Merge branch 'development' into dependabot/npm_and_yarn/eslint-8.44.0

.mocharc.yml

@@ -1,6 +1,6 @@
 recursive: true
 reporter: "spec"
-retries: 1
+retries: 0
 slow: 20
 timeout: 2000
 ui: "bdd"

CHANGELOG.md

@@ -1,5 +1,13 @@
 ## Changelog
 
+## 5.0.0
+
+- removed `bluebird` and `promisify-any`
+- uses native Promises and `async/await` everywhere
+- drop support for Node 14 (EOL), setting Node 16 as `engine` in `package.json`
+- this is a breaking change, because **it removes callback support** for
+  `OAuthServer` and your model implementation.
+
 ## 4.2.0
 ### Fixed
 - fix(core): Bearer regular expression matching in authenticate handler #105

README.md

@@ -45,6 +45,13 @@ Most users should refer to our [Express (active)](https://github.com/node-oauth/
 
 More examples can be found here: https://github.com/14gasher/oauth-example
 
+## Version 5 notes
+
+Beginning with version `5.x` we removed dual support for callbacks and promises.
+With this version there is only support for Promises / async/await.
+
+With this version we also bumped the `engine` to Node 16 as 14 is now deprecated.
+
 ## Migrating from OAuthJs and 3.x
 
 Version 4.x should not be hard-breaking, however, there were many improvements and fixes that may

SECURITY.md

@@ -5,11 +5,12 @@
 Use this section to tell people about which versions of your project are
 currently being supported with security updates.
 
-| Version | Supported          |
-| ------- | ------------------ |
-| 4.x.x   | :white_check_mark: |
-| 3.x.x   | :white_check_mark: but only very critical security issues |
-| < 3 | :x: |
+| Version | Supported                                        |
+|---------|--------------------------------------------------|
+| 5.x.x   | :white_check_mark:                               |
+| 4.x.x   | :white_check_mark: but only high severity issues |
+| 3.x.x   | :x:                                              |
+| < 3     | :x:                                              |
 
 ## Reporting a Vulnerability
 

lib/errors/access-denied-error.js

@@ -5,7 +5,6 @@
  */
 
 const OAuthError = require('./oauth-error');
-const util = require('util');
 
 /**
  * Constructor.
@@ -15,21 +14,18 @@ const util = require('util');
  * @see https://tools.ietf.org/html/rfc6749#section-4.1.2.1
  */
 
-function AccessDeniedError(message, properties) {
-  properties = Object.assign({
-    code: 400,
-    name: 'access_denied'
-  }, properties);
+class AccessDeniedError extends OAuthError {
+  constructor(message, properties) {
+    properties = {
+      code: 400,
+      name: 'access_denied',
+      ...properties
+    };
 
-  OAuthError.call(this, message, properties);
+    super(message, properties);
+  }
 }
 
-/**
- * Inherit prototype.
- */
-
-util.inherits(AccessDeniedError, OAuthError);
-
 /**
  * Export constructor.
  */

lib/errors/insufficient-scope-error.js

@@ -5,7 +5,6 @@
  */
 
 const OAuthError = require('./oauth-error');
-const util = require('util');
 
 /**
  * Constructor.
@@ -15,21 +14,18 @@ const util = require('util');
  * @see https://tools.ietf.org/html/rfc6750.html#section-3.1
  */
 
-function InsufficientScopeError(message, properties) {
-  properties = Object.assign({
-    code: 403,
-    name: 'insufficient_scope'
-  }, properties);
+class InsufficientScopeError extends OAuthError {
+  constructor(message, properties) {
+    properties = {
+      code: 403,
+      name: 'insufficient_scope',
+      ...properties
+    };
 
-  OAuthError.call(this, message, properties);
+    super(message, properties);
+  }
 }
 
-/**
- * Inherit prototype.
- */
-
-util.inherits(InsufficientScopeError, OAuthError);
-
 /**
  * Export constructor.
  */

lib/errors/invalid-argument-error.js

@@ -5,27 +5,23 @@
  */
 
 const OAuthError = require('./oauth-error');
-const util = require('util');
 
 /**
  * Constructor.
  */
 
-function InvalidArgumentError(message, properties) {
-  properties = Object.assign({
-    code: 500,
-    name: 'invalid_argument'
-  }, properties);
+class InvalidArgumentError extends OAuthError {
+  constructor(message, properties) {
+    properties = {
+      code: 500,
+      name: 'invalid_argument',
+      ...properties
+    };
 
-  OAuthError.call(this, message, properties);
+    super(message, properties);
+  }
 }
 
