Upgrade axios version

.changeset/clean-lobsters-begin.md

@@ -0,0 +1,8 @@
+---
+"@ordermentum/express-asap": major
+"@ordermentum/axios-asap": major
+"@ordermentum/asap-core": major
+"@ordermentum/hapi-asap": major
+---
+
+Upgrade axios version to 1.0

packages/asap-core/package.json

@@ -33,7 +33,7 @@
     "typecheck": "yarn tsc --noEmit"
   },
   "dependencies": {
-    "axios": "^0.26.1",
+    "axios": "^1.7.7",
     "express": "^4.17.3",
     "jsonwebtoken": "^8.5.1",
     "node-cache": "^5.1.2"

packages/asap-core/src/authenticator.ts

@@ -127,7 +127,7 @@ export function createAsapAuthenticator({
     });
   }
 
-  const verifyOptions = {
+  const verifyOptions: jsonWebToken.VerifyOptions = {
     algorithms: ALLOWED_ALGORITHMS,
     clockTolerance: CLOCK_TOLERANCE_SECONDS,
     audience: resourceServerAudience,

packages/asap-core/test/file_test.ts

@@ -1,7 +1,10 @@
 import { describe, afterEach, beforeEach } from 'mocha';
 import { expect } from 'chai';
 import sinon from 'sinon';
-import { createPublicKeyFetcher, createTestPublicKeyFetcher } from '../src/fetchers/file';
+import {
+  createPublicKeyFetcher,
+  createTestPublicKeyFetcher,
+} from '../src/fetchers/file';
 
 describe('file', () => {
   let time;
@@ -39,6 +42,6 @@ describe('file', () => {
         const key2 = await fetcher('test/service_2');
         expect(key1).to.eqls(key2);
       });
-    })
+    });
   });
 });

packages/asap-core/test/generate_test.ts

@@ -137,7 +137,7 @@ describe('createAuthHeaderGenerator', () => {
       jwtConfig.privateKey = 'this is not a valid key';
 
       expect(() => createAuthHeaderGenerator(jwtConfig)()).to.throw(
-        /PEM.*no start line/
+        /DECODER routines::unsupported/
       );
     });
 

packages/axios-asap/package.json

@@ -12,7 +12,6 @@
     "@types/express": "4.17.13",
     "@types/jsonwebtoken": "8.5.8",
     "@types/mocha": "9.1.0",
-    "@types/moxios": "0.4.15",
     "@types/node": "17.0.21",
     "@types/sinon": "10.0.11",
     "chai": "4.3.6",
@@ -21,7 +20,7 @@
     "lint-staged": "12.3.5",
     "mocha": "9.2.2",
     "mocha-sinon": "2.1.2",
-    "moxios": "0.4.0",
+    "nock": "13.5.5",
     "sinon": "13.0.1",
     "ts-node": "10.7.0",
     "ts-node-dev": "1.1.8",
@@ -35,6 +34,6 @@
   },
   "dependencies": {
     "@ordermentum/asap-core": "*",
-    "axios": "^0.26.1"
+    "axios": "^1.7.7"
   }
 }

packages/axios-asap/src/index.ts

@@ -2,7 +2,7 @@ import {
   createAuthHeaderGenerator,
   AuthHeaderConfig,
 } from '@ordermentum/asap-core';
-import axios, { AxiosInstance, AxiosRequestConfig } from 'axios';
+import axios, { AxiosInstance, AxiosRequestConfig, AxiosHeaders } from 'axios';
 import http from 'http';
 import https from 'https';
 
@@ -12,9 +12,13 @@ export const createAsapInterceptor = (authConfig: AuthHeaderConfig) => {
   });
   return (config: AxiosRequestConfig) => {
     const header = headerGenerator();
-    const headers = config.headers ?? {};
-    headers.Authorization = header;
-    return { ...config, headers };
+    // @ts-expect-error RawAxiosHeaders is not accessible for type defs
+    const headers: AxiosHeaders = new AxiosHeaders(config.headers ?? {});
+    headers.set('Authorization', header);
+    return {
+      ...config,
+      headers,
+    };
   };
 };
 
