@63klabs/cache-data 1.3.9 → 1.3.10

package/src/lib/tools/generic.response.json.js

@@ -1,141 +1,11 @@
-contentType = "application/json"
+const { createGenericResponseModule } = require("./generic.response");
 
-headers = {
-	"Content-Type": contentType
-};
+const jsonBodyFormatter = (statusCode, message) => ({ message });
 
-json = function (data = null) {
+const json = function (data = null) {
 	return data ? data : {};
 };
 
-response200 = {
-	statusCode: 200,
-	headers: headers,
-	body: {
-		message: "Success"
-	}
-};
-
-response400 = {
-	statusCode: 400,
-	headers: headers,
-	body: {
-		message: "Bad Request"
-	}
-};
-
-response401 = {
-	statusCode: 401,
-	headers: headers,
-	body: {
-		message: "Unauthorized"
-	}
-};
-
-response403 = {
-	statusCode: 403,
-	headers: headers,
-	body: {
-		message: "Forbidden"
-	}
-};
-
-response404 = {
-	statusCode: 404,
-	headers: headers,
-	body: {
-		message: "Not Found"
-	}
-};
-
-response405 = {
-	statusCode: 405,
-	headers: headers,
-	body: {
-		message: "Method Not Allowed"
-	}
-};
-
-response408 = {
-	statusCode: 408,
-	headers: headers,
-	body: {
-		message: "Request Timeout"
-	}
-};
-
-response418 = {
-	statusCode: 418,
-	headers: headers,
-	body: {
-		message: "I'm a teapot"
-	}
-};
-
-response427 = {
-	statusCode: 427,
-	headers: headers,
-	body: {
-		message: "Too Many Requests"
-	}
-};
-
-response500 = {
-	statusCode: 500,
-	headers: headers,
-	body: {
-		message: "Internal Server Error"
-	}
-};
-
-/**
- * 
- * @param {number|string} statusCode 
- * @returns {{statusCode: number, headers: object, body: Array|Object|string}}
- */
-const response = function (statusCode) {
-	// convert to int
-	statusCode = parseInt(statusCode, 10);
-
-	switch (statusCode) {
-		case 200:
-			return this.response200;
-		case 400:
-			return this.response400;
-		case 401:
-			return this.response401;
-		case 403:
-			return this.response403;
-		case 404:
-			return this.response404;
-		case 405:
-			return this.response405;
-		case 408:
-			return this.response408;
-		case 418:
-			return this.response418;
-		case 427:
-			return this.response427;
-		case 500:
-			return this.response500;
-		default:
-			return this.response500;
-	}
-};
+const mod = createGenericResponseModule("application/json", jsonBodyFormatter);
 
-module.exports = {
-	contentType,
-	headers,
-	json,
-	response200,
-	response400,
-	response401,
-	response403,
-	response404,
-	response405,
-	response408,
-	response418,
-	response427,
-	response500,
-	response
-}
+module.exports = { ...mod, json };

package/src/lib/tools/generic.response.rss.js

@@ -1,121 +1,17 @@
-contentType = "application/rss+xml";
+const { createGenericResponseModule } = require("./generic.response");
 
-headers = {
-	"Content-Type": contentType
-};
-
-rss = (body) => {
+const rss = (body) => {
 	return `<?xml version="1.0" encoding="UTF-8" ?><rss version="2.0">${body}</rss>`;
-}
-
-response200 = {
-	statusCode: 200,
-	headers: headers,
-	body: rss("<hello>Success</hello>")
-};
-
-response400 = {
-	statusCode: 400,
-	headers: headers,
-	body: rss("<error>Bad Request</error>")
-};
-
-response401 = {
-	statusCode: 401,
-	headers: headers,
-	body: rss("<error>Unauthorized</error>")
-};
-
-response403 = {
-	statusCode: 403,
-	headers: headers,
-	body: rss("<error>Forbidden</error>")
 };
 