-/**
- * Inherit prototype.
- */
-
-util.inherits(InvalidArgumentError, OAuthError);
-
 /**
  * Export constructor.
  */

lib/errors/invalid-client-error.js

@@ -5,7 +5,6 @@
  */
 
 const OAuthError = require('./oauth-error');
-const util = require('util');
 
 /**
  * Constructor.
@@ -16,21 +15,18 @@ const util = require('util');
  * @see https://tools.ietf.org/html/rfc6749#section-5.2
  */
 
-function InvalidClientError(message, properties) {
-  properties = Object.assign({
-    code: 400,
-    name: 'invalid_client'
-  }, properties);
+class InvalidClientError extends OAuthError {
+  constructor(message, properties) {
+    properties = {
+      code: 400,
+      name: 'invalid_client',
+      ...properties
+    };
 
-  OAuthError.call(this, message, properties);
+    super(message, properties);
+  }
 }
 
-/**
- * Inherit prototype.
- */
-
-util.inherits(InvalidClientError, OAuthError);
-
 /**
  * Export constructor.
  */

lib/errors/invalid-grant-error.js

@@ -5,7 +5,6 @@
  */
 
 const OAuthError = require('./oauth-error');
-const util = require('util');
 
 /**
  * Constructor.
@@ -17,21 +16,18 @@ const util = require('util');
  * @see https://tools.ietf.org/html/rfc6749#section-5.2
  */
 
-function InvalidGrantError(message, properties) {
-  properties = Object.assign({
-    code: 400,
-    name: 'invalid_grant'
-  }, properties);
+class InvalidGrantError extends OAuthError {
+  constructor(message, properties) {
+    properties = {
+      code: 400,
+      name: 'invalid_grant',
+      ...properties
+    };
 
-  OAuthError.call(this, message, properties);
+    super(message, properties);
+  }
 }
 
-/**
- * Inherit prototype.
- */
-
-util.inherits(InvalidGrantError, OAuthError);
-
 /**
  * Export constructor.
  */

lib/errors/invalid-request-error.js

@@ -5,7 +5,6 @@
  */
 
 const OAuthError = require('./oauth-error');
-const util = require('util');
 
 /**
  * Constructor.
@@ -16,21 +15,18 @@ const util = require('util');
  * @see https://tools.ietf.org/html/rfc6749#section-4.2.2.1
  */
 
-function InvalidRequest(message, properties) {
-  properties = Object.assign({
-    code: 400,
-    name: 'invalid_request'
-  }, properties);
+class InvalidRequest extends OAuthError {
+  constructor(message, properties) {
+    properties = {
+      code: 400,
+      name: 'invalid_request',
+      ...properties
+    };
 
-  OAuthError.call(this, message, properties);
+    super(message, properties);
+  }
 }
 
-/**
- * Inherit prototype.
- */
-
-util.inherits(InvalidRequest, OAuthError);
-
 /**
  * Export constructor.
  */

lib/errors/invalid-scope-error.js

@@ -5,7 +5,6 @@
  */
 
 const OAuthError = require('./oauth-error');
-const util = require('util');
 
 /**
  * Constructor.
@@ -15,21 +14,18 @@ const util = require('util');
  * @see https://tools.ietf.org/html/rfc6749#section-4.1.2.1
  */
 
-function InvalidScopeError(message, properties) {
-  properties = Object.assign({
-    code: 400,
-    name: 'invalid_scope'
-  }, properties);
+class InvalidScopeError extends OAuthError {
+  constructor(message, properties) {
+    properties = {
+      code: 400,
+      name: 'invalid_scope',
+      ...properties
+    };
 
-  OAuthError.call(this, message, properties);
+    super(message, properties);
+  }
 }
 
-/**
- * Inherit prototype.
- */
-
-util.inherits(InvalidScopeError, OAuthError);
-
 /**
  * Export constructor.
  */

lib/errors/invalid-token-error.js

@@ -5,7 +5,6 @@
  */
 
 const OAuthError = require('./oauth-error');
-const util = require('util');
 
 /**
  * Constructor.
@@ -15,21 +14,18 @@ const util = require('util');
  * @see https://tools.ietf.org/html/rfc6750#section-3.1
  */
 
-function InvalidTokenError(message, properties) {
-  properties = Object.assign({
-    code: 401,
-    name: 'invalid_token'
-  }, properties);
+class InvalidTokenError extends OAuthError {
+  constructor(message, properties) {
+    properties = {
+      code: 401,
+      name: 'invalid_token',
+      ...properties
+    };
 
-  OAuthError.call(this, message, properties);
+    super(message, properties);
+  }
 }
 
-/**
- * Inherit prototype.
- */
-
-util.inherits(InvalidTokenError, OAuthError);
-
 /**
  * Export constructor.
  */