@@ -30,7 +34,7 @@ const getDefaultAxiosConfig = (): AxiosRequestConfig => {
   if (!httpsAgent) {
     httpsAgent = new https.Agent({ keepAlive: true });
   }
-  return { httpAgent, httpsAgent }
+  return { httpAgent, httpsAgent };
 };
 
 export type Options = {

packages/axios-asap/test/index_test.ts

@@ -1,6 +1,6 @@
 import { describe, beforeEach } from 'mocha';
 import axios from 'axios';
-import moxios from 'moxios';
+import nock from 'nock';
 import { expect } from 'chai';
 import { privateKeyPem } from '@ordermentum/asap-test-helpers';
 import { createAsapInterceptor, createClient } from '../src';
@@ -19,14 +19,10 @@ describe('createAuthHeaderGenerator', () => {
 
   it('sets the header', async () => {
     const client = axios.create();
-    moxios.install(client);
     client.interceptors.request.use(createAsapInterceptor(jwtConfig));
-    moxios.stubRequest('/say/hello', {
-      status: 200,
-      responseText: 'hello',
-    });
+    nock('http://localhost').get('/say/hello').reply(200, 'hello');
 
-    const res = await client.get('/say/hello');
+    const res = await client.get('http://localhost/say/hello');
     expect(res.status).to.equal(200);
     expect(Object.keys(res?.config?.headers ?? {})).to.include('Authorization');
     expect(res?.config?.headers?.Authorization).to.include('Bearer');
@@ -49,13 +45,9 @@ describe('createAuthHeaderGenerator', () => {
       }
     );
 
-    moxios.install(client);
-    moxios.stubRequest('/say/hello', {
-      status: 200,
-      responseText: 'hello',
-    });
+    nock('http://localhost').get('/say/hello').reply(200, 'hello');
 
-    const res = await client.get('/say/hello');
+    const res = await client.get('http://localhost/say/hello');
     expect(res.status).to.equal(200);
     expect(Object.keys(res?.config?.headers ?? {})).to.include('Authorization');
     expect(res?.config?.headers?.Authorization).to.include('Bearer');
@@ -151,5 +143,5 @@ describe('createAuthHeaderGenerator', () => {
     expect(client1).to.equal(client2);
     expect(client1.defaults.headers['x-custom-header']).to.equal('1');
     expect(client2.defaults.headers['x-custom-header']).to.equal('1');
-  })
+  });
 });

packages/express-asap/package.json

@@ -35,7 +35,6 @@
   },
   "dependencies": {
     "@ordermentum/asap-core": "*",
-    "axios": "^0.26.1",
     "express": "^4.17.3",
     "jsonwebtoken": "^8.5.1"
   }

packages/express-asap/test/index_test.ts

@@ -8,13 +8,22 @@ import createAsapAuthenticationMiddleware from '../src/middleware';
 import createAsapIssuerWhitelistMiddleware from '../src/whitelist_middleware';
 
 const app = express();
-app.use(
-  createAsapAuthenticationMiddleware({
-    keyLoader: (_key: string) => Promise.resolve(publicKey),
-    resourceServerAudience: 'test',
-    maxLifeTimeSeconds: 60,
-  })
-);
+app
+  .use(
+    createAsapAuthenticationMiddleware({
+      keyLoader: (_key: string) => Promise.resolve(publicKey),
+      resourceServerAudience: 'test',
+      maxLifeTimeSeconds: 60,
+    })
+  )
+  .use((req, res, next) => {
+    // @ts-ignore
+    if (req.headers.authorization && req.locals?.asapClaims === undefined) {
+      res.status(401).send('Did not authenticate');
+    } else {
+      next();
+    }
+  });
 
 app.get('/', (_req, res) => {
   res.status(200);
@@ -43,7 +52,7 @@ describe('middleware', () => {
       tokenExpiryMs: 60 * 1000,
     };
 
