From 77c2a928fe5cc02a8aab304c75ee8a7912e9e20e Mon Sep 17 00:00:00 2001
From: MaxAake <61233757+MaxAake@users.noreply.github.com>
Date: Fri, 24 Jan 2025 11:39:50 +0100
Subject: [PATCH 1/2] check for circular references in parameters.

---
 packages/core/src/auth.ts                   | 8 ++++++++
 packages/core/test/auth.test.ts             | 6 ++++++
 packages/neo4j-driver-deno/lib/core/auth.ts | 8 ++++++++
 3 files changed, 22 insertions(+)

diff --git a/packages/core/src/auth.ts b/packages/core/src/auth.ts
index 6237a1c0e..2ded8ea19 100644
--- a/packages/core/src/auth.ts
+++ b/packages/core/src/auth.ts
@@ -15,6 +15,9 @@
  * limitations under the License.
  */
 
+import { newError } from './error'
+import { stringify } from './json'
+
 /**
  * @property {function(username: string, password: string, realm: ?string)} basic the function to create a
  * basic authentication token.
@@ -74,6 +77,11 @@ const auth = {
       output.realm = realm
     }
     if (isNotEmpty(parameters)) {
+      try {
+        stringify(parameters)
+      } catch (e) {
+        throw newError('Circular references in custom auth token parameters', undefined, e)
+      }
       output.parameters = parameters
     }
     return output
diff --git a/packages/core/test/auth.test.ts b/packages/core/test/auth.test.ts
index 710935709..8e7826247 100644
--- a/packages/core/test/auth.test.ts
+++ b/packages/core/test/auth.test.ts
@@ -17,6 +17,12 @@
 import auth from '../src/auth'
 
 describe('auth', () => {
+  test('.custom() should crash with circular references in parameters', () => {
+    const params = { a: '', b: {} }
+    params.b = params
+    expect(() => auth.custom('test', 'pass', 'realm', 'scheme', params)).toThrow('Circular references in custom auth token parameters')
+  })
+
   test('.bearer()', () => {
     expect(auth.bearer('==Qyahiadakkda')).toEqual({ scheme: 'bearer', credentials: '==Qyahiadakkda' })
   })
diff --git a/packages/neo4j-driver-deno/lib/core/auth.ts b/packages/neo4j-driver-deno/lib/core/auth.ts
index 6237a1c0e..d9f1d9064 100644
--- a/packages/neo4j-driver-deno/lib/core/auth.ts
+++ b/packages/neo4j-driver-deno/lib/core/auth.ts
@@ -15,6 +15,9 @@
  * limitations under the License.
  */
 
+import { newError } from './error.ts'
+import { stringify } from './json.ts'
+
 /**
  * @property {function(username: string, password: string, realm: ?string)} basic the function to create a
  * basic authentication token.
@@ -74,6 +77,11 @@ const auth = {
       output.realm = realm
     }
     if (isNotEmpty(parameters)) {
+      try{
+        stringify(parameters)
+      } catch (e) {
+        throw newError("Circular references in custom auth token parameters", undefined, e)
+      }
       output.parameters = parameters
     }
     return output

From d92802758a39021fe6e2b8db0db0163ff4a6b678 Mon Sep 17 00:00:00 2001
From: MaxAake <61233757+MaxAake@users.noreply.github.com>
Date: Fri, 24 Jan 2025 11:40:44 +0100
Subject: [PATCH 2/2] deno

---
 packages/neo4j-driver-deno/lib/core/auth.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/neo4j-driver-deno/lib/core/auth.ts b/packages/neo4j-driver-deno/lib/core/auth.ts
index d9f1d9064..43ce0f028 100644
--- a/packages/neo4j-driver-deno/lib/core/auth.ts
+++ b/packages/neo4j-driver-deno/lib/core/auth.ts
@@ -77,10 +77,10 @@ const auth = {
       output.realm = realm
     }
     if (isNotEmpty(parameters)) {
-      try{
+      try {
         stringify(parameters)
       } catch (e) {
-        throw newError("Circular references in custom auth token parameters", undefined, e)
+        throw newError('Circular references in custom auth token parameters', undefined, e)
       }
       output.parameters = parameters
     }