@mimik/api-helper 2.0.9 → 2.0.10

package/index.js

@@ -30,6 +30,8 @@ import { OpenAPIBackend } from 'openapi-backend';
 import SwaggerClient from 'swagger-client';
 import { ajvFormats } from './lib/ajvHelpers.js';
 import baseHandlers from './lib/baseHandlers.js';
+import compact from 'lodash.compact';
+import difference from 'lodash.difference';
 import fs from 'fs';
 import { getRichError } from '@mimik/response-helper';
 import { load } from 'js-yaml';
@@ -42,7 +44,7 @@ import { securityLib } from './lib/securityHandlers.js';
  * @module api-helper
  * @example
  * import apiHelper from '@mimik/api-helper';
- * // or
+ * or
  * import { apiSetup, securityLib, getAPIFile, validateSecuritySchemes, extractProperties, setupServerFiles } from '@mimik/api-helper';
  */
 const EMPTY = 0;
@@ -57,11 +59,13 @@ const POSTFIX_INDEX = 3;
  * Implement the security flows for the API.
  *
  * @function securityLib
- * @category sync
+ * @category async
  * @requires @mimik/swagger-helper
  * @requires jsonwebtoken
+ * @requires lodash
  * @param {object} config - Configuration of the service.
- * @return {object} An object containing `SystemSecurity`, `AdminSecurity`, `UserSecurity`, and `ApiKeySecurity` handlers.
+ * &fulfil {object} The API file itself.
+ * @throws {Promise} An error is thrown if the initiatilization failed.
  *
  * This function is used to setup the following security handlers for the API:
  * - `SystemSecurity` - used for the system operations, like /system, /onbehalf
@@ -74,28 +78,33 @@ export { securityLib };
 
 /**
  *
- * Setup the API to be used for a service
+ * Setup the API to be use for a service
  *
  * @function apiSetup
  * @category async
  * @requires @mimik/response-helper
  * @requires @mimik/sumologic-winston-logger
- * @requires openapi-backend
- * @param {object} setup -  Object containing the apiFilename and the existing security schemes in the API definition.
+ * @requires @mimik/swagger-helper
+ * @requires ajv-formats
+ * @requires fs
+ * @requires jsonwebtoken
+ * @requires lodash
+ * @param {object} setup -  Object containing the apiFilename and the exisiting security schemes in the API definition.
  * @param {object} registeredOperations - List of the operation to register for the API.
  * @param {object} securityHandlers - List of the security handlers to add for the service.
- * @param {object} extraFormats - list of the formats to add for validating properties.
+ * @param {object} extraFormats - list of the formats to add for validatng properties.
  * @param {object} config - Configuration of the service.
- * @param {UUID.<string>} correlationId - CorrelationId when logging activities.
- * @return {Promise.<object>} The API file itself.
- * @throws {Promise} An error is thrown if the initialization failed.
+ * @param {UUID.<string>} correlationId - CorrelationId when logging activites.
+ * @return {Promise}.
+ * &fulfil {object} The API file itself.
+ * @throws {Promise} An error is thrown if the initiatilization failed.
  *
  * The following scheme names are reserved: `SystemSecurity`, `AdminSecurity`, `UserSecurity`, `PeerSecurity`, `ApiKeySecurity`.
  * The following security schemes can be defaulted: `SystemSecurity`, `AdminSecurity`, `UserSecurity`, `ApiKeySecurity`.
  * The secOptions in the options property passed when using `init` allows the following operations:
  * - introduce a customer security scheme, in this case secOptions contains: { newSecurityScheme: {function}newSecurityHandler },
  * - disable a security scheme that is defined in the swagger API, in this case secOptions contains: { securitySchemeToDisable: { {boolean}notEnabled: true } },
- * - overwrite an existing security scheme, in this case secOptions contains: { securitySchemeToOverwrite: {function}newSecurityHandler }.
+ * - overwite an existing security scheme, in this case secOptions contains: { securitySchemeToOverwrite: {function}newSecurityHandler }.
