diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 473c411..b3e36ad 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,20 +1,17 @@ version: 2 updates: -- package-ecosystem: npm - directory: "/" - schedule: - interval: daily - open-pull-requests-limit: 10 - ignore: - - dependency-name: sinon - versions: - - 10.0.0 - - 9.2.4 - - dependency-name: mocha - versions: - - 8.2.1 - - 8.3.0 - - 8.3.1 - - dependency-name: lodash - versions: - - 4.17.20 + - package-ecosystem: npm + directory: "/" + schedule: + interval: daily + open-pull-requests-limit: 10 + ignore: + - dependency-name: sinon + versions: + - 10.0.0 + - 9.2.4 + - dependency-name: mocha + versions: + - 8.2.1 + - 8.3.0 + - 8.3.1 diff --git a/lib/errors/access-denied-error.js b/lib/errors/access-denied-error.js index d3ffc70..0f3dc2f 100644 --- a/lib/errors/access-denied-error.js +++ b/lib/errors/access-denied-error.js @@ -4,7 +4,6 @@ * Module dependencies. */ -var _ = require('lodash'); var OAuthError = require('./oauth-error'); var util = require('util'); @@ -17,7 +16,7 @@ var util = require('util'); */ function AccessDeniedError(message, properties) { - properties = _.assign({ + properties = Object.assign({ code: 400, name: 'access_denied' }, properties); diff --git a/lib/errors/insufficient-scope-error.js b/lib/errors/insufficient-scope-error.js index c6442ea..c522df7 100644 --- a/lib/errors/insufficient-scope-error.js +++ b/lib/errors/insufficient-scope-error.js @@ -4,7 +4,6 @@ * Module dependencies. */ -var _ = require('lodash'); var OAuthError = require('./oauth-error'); var util = require('util'); @@ -17,7 +16,7 @@ var util = require('util'); */ function InsufficientScopeError(message, properties) { - properties = _.assign({ + properties = Object.assign({ code: 403, name: 'insufficient_scope' }, properties); diff --git a/lib/errors/invalid-argument-error.js b/lib/errors/invalid-argument-error.js index cb56d5a..b667468 100644 --- a/lib/errors/invalid-argument-error.js +++ b/lib/errors/invalid-argument-error.js @@ -4,7 +4,6 @@ * Module dependencies. */ -var _ = require('lodash'); var OAuthError = require('./oauth-error'); var util = require('util'); @@ -13,7 +12,7 @@ var util = require('util'); */ function InvalidArgumentError(message, properties) { - properties = _.assign({ + properties = Object.assign({ code: 500, name: 'invalid_argument' }, properties); diff --git a/lib/errors/invalid-client-error.js b/lib/errors/invalid-client-error.js index d95358c..31aea2d 100644 --- a/lib/errors/invalid-client-error.js +++ b/lib/errors/invalid-client-error.js @@ -4,7 +4,6 @@ * Module dependencies. */ -var _ = require('lodash'); var OAuthError = require('./oauth-error'); var util = require('util'); @@ -18,7 +17,7 @@ var util = require('util'); */ function InvalidClientError(message, properties) { - properties = _.assign({ + properties = Object.assign({ code: 400, name: 'invalid_client' }, properties); diff --git a/lib/errors/invalid-grant-error.js b/lib/errors/invalid-grant-error.js index 58d032e..810242d 100644 --- a/lib/errors/invalid-grant-error.js +++ b/lib/errors/invalid-grant-error.js @@ -4,7 +4,6 @@ * Module dependencies. */ -var _ = require('lodash'); var OAuthError = require('./oauth-error'); var util = require('util'); @@ -19,7 +18,7 @@ var util = require('util'); */ function InvalidGrantError(message, properties) { - properties = _.assign({ + properties = Object.assign({ code: 400, name: 'invalid_grant' }, properties); diff --git a/lib/errors/invalid-request-error.js b/lib/errors/invalid-request-error.js index 4cf0a73..bfb178a 100644 --- a/lib/errors/invalid-request-error.js +++ b/lib/errors/invalid-request-error.js @@ -4,7 +4,6 @@ * Module dependencies. */ -var _ = require('lodash'); var OAuthError = require('./oauth-error'); var util = require('util'); @@ -18,7 +17,7 @@ var util = require('util'); */ function InvalidRequest(message, properties) { - properties = _.assign({ + properties = Object.assign({ code: 400, name: 'invalid_request' }, properties); diff --git a/lib/errors/invalid-scope-error.js b/lib/errors/invalid-scope-error.js index c3b287f..bcded24 100644 --- a/lib/errors/invalid-scope-error.js +++ b/lib/errors/invalid-scope-error.js @@ -4,7 +4,6 @@ * Module dependencies. */ -var _ = require('lodash'); var OAuthError = require('./oauth-error'); var util = require('util'); @@ -17,7 +16,7 @@ var util = require('util'); */ function InvalidScopeError(message, properties) { - properties = _.assign({ + properties = Object.assign({ code: 400, name: 'invalid_scope' }, properties); diff --git a/lib/errors/invalid-token-error.js b/lib/errors/invalid-token-error.js index d7e7a8b..cb12c3e 100644 --- a/lib/errors/invalid-token-error.js +++ b/lib/errors/invalid-token-error.js @@ -4,7 +4,6 @@ * Module dependencies. */ -var _ = require('lodash'); var OAuthError = require('./oauth-error'); var util = require('util'); @@ -17,7 +16,7 @@ var util = require('util'); */ function InvalidTokenError(message, properties) { - properties = _.assign({ + properties = Object.assign({ code: 401, name: 'invalid_token' }, properties); diff --git a/lib/errors/oauth-error.js b/lib/errors/oauth-error.js index a388cd3..fc66f75 100644 --- a/lib/errors/oauth-error.js +++ b/lib/errors/oauth-error.js @@ -3,7 +3,6 @@ /** * Module dependencies. */ -var _ = require('lodash'); var util = require('util'); var http = require('http'); /** @@ -13,17 +12,16 @@ var http = require('http'); function OAuthError(messageOrError, properties) { var message = messageOrError instanceof Error ? messageOrError.message : messageOrError; var error = messageOrError instanceof Error ? messageOrError : null; - if (_.isEmpty(properties)) - { + if (properties == null || !Object.entries(properties).length ) { properties = {}; } - _.defaults(properties, { code: 500 }); + properties = Object.assign({ code: 500 }, properties); if (error) { properties.inner = error; } - if (_.isEmpty(message)) { + if (!message || message.length === 0) { message = http.STATUS_CODES[properties.code]; } this.code = this.status = this.statusCode = properties.code; diff --git a/lib/errors/server-error.js b/lib/errors/server-error.js index d193af3..a1bdcf9 100644 --- a/lib/errors/server-error.js +++ b/lib/errors/server-error.js @@ -4,7 +4,6 @@ * Module dependencies. */ -var _ = require('lodash'); var OAuthError = require('./oauth-error'); var util = require('util'); @@ -17,7 +16,7 @@ var util = require('util'); */ function ServerError(message, properties) { - properties = _.assign({ + properties = Object.assign({ code: 503, name: 'server_error' }, properties); diff --git a/lib/errors/unauthorized-client-error.js b/lib/errors/unauthorized-client-error.js index c05075d..eca0d68 100644 --- a/lib/errors/unauthorized-client-error.js +++ b/lib/errors/unauthorized-client-error.js @@ -4,7 +4,6 @@ * Module dependencies. */ -var _ = require('lodash'); var OAuthError = require('./oauth-error'); var util = require('util'); @@ -17,7 +16,7 @@ var util = require('util'); */ function UnauthorizedClientError(message, properties) { - properties = _.assign({ + properties = Object.assign({ code: 400, name: 'unauthorized_client' }, properties); diff --git a/lib/errors/unauthorized-request-error.js b/lib/errors/unauthorized-request-error.js index ae7500d..afb11b8 100644 --- a/lib/errors/unauthorized-request-error.js +++ b/lib/errors/unauthorized-request-error.js @@ -4,7 +4,6 @@ * Module dependencies. */ -var _ = require('lodash'); var OAuthError = require('./oauth-error'); var util = require('util'); @@ -20,7 +19,7 @@ var util = require('util'); */ function UnauthorizedRequestError(message, properties) { - properties = _.assign({ + properties = Object.assign({ code: 401, name: 'unauthorized_request' }, properties); diff --git a/lib/errors/unsupported-grant-type-error.js b/lib/errors/unsupported-grant-type-error.js index 28ca0ec..63345ce 100644 --- a/lib/errors/unsupported-grant-type-error.js +++ b/lib/errors/unsupported-grant-type-error.js @@ -4,7 +4,6 @@ * Module dependencies. */ -var _ = require('lodash'); var OAuthError = require('./oauth-error'); var util = require('util'); @@ -17,7 +16,7 @@ var util = require('util'); */ function UnsupportedGrantTypeError(message, properties) { - properties = _.assign({ + properties = Object.assign({ code: 400, name: 'unsupported_grant_type' }, properties); diff --git a/lib/errors/unsupported-response-type-error.js b/lib/errors/unsupported-response-type-error.js index 523cc44..861ac34 100644 --- a/lib/errors/unsupported-response-type-error.js +++ b/lib/errors/unsupported-response-type-error.js @@ -4,7 +4,6 @@ * Module dependencies. */ -var _ = require('lodash'); var OAuthError = require('./oauth-error'); var util = require('util'); @@ -18,7 +17,7 @@ var util = require('util'); */ function UnsupportedResponseTypeError(message, properties) { - properties = _.assign({ + properties = Object.assign({ code: 400, name: 'unsupported_response_type' }, properties); diff --git a/lib/handlers/authorize-handler.js b/lib/handlers/authorize-handler.js index 845e25b..7cd89a1 100644 --- a/lib/handlers/authorize-handler.js +++ b/lib/handlers/authorize-handler.js @@ -4,7 +4,6 @@ * Module dependencies. */ -var _ = require('lodash'); var AccessDeniedError = require('../errors/access-denied-error'); var AuthenticateHandler = require('../handlers/authenticate-handler'); var InvalidArgumentError = require('../errors/invalid-argument-error'); @@ -186,7 +185,7 @@ AuthorizeHandler.prototype.getClient = function(request) { throw new InvalidClientError('Invalid client: missing client `grants`'); } - if (!