-    const authHeader = createAuthHeaderGenerator(jwtConfig)();
+    const authHeader = createAuthHeaderGenerator(jwtConfig)({ admin: true });
     const res = await agent.get('/').set('Authorization', authHeader);
     expect(res.status).to.equal(200);
     expect(res.text).to.equal('OK');
@@ -58,7 +67,7 @@ describe('middleware', () => {
       tokenExpiryMs: 60 * 1000,
     };
 
-    const authHeader = createAuthHeaderGenerator(jwtConfig)();
+    const authHeader = createAuthHeaderGenerator(jwtConfig)({ admin: true });
     const res = await agent.get('/').set('Authorization', authHeader);
     expect(res.status).to.equal(401);
   });
@@ -77,7 +86,7 @@ describe('middleware', () => {
       return res.send('OK');
     });
 
-    const authHeader = createAuthHeaderGenerator(jwtConfig)();
+    const authHeader = createAuthHeaderGenerator(jwtConfig)({ admin: true });
     const res = await agent.get('/protected').set('Authorization', authHeader);
     expect(res.status).to.equal(401);
   });

packages/hapi-asap/package.json

@@ -37,7 +37,6 @@
     "@hapi/boom": "^10.0.0",
     "@hapi/hapi": "^20.2.2",
     "@ordermentum/asap-core": "*",
-    "axios": "^0.26.1",
     "express": "^4.17.3",
     "jsonwebtoken": "^8.5.1"
   }

packages/hapi-asap/src/middleware.ts

@@ -47,10 +47,7 @@ const implementation = (_server: Hapi.Server, options?: any) => {
  * @param opts AuthenticatorOptions
  *
  */
-const register = (
-  server: Hapi.Server,
-  options: AuthenticatorOptions
-) => {
+const register = (server: Hapi.Server, options: AuthenticatorOptions) => {
   server.auth.scheme('hapi-asap', implementation);
   server.auth.strategy('hapi-asap', 'hapi-asap', options);
 };
@@ -60,10 +57,6 @@ const plugin: Hapi.Plugin<AuthenticatorOptions> = {
   pkg: { name: 'ASAP Authentication', version: '0.1.0' },
 };
 
-export {
-  register, 
-  AuthenticatorOptions,
-  plugin
-}
+export { register, AuthenticatorOptions, plugin };
 
 export default plugin;

packages/hapi-asap/test/index_test.ts

@@ -3,16 +3,24 @@ import { expect } from 'chai';
 import { createAuthHeaderGenerator } from '@ordermentum/asap-core';
 import { publicKey, privateKeyPem } from '@ordermentum/asap-test-helpers';
 import Hapi from '@hapi/hapi';
-import registerPlugin from '../src/middleware';
+import { plugin as hapiAsap } from '../src/middleware';
 
 async function init() {
   const server = Hapi.server({
-    port: 3000,
+    port: 10000,
     host: 'localhost',
   });
 
-  await server.register(registerPlugin);
+  await server.register({
+    plugin: hapiAsap,
+    options: {
+      keyLoader: (_key: string) => Promise.resolve(publicKey),
+      resourceServerAudience: 'test',
+      maxLifeTimeSeconds: 60,
+    },
+  });
 
+  // await server.register(registerPlugin);
   server.auth.strategy('asap', 'hapi-asap', {
     keyLoader: (_key: string) => Promise.resolve(publicKey),
     resourceServerAudience: 'test',
@@ -35,6 +43,7 @@ async function init() {
         return `Ok`;
       }
 
+      // @ts-expect-error
       return `${asapClaims?.aud}`;
     },
   });
@@ -50,6 +59,7 @@ async function init() {
     path: '/required',
     handler(request, h) {
       const { asapClaims } = request.auth.artifacts ?? {};
+      // @ts-expect-error
       return `test ${asapClaims?.aud}`;
     },
   });