  * If the secOptions is not present either to introduce, disable or overwrite a security scheme that is present in the swagger API file an error is generated.
  * If the secOptions contains unused security schemes, an error is generated.
  *
@@ -133,7 +142,7 @@ export const apiSetup = (setup, registeredOperations, securityHandlers, extraFor
   }
   const appliedSecurities = [];
   const registerDefault = (securitySchemeName, securityHandler) => {
-    if (existingSecuritySchemes.includes(securitySchemeName) && (!securityHandlers || !securityHandlers[securitySchemeName])) {
+    if (existingSecuritySchemes.includes(securitySchemeName) && (!securityHandlers || (securityHandlers && !securityHandlers[securitySchemeName]))) {
       api.registerSecurityHandler(securitySchemeName, securityHandler);
       appliedSecurities.push(securitySchemeName);
     }
@@ -143,16 +152,16 @@ export const apiSetup = (setup, registeredOperations, securityHandlers, extraFor
   registerDefault(ADMIN_SECURITY, AdminSecurity[mode]);
   registerDefault(USER_SECURITY, UserSecurity[mode]);
   registerDefault(API_KEY_SECURITY, ApiKeySecurity[mode]);
-  const remainingSecurities = definedSecuritySchemes.filter(sec => !appliedSecurities.includes(sec));
+  const remainingSecurities = difference(definedSecuritySchemes, appliedSecurities);
 
   if (securityHandlers) {
     const securityHandlerNames = Object.keys(securityHandlers);
-    const unusedSecuritySchemes = securityHandlerNames.filter(sec => !definedSecuritySchemes.includes(sec));
+    const unusedSecuritySchemes = difference(securityHandlerNames, definedSecuritySchemes);
 
     if (unusedSecuritySchemes.length !== EMPTY) throw getRichError('System', 'unused handlers for security schemes', { unusedSecuritySchemes });
 
     remainingSecurities.forEach((securityScheme) => {
-      if (!securityHandlerNames.includes(securityScheme) && !securityHandlers[securityScheme]?.notEnabled) {
+      if (!securityHandlerNames.includes(securityScheme) && !securityHandlers[securityScheme].notEnabled) {
         throw getRichError('System', 'missing handler for security scheme', { securityScheme });
       }
     });
@@ -163,72 +172,16 @@ export const apiSetup = (setup, registeredOperations, securityHandlers, extraFor
     });
   }
   else if (remainingSecurities.length !== EMPTY) throw getRichError('System', 'missing handlers for security schemes', { missingSecuritySchemes: remainingSecurities });
-  return api.init()
+  api.init()
     .catch((err) => {
       throw getRichError('System', 'could not initialize the api', { api }, err);
-    })
-    .then(() => api);
-};
-
-const swaggerOptions = spec => ({
-  spec,
-  allowMetaPatches: false,
-  skipNormalization: true,
-  mode: 'strict',
-});
-
-const saveResolvedSpec = (apiDefinitionResult, apiFilename, correlationId) => {
-  if (apiDefinitionResult.errors.length !== EMPTY) {
-    logger.error('errors while resolving definition', { errors: apiDefinitionResult.errors }, correlationId);
-    throw getRichError('Parameter', 'errors while resolving definition', { apiFilename, errors: apiDefinitionResult.errors });
-  }
-  try {
-    fs.writeFileSync(apiFilename, JSON.stringify(apiDefinitionResult.spec, null, TAB));
-  }
-  catch (err) {
-    throw getRichError('System', 'file system error', { apiFilename }, err);
-  }
-  return apiDefinitionResult.spec;
-};
-
-const buildProviderRequest = (params, apiInfo, apiFilename) => {
-  const provider = apiInfo.provider || BITBUCKET;
-
-  switch (provider) {
-    case SWAGGERHUB: {
-      const result = {
-        url: `${API_PROVIDER_SWAGGERHUB}/${params[CUSTOMER_INDEX]}/${params[API_NAME_INDEX]}/${params[API_VERSION_INDEX]}?${RESOLVED}`,
-      };
-