_.includes(client.grants, 'authorization_code')) { + if (!Array.isArray(client.grants) || !client.grants.includes('authorization_code')) { throw new UnauthorizedClientError('Unauthorized client: `grant_type` is invalid'); } @@ -194,7 +193,7 @@ AuthorizeHandler.prototype.getClient = function(request) { throw new InvalidClientError('Invalid client: missing client `redirectUri`'); } - if (redirectUri && !_.includes(client.redirectUris, redirectUri)) { + if (redirectUri && !client.redirectUris.includes(redirectUri)) { throw new InvalidClientError('Invalid client: `redirect_uri` does not match client value'); } return client; @@ -301,7 +300,7 @@ AuthorizeHandler.prototype.getResponseType = function(request) { throw new InvalidRequestError('Missing parameter: `response_type`'); } - if (!_.has(responseTypes, responseType)) { + if (!Object.prototype.hasOwnProperty.call(responseTypes, responseType)) { throw new UnsupportedResponseTypeError('Unsupported response type: `response_type` is not supported'); } diff --git a/lib/handlers/token-handler.js b/lib/handlers/token-handler.js index feaad3f..895ce2e 100644 --- a/lib/handlers/token-handler.js +++ b/lib/handlers/token-handler.js @@ -4,7 +4,6 @@ * Module dependencies. */ -var _ = require('lodash'); var BearerTokenType = require('../token-types/bearer-token-type'); var InvalidArgumentError = require('../errors/invalid-argument-error'); var InvalidClientError = require('../errors/invalid-client-error'); @@ -56,7 +55,7 @@ function TokenHandler(options) { } this.accessTokenLifetime = options.accessTokenLifetime; - this.grantTypes = _.assign({}, grantTypes, options.extendedGrantTypes); + this.grantTypes = Object.assign({}, grantTypes, options.extendedGrantTypes); this.model = options.model; this.refreshTokenLifetime = options.refreshTokenLifetime; this.allowExtendedTokenAttributes = options.allowExtendedTokenAttributes; @@ -208,11 +207,11 @@ TokenHandler.prototype.handleGrantType = function(request, client) { throw new InvalidRequestError('Invalid parameter: `grant_type`'); } - if (!_.has(this.grantTypes, grantType)) { + if (!Object.prototype.hasOwnProperty.call(this.grantTypes, grantType)) { throw new UnsupportedGrantTypeError('Unsupported grant type: `grant_type` is invalid'); } - if (!_.includes(client.grants, grantType)) { + if (!Array.isArray(client.grants) || !client.grants.includes(grantType)) { throw new UnauthorizedClientError('Unauthorized client: `grant_type` is invalid'); } diff --git a/lib/server.js b/lib/server.js index fba9ccf..a588f80 100644 --- a/lib/server.js +++ b/lib/server.js @@ -4,7 +4,6 @@ * Module dependencies. */ -var _ = require('lodash'); var AuthenticateHandler = require('./handlers/authenticate-handler'); var AuthorizeHandler = require('./handlers/authorize-handler'); var InvalidArgumentError = require('./errors/invalid-argument-error'); @@ -33,7 +32,7 @@ OAuth2Server.prototype.authenticate = function(request, response, options, callb options = {scope: options}; } - options = _.assign({ + options = Object.assign({ addAcceptedScopesHeader: true, addAuthorizedScopesHeader: true, allowBearerTokensInQueryString: false @@ -49,7 +48,7 @@ OAuth2Server.prototype.authenticate = function(request, response, options, callb */ OAuth2Server.prototype.authorize = function(request, response, options, callback) { - options = _.assign({ + options = Object.assign({ allowEmptyState: false, authorizationCodeLifetime: 5 * 60 // 5 minutes. }, this.options, options); @@ -64,7 +63,7 @@ OAuth2Server.prototype.authorize = function(request, response, options, callback */ OAuth2Server.prototype.token = function(request, response, options, callback) { - options = _.assign({ + options = Object.assign({ accessTokenLifetime: 60 * 60, // 1 hour. refreshTokenLifetime: 60 * 60 * 24 * 14, // 2 weeks. allowExtendedTokenAttributes: false, diff --git a/package-lock.json b/package-lock.json index 4d9e7c5..fdb1e2d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1722,7 +1722,8 @@ "lodash": { "version": "4.17.21", "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz", - "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==" + "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==", + "dev": true }, "lodash.flattendeep": { "version": "4.4.0", diff --git a/package.json b/package.json index d9bd222..1b87f4b 100644 --- a/package.json +++ b/package.json @@ -20,7 +20,6 @@ "dependencies": { "basic-auth": "2.0.1", "bluebird": "3.7.2", - "lodash": "4.17.21", "promisify-any": "2.0.1", "type-is": "1.6.18" },