@63klabs/cache-data 1.3.9 → 1.3.11

package/src/lib/tools/generic.response.js

@@ -0,0 +1,73 @@
+/**
+ * Centralized generic response module factory.
+ *
+ * Encapsulates the shared STATUS_CODE_MAP, response object generation, and
+ * response() lookup function used by all five format-specific generic response
+ * files (HTML, JSON, RSS, Text, XML).
+ *
+ * @module generic.response
+ */
+
+/**
+ * Map of HTTP status codes to their default message strings.
+ *
+ * @type {Object.<number, string>}
+ */
+const STATUS_CODE_MAP = {
+	200: "Success",
+	400: "Bad Request",
+	401: "Unauthorized",
+	403: "Forbidden",
+	404: "Not Found",
+	405: "Method Not Allowed",
+	408: "Request Timeout",
+	418: "I'm a teapot",
+	427: "Too Many Requests",
+	500: "Internal Server Error"
+};
+
+/**
+ * Create a complete generic response module for a given content type and body formatter.
+ *
+ * Iterates over STATUS_CODE_MAP, calls bodyFormatter(statusCode, message) for each
+ * entry, and builds the response objects. Attaches a response() function that parses
+ * the status code to an integer and looks up the matching response object, falling
+ * back to response500 for unknown codes.
+ *
+ * @param {string} contentType - MIME content type string (e.g., "application/json")
+ * @param {function(number, string): *} bodyFormatter - Function that transforms (statusCode, message) into format-specific body
+ * @returns {{contentType: string, headers: Object, response200: Object, response400: Object, response401: Object, response403: Object, response404: Object, response405: Object, response408: Object, response418: Object, response427: Object, response500: Object, response: function(number|string): Object}}
+ * @example
+ * const { createGenericResponseModule } = require("./generic.response");
+ *
+ * const mod = createGenericResponseModule("application/json", (statusCode, message) => ({ message }));
+ * console.log(mod.response200.body); // { message: "Success" }
+ * console.log(mod.response(404).statusCode); // 404
+ */
+function createGenericResponseModule(contentType, bodyFormatter) {
+	const headers = { "Content-Type": contentType };
+
+	const mod = {
+		contentType: contentType,
+		headers: headers
+	};
+
+	for (const code in STATUS_CODE_MAP) {
+		const statusCode = parseInt(code, 10);
+		const message = STATUS_CODE_MAP[code];
+		mod["response" + statusCode] = {
+			statusCode: statusCode,
+			headers: headers,
+			body: bodyFormatter(statusCode, message)
+		};
+	}
+
+	mod.response = function (statusCode) {
+		statusCode = parseInt(statusCode, 10);
+		return this["response" + statusCode] || this.response500;
+	};
+
+	return mod;
+}
+
+module.exports = { createGenericResponseModule };

package/src/lib/tools/generic.response.json.js

@@ -1,141 +1,11 @@
-contentType = "application/json"
+const { createGenericResponseModule } = require("./generic.response");
 
-headers = {
-	"Content-Type": contentType
-};
+const jsonBodyFormatter = (statusCode, message) => ({ message });
 
-json = function (data = null) {
+const json = function (data = null) {
 	return data ? data : {};
 };
 
-response200 = {
-	statusCode: 200,
-	headers: headers,
-	body: {
-		message: "Success"
-	}
-};
-
-response400 = {
-	statusCode: 400,
-	headers: headers,
-	body: {
-		message: "Bad Request"
-	}
-};
-
-response401 = {
-	statusCode: 401,
-	headers: headers,
-	body: {
-		message: "Unauthorized"
-	}
-};
-
-response403 = {
-	statusCode: 403,
-	headers: headers,
-	body: {
-		message: "Forbidden"
-	}
-};
-
-response404 = {
-	statusCode: 404,
-	headers: headers,
-	body: {
-		message: "Not Found"
-	}
-};
-
-response405 = {
-	statusCode: 405,
-	headers: headers,
-	body: {
-		message: "Method Not Allowed"
-	}
-};
-
-response408 = {
-	statusCode: 408,
-	headers: headers,
-	body: {
-		message: "Request Timeout"
-	}
-};
-
-response418 = {
-	statusCode: 418,
-	headers: headers,
-	body: {
-		message: "I'm a teapot"
-	}
-};
-
-response427 = {
-	statusCode: 427,
-	headers: headers,
-	body: {
-		message: "Too Many Requests"
-	}
-};
-
-response500 = {
-	statusCode: 500,
-	headers: headers,
-	body: {
-		message: "Internal Server Error"
-	}
-};
-
-/**
- * 
- * @param {number|string} statusCode 
- * @returns {{statusCode: number, headers: object, body: Array|Object|string}}
- */
-const response = function (statusCode) {
-	// convert to int
-	statusCode = parseInt(statusCode, 10);
-
-	switch (statusCode) {
-		case 200:
-			return this.response200;
-		case 400:
-			return this.response400;
-		case 401:
-			return this.response401;
-		case 403:
-			return this.response403;
-		case 404:
-			return this.response404;
-		case 405:
-			return this.response405;
-		case 408:
-			return this.response408;
-		case 418:
-			return this.response418;
-		case 427:
-			return this.response427;
-		case 500:
-			return this.response500;
-		default:
-			return this.response500;
-	}
-};
+const mod = createGenericResponseModule("application/json", jsonBodyFormatter);
 