-      if (apiInfo.apiApiKey) result.authorization = apiInfo.apiApiKey;
-      return result;
-    }
-    case BITBUCKET: {
-      if (!apiInfo.apiBasicAuth || !apiInfo.apiBasicAuth.username || !apiInfo.apiBasicAuth.password) {
-        throw getRichError('Parameter', 'missing username/password for accessing Bitbucket', { apiFilename });
-      }
-      if (apiInfo.apiBasicAuth.username === DEFAULT_BITBUCKET_USERNAME || apiInfo.apiBasicAuth.password === DEFAULT_BITBUCKET_PASSWORD) {
-        throw getRichError('Parameter', 'missing username/password for accessing Bitbucket', { apiFilename });
-      }
-      try {
-        return {
-          url: `${API_PROVIDER_BITBUCKET}/${params[CUSTOMER_INDEX]}/${params[API_NAME_INDEX]}${API_SOURCE}/${params[API_VERSION_INDEX]}/${SWAGGER}${EXTENSION_YML}`,
-          authorization: `Basic ${Base64.encode(`${apiInfo.apiBasicAuth.username}:${apiInfo.apiBasicAuth.password}`)}`,
-        };
-      }
-      catch (err) {
-        throw getRichError('System', 'could not create basicAuth', { apiFilename }, err);
-      }
-    }
-    default: {
-      throw getRichError('Parameter', 'invalid API provider', { provider, apiFilename });
-    }
-  }
+    });
+  return api;
 };
 
 /**
  *
- * Gets the API file from swaggerhub and store it in the given PATH location.
+ * Gets the API file from swaggerhub and store it in the give PATH location.
  *
  * @function getAPIFile
  * @category async
@@ -239,10 +192,11 @@ const buildProviderRequest = (params, apiInfo, apiFilename) => {
  * @requires js-yaml
  * @requires path
  * @param {PATH.<string>} apiFilename -  Name of the file where the API file will be stored.
- * @param {UUID.<string>} correlationId - CorrelationId when logging activities.
+ * @param {UUID.<string>} correlationId - CorrelationId when logging activites.
  * @param {object} options - Options associated with the call. Use to pass `metrics` to `rpRetry` and `apiInfo` to access the api file in the api provider.
- * @return {Promise.<object>} The API file itself.
- * @throws {Promise} An error is thrown if the apiFilename resolution generates an error or the request to the API provider fails or the file cannot be saved.
+ * @return {Promise}.
+ * &fulfil {object} The API file itself.
+ * @throws {Promise} An error is  thrown if the apiFilename resolution generates an error or the request to the API provider fails or the file connot be saved.
  *
  * `apiInfo` options has the following format:
  * ``` javascript
@@ -252,11 +206,17 @@ const buildProviderRequest = (params, apiInfo, apiFilename) => {
  *      "username": "username for bitbucket",
  *      "password": "password for bitbucket"
  *    },
- *    "apiApiKey": "apiKey for access private API on swaggerhub, can be optional if the API is accessible publicly"
+ *    "apiApiKey": "apiKey for access private API on swaggerhub, can be optional if the API is accessible publically"
  * }
- * ```
  */
 export const getAPIFile = (apiFilename, correlationId, options) => {
+  const swaggerOptions = spec => ({
+    spec,
+    allowMetaPatches: false,
+    skipNormalization: true,
+    mode: 'strict',
+  });
+
   logger.info('getting API definition', correlationId);
   let apiDefinition;
 
@@ -278,12 +238,24 @@ export const getAPIFile = (apiFilename, correlationId, options) => {
     }
     return SwaggerClient.resolve(swaggerOptions(apiDefinition))
       .catch((err) => {
-        throw getRichError('System', 'could not resolve apiDefinition', { apiFilename }, err);
+        throw getRichError('System', 'could not resolve apiDefiniton', { apiFilename }, err);
       })
-      .then(result => saveResolvedSpec(result, apiFilename, correlationId));
+      .then((apiDefinitionResult) => {
+        if (apiDefinitionResult.errors.length !== EMPTY) {