-response404 = {
-	statusCode: 404,
-	headers: headers,
-	body: rss("<error>Not Found</error>")
-};
-
-response405 = {
-	statusCode: 405,
-	headers: headers,
-	body: rss("<error>Method Not Allowed</error>")
-};
-
-response408 = {
-	statusCode: 408,
-	headers: headers,
-	body: rss("<error>Request Timeout</error>")
-};
-
-response418 = {
-	statusCode: 418,
-	headers: headers,
-	body: rss("<error>418 I'm a teapot</error>")
-};
-
-response427 = {
-	statusCode: 427,
-	headers: headers,
-	body: rss("<error>Too Many Requests</error>")
-};
-
-response500 = {
-	statusCode: 500,
-	headers: headers,
-	body: rss("<error>Internal Server Error</error>")
-};
-
-/**
- * 
- * @param {number|string} statusCode 
- * @returns {{statusCode: number, headers: object, body: Array|Object|string}}
- */
-response = function (statusCode) {
-	// convert to int
-	statusCode = parseInt(statusCode, 10);
-
-	switch (statusCode) {
-		case 200:
-			return this.response200;
-		case 400:
-			return this.response400;
-		case 401:
-			return this.response401;
-		case 403:
-			return this.response403;
-		case 404:
-			return this.response404;
-		case 405:
-			return this.response405;
-		case 408:
-			return this.response408;
-		case 418:
-			return this.response418;
-		case 427:
-			return this.response427;
-		case 500:
-			return this.response500;
-		default:
-			return this.response500;
+const rssBodyFormatter = (statusCode, message) => {
+	if (statusCode === 200) {
+		return rss("<hello>" + message + "</hello>");
 	}
+	const msg = statusCode === 418 ? "418 " + message : message;
+	return rss("<error>" + msg + "</error>");
 };
 
-module.exports = {
-	contentType,
-	headers,
-	rss,
-	response200,
-	response400,
-	response401,
-	response403,
-	response404,
-	response405,
-	response408,
-	response418,
-	response427,
-	response500,
-	response
-}
+const mod = createGenericResponseModule("application/rss+xml", rssBodyFormatter);
+
+module.exports = { ...mod, rss };

package/src/lib/tools/generic.response.text.js

@@ -1,119 +1,9 @@
-contentType = "text/plain";
+const { createGenericResponseModule } = require("./generic.response");
 
-headers = {
-	"Content-Type": contentType
-};
+const textBodyFormatter = (statusCode, message) => message;
 
-text = (text) => { return text; }
+const text = (text) => { return text; };
 
-response200 = {
-	statusCode: 200,
-	headers: headers,
-	body: text("Success")
-};
+const mod = createGenericResponseModule("text/plain", textBodyFormatter);
 
-response400 = {
-	statusCode: 400,
-	headers: headers,
-	body: text("Bad Request")
-};
-
-response401 = {
-	statusCode: 401,
-	headers: headers,
-	body: text("Unauthorized")
-};
-
-response403 = {
-	statusCode: 403,
-	headers: headers,
-	body: text("Forbidden")
-};
-
-response404 = {
-	statusCode: 404,
-	headers: headers,
-	body: text("Not Found")
-};
-
-response405 = {
-	statusCode: 405,
-	headers: headers,
-	body: text("Method Not Allowed")
-};
-
-response408 = {
-	statusCode: 408,
-	headers: headers,
-	body: text("Request Timeout")
-};
-
-response418 = {
-	statusCode: 418,
-	headers: headers,
-	body: text("I'm a teapot")
-};
-
-response427 = {
-	statusCode: 427,
-	headers: headers,
-	body: text("Too Many Requests")
-};
-
-response500 = {
-	statusCode: 500,
-	headers: headers,
-	body: text("Internal Server Error")
-};
-
-/**
- * 
- * @param {number|string} statusCode 
- * @returns {{statusCode: number, headers: object, body: Array|Object|string}}
- */
-const response = function (statusCode) {
-	// convert to int
-	statusCode = parseInt(statusCode, 10);
-
-	switch (statusCode) {
-		case 200:
-			return this.response200;
-		case 400:
-			return this.response400;
-		case 401:
-			return this.response401;
-		case 403:
-			return this.response403;
-		case 404:
-			return this.response404;
-		case 405:
-			return this.response405;
-		case 408:
-			return this.response408;
-		case 418:
-			return this.response418;
-		case 427:
-			return this.response427;
-		case 500:
-			return this.response500;
-		default:
-			return this.response500;
-	}
-};
-
-module.exports = {
-	contentType,
-	headers,
-	text,
-	response200,
-	response400,
-	response401,
-	response403,
-	response404,
-	response405,
-	response408,
-	response418,
-	response427,
-	response500,
-	response
-}
+module.exports = { ...mod, text };

package/src/lib/tools/generic.response.xml.js

@@ -1,121 +1,17 @@
-contentType = "application/xml";
+const { createGenericResponseModule } = require("./generic.response");
 