-module.exports = {
-	contentType,
-	headers,
-	json,
-	response200,
-	response400,
-	response401,
-	response403,
-	response404,
-	response405,
-	response408,
-	response418,
-	response427,
-	response500,
-	response
-}
+module.exports = { ...mod, json };

package/src/lib/tools/generic.response.rss.js

@@ -1,121 +1,17 @@
-contentType = "application/rss+xml";
+const { createGenericResponseModule } = require("./generic.response");
 
-headers = {
-	"Content-Type": contentType
-};
-
-rss = (body) => {
+const rss = (body) => {
 	return `<?xml version="1.0" encoding="UTF-8" ?><rss version="2.0">${body}</rss>`;
-}
-
-response200 = {
-	statusCode: 200,
-	headers: headers,
-	body: rss("<hello>Success</hello>")
-};
-
-response400 = {
-	statusCode: 400,
-	headers: headers,
-	body: rss("<error>Bad Request</error>")
-};
-
-response401 = {
-	statusCode: 401,
-	headers: headers,
-	body: rss("<error>Unauthorized</error>")
-};
-
-response403 = {
-	statusCode: 403,
-	headers: headers,
-	body: rss("<error>Forbidden</error>")
 };
 
-response404 = {
-	statusCode: 404,
-	headers: headers,
-	body: rss("<error>Not Found</error>")
-};
-
-response405 = {
-	statusCode: 405,
-	headers: headers,
-	body: rss("<error>Method Not Allowed</error>")
-};
-
-response408 = {
-	statusCode: 408,
-	headers: headers,
-	body: rss("<error>Request Timeout</error>")
-};
-
-response418 = {
-	statusCode: 418,
-	headers: headers,
-	body: rss("<error>418 I'm a teapot</error>")
-};
-
-response427 = {
-	statusCode: 427,
-	headers: headers,
-	body: rss("<error>Too Many Requests</error>")
-};
-
-response500 = {
-	statusCode: 500,
-	headers: headers,
-	body: rss("<error>Internal Server Error</error>")
-};
-
-/**
- * 
- * @param {number|string} statusCode 
- * @returns {{statusCode: number, headers: object, body: Array|Object|string}}
- */
-response = function (statusCode) {
-	// convert to int
-	statusCode = parseInt(statusCode, 10);
-
-	switch (statusCode) {
-		case 200:
-			return this.response200;
-		case 400:
-			return this.response400;
-		case 401:
-			return this.response401;
-		case 403:
-			return this.response403;
-		case 404:
-			return this.response404;
-		case 405:
-			return this.response405;
-		case 408:
-			return this.response408;
-		case 418:
-			return this.response418;
-		case 427:
-			return this.response427;
-		case 500:
-			return this.response500;
-		default:
-			return this.response500;
+const rssBodyFormatter = (statusCode, message) => {
+	if (statusCode === 200) {
+		return rss("<hello>" + message + "</hello>");
 	}
+	const msg = statusCode === 418 ? "418 " + message : message;
+	return rss("<error>" + msg + "</error>");
 };
 
-module.exports = {
-	contentType,
-	headers,
-	rss,
-	response200,
-	response400,
-	response401,
-	response403,
-	response404,
-	response405,
-	response408,
-	response418,
-	response427,
-	response500,
-	response
-}
+const mod = createGenericResponseModule("application/rss+xml", rssBodyFormatter);
+
+module.exports = { ...mod, rss };

package/src/lib/tools/generic.response.text.js

@@ -1,119 +1,9 @@
-contentType = "text/plain";
+const { createGenericResponseModule } = require("./generic.response");
 
-headers = {
-	"Content-Type": contentType
-};
+const textBodyFormatter = (statusCode, message) => message;
 