+          logger.error('errors while resolving definition', { errors: apiDefinitionResult.errors }, correlationId);
+          throw getRichError('Parameter', 'errors while resolving definition', { apiFilename, errors: apiDefinitionResult.errors });
+        }
+        try {
+          fs.writeFileSync(apiFilename, JSON.stringify(apiDefinitionResult.spec, null, TAB));
+        }
+        catch (err) {
+          throw getRichError('System', 'file system error', { apiFilename }, err);
+        }
+        return apiDefinitionResult.spec;
+      });
   }
   if (!options) {
-    return Promise.reject(getRichError('Parameter', 'no options', { apiFilename }));
+    return Promise.reject(getRichError('Paremater', 'no options', { apiFilename }));
   }
   const { apiInfo } = options;
 
@@ -315,33 +287,56 @@ export const getAPIFile = (apiFilename, correlationId, options) => {
   catch (err) {
     return Promise.reject(getRichError('System', 'file system error', { apiDirectory }, err));
   }
-  let providerResult;
-
-  try {
-    providerResult = buildProviderRequest(params, apiInfo, apiFilename);
-  }
-  catch (err) {
-    return Promise.reject(err);
-  }
   const opts = {
     method: 'GET',
-    url: providerResult.url,
     headers: {
       'x-correlation-id': correlationId,
     },
-    retry: {
-      logLevel: {
-        response: 'debug',
-        responseDetails: 'type',
-        request: 'debug',
-      },
-    },
   };
+  const provider = apiInfo.provider || BITBUCKET;
 
-  if (providerResult.authorization) opts.headers.Authorization = providerResult.authorization;
+  try {
+    switch (provider) {
+      case SWAGGERHUB: {
+        opts.url = `${API_PROVIDER_SWAGGERHUB}/${params[CUSTOMER_INDEX]}/${params[API_NAME_INDEX]}/${params[API_VERSION_INDEX]}?${RESOLVED}`;
+        if (apiInfo.apiApiKey) opts.headers.Authorization = apiInfo.apiApiKey;
+        break;
+      }
+      case BITBUCKET: {
+        if (!apiInfo.apiBasicAuth || !apiInfo.apiBasicAuth.username || !apiInfo.apiBasicAuth.password) {
+          throw getRichError('Parameter', 'missing username/password for accessing Bitbucket', { apiFilename });
+        }
+        if (apiInfo.apiBasicAuth.username === DEFAULT_BITBUCKET_USERNAME || apiInfo.apiBasicAuth.password === DEFAULT_BITBUCKET_PASSWORD) {
+          throw getRichError('Parameter', 'missing username/password for accessing Bitbucket', { apiFilename });
+        }
+        try {
+          opts.headers.Authorization = `Basic ${Base64.encode(`${apiInfo.apiBasicAuth.username}:${apiInfo.apiBasicAuth.password}`)}`;
+        }
+        catch (err) {
+          throw getRichError('System', 'could not create basicAuth', { apiFilename }, err);
+        }
+        opts.url = `${API_PROVIDER_BITBUCKET}/${params[CUSTOMER_INDEX]}/${params[API_NAME_INDEX]}${API_SOURCE}/${params[API_VERSION_INDEX]}/${SWAGGER}${EXTENSION_YML}`;
+        break;
+      }
+      default: {
+        throw getRichError('Parameter', 'invalid API provider', { provider, apiFilename });
+      }
+    }
+  }
+  catch (err) {
+    return Promise.reject(err);
+  }
   if (options.metrics) {
-    opts.metrics = { ...options.metrics, url: opts.url };
+    opts.metrics = options.metrics;
+    opts.metrics.url = opts.url;
   }
+  opts.retry = {
+    logLevel: {
+      response: 'debug',
+      responseDetails: 'type',
+      request: 'debug',
+    },
+  };
   logger.debug('API file does not exist, retrieving it', { url: opts.url }, correlationId);
   return rpRetry(opts)
     .then((result) => {
@@ -354,9 +349,21 @@ export const getAPIFile = (apiFilename, correlationId, options) => {
       if (err.statusCode) {
         throw err;
       }
-      throw getRichError('System', 'could not resolve apiDefinition', { apiFilename }, err);