-headers = {
-	"Content-Type": contentType
-};
-
-xml = (body) => {
+const xml = (body) => {
 	return `<?xml version="1.0" encoding="UTF-8" ?>${body}`;
-}
-
-response200 = {
-	statusCode: 200,
-	headers: headers,
-	body: xml("<hello>Success</hello>")
-};
-
-response400 = {
-	statusCode: 400,
-	headers: headers,
-	body: xml("<error>Bad Request</error>")
-};
-
-response401 = {
-	statusCode: 401,
-	headers: headers,
-	body: xml("<error>Unauthorized</error>")
-};
-
-response403 = {
-	statusCode: 403,
-	headers: headers,
-	body: xml("<error>Forbidden</error>")
 };
 
-response404 = {
-	statusCode: 404,
-	headers: headers,
-	body: xml("<error>Not Found</error>")
-};
-
-response405 = {
-	statusCode: 405,
-	headers: headers,
-	body: xml("<error>Method Not Allowed</error>")
-};
-
-response408 = {
-	statusCode: 408,
-	headers: headers,
-	body: xml("<error>Request Timeout</error>")
-};
-
-response418 = {
-	statusCode: 418,
-	headers: headers,
-	body: xml("<error>418 I'm a teapot</error>")
-};
-
-response427 = {
-	statusCode: 427,
-	headers: headers,
-	body: xml("<error>Too Many Requests</error>")
-};
-
-response500 = {
-	statusCode: 500,
-	headers: headers,
-	body: xml("<error>Internal Server Error</error>")
-};
-
-/**
- * 
- * @param {number|string} statusCode 
- * @returns {{statusCode: number, headers: object, body: Array|Object|string}}
- */
-response = function (statusCode) {
-	// convert to int
-	statusCode = parseInt(statusCode, 10);
-
-	switch (statusCode) {
-		case 200:
-			return this.response200;
-		case 400:
-			return this.response400;
-		case 401:
-			return this.response401;
-		case 403:
-			return this.response403;
-		case 404:
-			return this.response404;
-		case 405:
-			return this.response405;
-		case 408:
-			return this.response408;
-		case 418:
-			return this.response418;
-		case 427:
-			return this.response427;
-		case 500:
-			return this.response500;
-		default:
-			return this.response500;
+const xmlBodyFormatter = (statusCode, message) => {
+	if (statusCode === 200) {
+		return xml("<hello>" + message + "</hello>");
 	}
+	const msg = statusCode === 418 ? "418 " + message : message;
+	return xml("<error>" + msg + "</error>");
 };
 
-module.exports = {
-	contentType,
-	headers,
-	xml,
-	response200,
-	response400,
-	response401,
-	response403,
-	response404,
-	response405,
-	response408,
-	response418,
-	response427,
-	response500,
-	response
-}
+const mod = createGenericResponseModule("application/xml", xmlBodyFormatter);
+
+module.exports = { ...mod, xml };

package/src/lib/tools/index.js

@@ -20,7 +20,7 @@
 
 const { nodeVer, nodeVerMajor, nodeVerMinor, nodeVerMajorMinor } = require('./vars');
 const { AWS, AWSXRay } = require('./AWS.classes');
-const APIRequest = require("./APIRequest.class");
+const ApiRequest = require("./ApiRequest.class");
 const RequestInfo = require("./RequestInfo.class");
 const ClientRequest = require("./ClientRequest.class");
 const ResponseDataModel = require("./ResponseDataModel.class");
@@ -34,7 +34,7 @@ const xmlGenericResponse = require('./generic.response.xml');
 const rssGenericResponse = require('./generic.response.rss');
 const textGenericResponse = require('./generic.response.text');
 const { printMsg, sanitize, obfuscate, hashThisData} = require('./utils');
-const { CachedParameterSecrets, CachedParameterSecret, CachedSSMParameter, CachedSecret } = require('./CachedParametersSecrets.classes')
+const { CachedParameterSecrets, CachedParameterSecret, CachedSsmParameter, CachedSecret } = require('./CachedParametersSecrets.classes')
 const { Connections, Connection, ConnectionRequest, ConnectionAuthentication } = require('./Connections.classes')
 