-text = (text) => { return text; }
+const text = (text) => { return text; };
 
-response200 = {
-	statusCode: 200,
-	headers: headers,
-	body: text("Success")
-};
+const mod = createGenericResponseModule("text/plain", textBodyFormatter);
 
-response400 = {
-	statusCode: 400,
-	headers: headers,
-	body: text("Bad Request")
-};
-
-response401 = {
-	statusCode: 401,
-	headers: headers,
-	body: text("Unauthorized")
-};
-
-response403 = {
-	statusCode: 403,
-	headers: headers,
-	body: text("Forbidden")
-};
-
-response404 = {
-	statusCode: 404,
-	headers: headers,
-	body: text("Not Found")
-};
-
-response405 = {
-	statusCode: 405,
-	headers: headers,
-	body: text("Method Not Allowed")
-};
-
-response408 = {
-	statusCode: 408,
-	headers: headers,
-	body: text("Request Timeout")
-};
-
-response418 = {
-	statusCode: 418,
-	headers: headers,
-	body: text("I'm a teapot")
-};
-
-response427 = {
-	statusCode: 427,
-	headers: headers,
-	body: text("Too Many Requests")
-};
-
-response500 = {
-	statusCode: 500,
-	headers: headers,
-	body: text("Internal Server Error")
-};
-
-/**
- * 
- * @param {number|string} statusCode 
- * @returns {{statusCode: number, headers: object, body: Array|Object|string}}
- */
-const response = function (statusCode) {
-	// convert to int
-	statusCode = parseInt(statusCode, 10);
-
-	switch (statusCode) {
-		case 200:
-			return this.response200;
-		case 400:
-			return this.response400;
-		case 401:
-			return this.response401;
-		case 403:
-			return this.response403;
-		case 404:
-			return this.response404;
-		case 405:
-			return this.response405;
-		case 408:
-			return this.response408;
-		case 418:
-			return this.response418;
-		case 427:
-			return this.response427;
-		case 500:
-			return this.response500;
-		default:
-			return this.response500;
-	}
-};
-
-module.exports = {
-	contentType,
-	headers,
-	text,
-	response200,
-	response400,
-	response401,
-	response403,
-	response404,
-	response405,
-	response408,
-	response418,
-	response427,
-	response500,
-	response
-}
+module.exports = { ...mod, text };

package/src/lib/tools/generic.response.xml.js

@@ -1,121 +1,17 @@
-contentType = "application/xml";
+const { createGenericResponseModule } = require("./generic.response");
 
-headers = {
-	"Content-Type": contentType
-};
-
-xml = (body) => {
+const xml = (body) => {
 	return `<?xml version="1.0" encoding="UTF-8" ?>${body}`;
-}
-
-response200 = {
-	statusCode: 200,
-	headers: headers,
-	body: xml("<hello>Success</hello>")
-};
-
-response400 = {
-	statusCode: 400,
-	headers: headers,
-	body: xml("<error>Bad Request</error>")
-};
-
-response401 = {
-	statusCode: 401,
-	headers: headers,
-	body: xml("<error>Unauthorized</error>")
-};
-
-response403 = {
-	statusCode: 403,
-	headers: headers,
-	body: xml("<error>Forbidden</error>")
 };
 
-response404 = {
-	statusCode: 404,
-	headers: headers,
-	body: xml("<error>Not Found</error>")
-};
-
-response405 = {
-	statusCode: 405,
-	headers: headers,
-	body: xml("<error>Method Not Allowed</error>")
-};
-
-response408 = {
-	statusCode: 408,
-	headers: headers,
-	body: xml("<error>Request Timeout</error>")
-};
-
-response418 = {
-	statusCode: 418,
-	headers: headers,
-	body: xml("<error>418 I'm a teapot</error>")
-};
-
-response427 = {
-	statusCode: 427,
-	headers: headers,
-	body: xml("<error>Too Many Requests</error>")
-};
-
-response500 = {
-	statusCode: 500,
-	headers: headers,
-	body: xml("<error>Internal Server Error</error>")
-};
-
-/**
- * 
- * @param {number|string} statusCode 
- * @returns {{statusCode: number, headers: object, body: Array|Object|string}}
- */
-response = function (statusCode) {
-	// convert to int
-	statusCode = parseInt(statusCode, 10);
-
-	switch (statusCode) {
-		case 200:
-			return this.response200;
-		case 400:
-			return this.response400;
-		case 401:
-			return this.response401;
-		case 403:
-			return this.response403;
-		case 404:
-			return this.response404;
-		case 405:
-			return this.response405;
-		case 408:
-			return this.response408;
-		case 418:
-			return this.response418;
-		case 427:
-			return this.response427;
-		case 500:
-			return this.response500;
-		default:
-			return this.response500;
+const xmlBodyFormatter = (statusCode, message) => {
+	if (statusCode === 200) {
+		return xml("<hello>" + message + "</hello>");
 	}
+	const msg = statusCode === 418 ? "418 " + message : message;
+	return xml("<error>" + msg + "</error>");
 };
 
