', function () { runRanges(invalidRanges, is.nchar, false); }); it('validates if a value matches a unicode character, including exclamation marks (nqchar)', function () { - var validRanges = [ + const validRanges = [ [33, 33], // \u0021 [35, 91], // \u0023-\u005B [93, 126] // \u005D-\u007E @@ -49,7 +49,7 @@ describe('Validator', function () { runRanges(validRanges, is.nqchar, true); - var invalidRanges = [ + const invalidRanges = [ [0, 32], [34, 34], [92, 92], @@ -59,7 +59,7 @@ describe('Validator', function () { runRanges(invalidRanges, is.nqchar, false); }); it('validates if a value matches a unicode character, including exclamation marks and spaces (nqschar)', function () { - var validRanges = [ + const validRanges = [ [32, 33], // \u0020-\u0021 [35, 91], // \u0023-\u005B [93, 126] // \u005D-\u007E @@ -67,7 +67,7 @@ describe('Validator', function () { runRanges(validRanges, is.nqschar, true); - var invalidRanges = [ + const invalidRanges = [ [0, 31], [34, 34], [92, 92], @@ -78,7 +78,7 @@ describe('Validator', function () { }); it('validates if a value matches a unicode character excluding the carriage return and linefeed characters (uchar)', function () { this.timeout(60000); - var validRanges = [ + const validRanges = [ [9, 9], // \u0009 [32, 126], // \u0020-\u007E, [128, 55295], // \u0080-\uD7FF @@ -88,7 +88,7 @@ describe('Validator', function () { runRanges(validRanges, is.uchar, true); - var invalidRanges = [ + const invalidRanges = [ [0, 8], [10, 31], [127, 127], @@ -110,13 +110,13 @@ describe('Validator', function () { }); }); it('validates if a value matches against the printable set of unicode characters (vschar)', function () { - var validRanges = [ + const validRanges = [ [32, 126] // \u0020-\u007E ]; runRanges(validRanges, is.vschar, true); - var invalidRanges = [ + const invalidRanges = [ [0, 31], [127, 1023] ];