 /*
@@ -295,7 +295,7 @@ class AppConfig {
 	 * const conn = Config.getConn('myConnection');
 	 * const cacheObj = await CacheableDataAccess.getData(
 	 *    cacheProfile,
-	 *    endpoint.get
+	 *    endpoint.send
 	 *    conn
 	 * )
 	 * */
@@ -322,7 +322,7 @@ class AppConfig {
 	 * const { conn, cacheProfile } = Config.getConnCacheProfile('myConnection', 'myCacheProfile');
 	 * const cacheObj = await CacheableDataAccess.getData(
 	 *    cacheProfile,
-	 *    endpoint.get
+	 *    endpoint.send
 	 *    conn
 	 * )
 	 */
@@ -463,6 +463,14 @@ class AppConfig {
 				// put the parameter into its group
 				const obj = parameters.find(o => o.path === groupPath);
 				const group = obj.group;
+
+				// >! Guard against prototype pollution (CWE-471)
+				const DANGEROUS_KEYS = ['__proto__', 'constructor', 'prototype'];
+				if (DANGEROUS_KEYS.includes(group) || DANGEROUS_KEYS.includes(name)) {
+					DebugAndLog.warn(`Skipping dangerous parameter key: group="${group}", name="${name}"`);
+					return;
+				}
+
 				if ( !(group in paramstore)) {
 					paramstore[group] = {};
 				}
@@ -534,8 +542,9 @@ module.exports = {
 	Aws: AWS,
 	AWSXRay,
 	AwsXRay: AWSXRay, // Alias
-	APIRequest,
-	ApiRequest: APIRequest, // Alias
+	ApiRequest,
+	/** @deprecated Use ApiRequest instead */
+	APIRequest: ApiRequest, // Alias
 	ImmutableObject,
 	Timer,
 	DebugAndLog,
@@ -548,9 +557,11 @@ module.exports = {
 	ResponseDataModel,
 	Response,
 	AppConfig,
+	/** @deprecated Use AppConfig instead */
 	_ConfigSuperClass: AppConfig, // Alias
-	CachedSSMParameter,
-	CachedSsmParameter: CachedSSMParameter, // Alias
+	CachedSsmParameter,
+	/** @deprecated Use CachedSsmParameter instead */
+	CachedSSMParameter: CachedSsmParameter, // Alias
 	CachedSecret,
 	CachedParameterSecret,
 	CachedParameterSecrets,

package/src/lib/utils/ValidationExecutor.class.js

@@ -5,6 +5,10 @@
  * single-parameter or multi-parameter interfaces. It handles errors gracefully and
  * logs validation failures.
  * 
+ * The interface is determined by the params array length:
+ * - params.length === 1: Pass value directly (single-parameter interface)
+ * - params.length > 1: Pass object (multi-parameter interface)
+ * 
  * @private
  * @class ValidationExecutor
  */
@@ -13,8 +17,8 @@ class ValidationExecutor {
 	 * Execute validation function with appropriate interface.
 	 * 
 	 * Determines whether to pass a single value or an object based on the number
-	 * of parameters specified. Handles validation errors gracefully by catching
-	 * exceptions and logging them.
+	 * of parameters in the params array. Handles validation errors gracefully by 
+	 * catching exceptions and logging them.
 	 * 
 	 * @param {Function} validateFn - Validation function to execute
 	 * @param {Array<string>} paramNames - Parameter names to validate
@@ -22,7 +26,7 @@ class ValidationExecutor {
 	 * @returns {boolean} True if validation passes, false if fails or throws
 	 * 
 	 * @example
-	 * // Single parameter validation
+	 * // Single parameter validation (params.length === 1)
 	 * const isValid = ValidationExecutor.execute(
 	 *   (value) => value.length > 0,
 	 *   ['id'],
@@ -30,7 +34,7 @@ class ValidationExecutor {
 	 * );
 	 * 
 	 * @example
-	 * // Multi-parameter validation
+	 * // Multi-parameter validation (params.length > 1)
 	 * const isValid = ValidationExecutor.execute(
 	 *   ({page, limit}) => page >= 1 && limit >= 1 && limit <= 100,
 	 *   ['page', 'limit'],

package/src/lib/utils/ValidationMatcher.class.js

@@ -316,7 +316,7 @@ class ValidationMatcher {
 	 * @returns {{validate: Function, params: Array<string>}|null} Validation rule or null
 	 */
 	#findGlobalMatch(paramName) {
-		// Check if parameter has a global validation function
+		// >! Try exact match first (for backwards compatibility)
 		if (this.#paramValidations[paramName] && typeof this.#paramValidations[paramName] === 'function') {
 			return {
 				validate: this.#paramValidations[paramName],
@@ -324,6 +324,18 @@ class ValidationMatcher {
 			};
 		}
 
+		// >! Try case-insensitive match for query parameters
+		// >! Query parameters are lowercased in ClientRequest, but validation rules may use camelCase
+		const lowerParamName = paramName.toLowerCase();
+		for (const key in this.#paramValidations) {
+			if (key.toLowerCase() === lowerParamName && typeof this.#paramValidations[key] === 'function') {
+				return {
+					validate: this.#paramValidations[key],
+					params: [paramName] // Return the lowercased paramName that was passed in
+				};
+			}
+		}
+
 		return null;
 	}