-module.exports = {
-	contentType,
-	headers,
-	xml,
-	response200,
-	response400,
-	response401,
-	response403,
-	response404,
-	response405,
-	response408,
-	response418,
-	response427,
-	response500,
-	response
-}
+const mod = createGenericResponseModule("application/xml", xmlBodyFormatter);
+
+module.exports = { ...mod, xml };

package/src/lib/tools/index.js

@@ -20,7 +20,7 @@
 
 const { nodeVer, nodeVerMajor, nodeVerMinor, nodeVerMajorMinor } = require('./vars');
 const { AWS, AWSXRay } = require('./AWS.classes');
-const APIRequest = require("./APIRequest.class");
+const ApiRequest = require("./ApiRequest.class");
 const RequestInfo = require("./RequestInfo.class");
 const ClientRequest = require("./ClientRequest.class");
 const ResponseDataModel = require("./ResponseDataModel.class");
@@ -34,7 +34,7 @@ const xmlGenericResponse = require('./generic.response.xml');
 const rssGenericResponse = require('./generic.response.rss');
 const textGenericResponse = require('./generic.response.text');
 const { printMsg, sanitize, obfuscate, hashThisData} = require('./utils');
-const { CachedParameterSecrets, CachedParameterSecret, CachedSSMParameter, CachedSecret } = require('./CachedParametersSecrets.classes')
+const { CachedParameterSecrets, CachedParameterSecret, CachedSsmParameter, CachedSecret } = require('./CachedParametersSecrets.classes')
 const { Connections, Connection, ConnectionRequest, ConnectionAuthentication } = require('./Connections.classes')
 
 /*
@@ -295,7 +295,7 @@ class AppConfig {
 	 * const conn = Config.getConn('myConnection');
 	 * const cacheObj = await CacheableDataAccess.getData(
 	 *    cacheProfile,
-	 *    endpoint.get
+	 *    endpoint.send
 	 *    conn
 	 * )
 	 * */
@@ -322,7 +322,7 @@ class AppConfig {
 	 * const { conn, cacheProfile } = Config.getConnCacheProfile('myConnection', 'myCacheProfile');
 	 * const cacheObj = await CacheableDataAccess.getData(
 	 *    cacheProfile,
-	 *    endpoint.get
+	 *    endpoint.send
 	 *    conn
 	 * )
 	 */
@@ -463,6 +463,14 @@ class AppConfig {
 				// put the parameter into its group
 				const obj = parameters.find(o => o.path === groupPath);
 				const group = obj.group;
+
+				// >! Guard against prototype pollution (CWE-471)
+				const DANGEROUS_KEYS = ['__proto__', 'constructor', 'prototype'];
+				if (DANGEROUS_KEYS.includes(group) || DANGEROUS_KEYS.includes(name)) {
+					DebugAndLog.warn(`Skipping dangerous parameter key: group="${group}", name="${name}"`);
+					return;
+				}
+
 				if ( !(group in paramstore)) {
 					paramstore[group] = {};
 				}
@@ -534,8 +542,9 @@ module.exports = {
 	Aws: AWS,
 	AWSXRay,
 	AwsXRay: AWSXRay, // Alias
-	APIRequest,
-	ApiRequest: APIRequest, // Alias
+	ApiRequest,
+	/** @deprecated Use ApiRequest instead */
+	APIRequest: ApiRequest, // Alias
 	ImmutableObject,
 	Timer,
 	DebugAndLog,
@@ -548,9 +557,11 @@ module.exports = {
 	ResponseDataModel,
 	Response,
 	AppConfig,
+	/** @deprecated Use AppConfig instead */
 	_ConfigSuperClass: AppConfig, // Alias
-	CachedSSMParameter,
-	CachedSsmParameter: CachedSSMParameter, // Alias
+	CachedSsmParameter,
+	/** @deprecated Use CachedSsmParameter instead */
+	CachedSSMParameter: CachedSsmParameter, // Alias
 	CachedSecret,
 	CachedParameterSecret,
 	CachedParameterSecrets,