+      throw getRichError('System', 'could not resolve apiDefiniton', { apiFilename }, err);
     })
-    .then(result => saveResolvedSpec(result, apiFilename, correlationId));
+    .then((apiDefinitionResult) => {
+      if (apiDefinitionResult.errors.length !== EMPTY) {
+        logger.error('errors while resolving definition', { errors: apiDefinitionResult.errors }, correlationId);
+        throw getRichError('Parameter', 'errors while resolving definition', { apiFilename, errors: apiDefinitionResult.errors });
+      }
+      try {
+        fs.writeFileSync(apiFilename, JSON.stringify(apiDefinitionResult.spec, null, TAB));
+      }
+      catch (err) {
+        throw getRichError('System', 'file system error', { apiFilename }, err);
+      }
+      return apiDefinitionResult.spec;
+    });
 };
 
 /**
@@ -368,9 +375,9 @@ export const getAPIFile = (apiFilename, correlationId, options) => {
  * @requires @mimik/sumologic-winston-logger
  * @requires @mimik/response-helper
  * @param {object} apiDefinition - JSON object containing the API definition.
- * @param {UUID.<string>} correlationId - CorrelationId when logging activities.
- * @return {Array.<string>} An array of the known securitySchemes that are in the API definition.
- * @throws An error is thrown if a validation fails.
+ * @param {UUID.<string>} correlationId - CorrelationId when logging activites.
+ * @return An array of the known securitySchemes that are in the API definition.
+ * @throws An error is thrown for the first validation fails.
  */
 export const validateSecuritySchemes = (apiDefinition, correlationId) => {
   const existingSecuritySchemes = [];
@@ -390,7 +397,7 @@ export const validateSecuritySchemes = (apiDefinition, correlationId) => {
 
 /**
  *
- * Extracts the properties from API definition and creates a file binding the handler with the controller operations.
+ * Extracts the properties from API definiton and creates a file binding the handler with the controller operations.
  *
  * @function extractProperties
  * @category sync
@@ -400,9 +407,9 @@ export const validateSecuritySchemes = (apiDefinition, correlationId) => {
  * @param {object} apiDefinition - JSON object containing the API definition.
  * @param {PATH.<string>} controllersDirectory - Directory to find the controller files.
  * @param {PATH.<string>} buildDirectory - Directory where the register file will be stored.
- * @param {UUID.<string>} correlationId - CorrelationId when logging activities.
- * @return {void}
- * @throws An error is thrown for many reasons, like operationId does not exist in controllers, controller does not exist...
+ * @param {UUID.<string>} correlationId - CorrelationId when logging activites.
+ * @return null
+ * @throws An error is thrown for many reasons, like operationId does not exist in controllers, controller dies not exist...
  */
 export const extractProperties = (apiDefinition, controllersDirectory, buildDirectory, correlationId) => {
   const result = {};
@@ -486,14 +493,15 @@ export const extractProperties = (apiDefinition, controllersDirectory, buildDire
  * @param {PATH.<string>} apiFilename -  Name of the file where the API file will be stored.
  * @param {PATH.<string>} controllersDirectory - Directory to find the controller files.
  * @param {PATH.<string>} buildDirectory - Directory where the register file will be stored.
- * @param {UUID.<string>} correlationId - CorrelationId when logging activities.
- * @param {object} options - Options associated with the call. Use to pass `metrics` to `rpRetry` and `apiKey` to access private API.
- * @return {Promise.<object>} The API file, the API filename, the existing known security schemes and the defined security schemes.
- * @throws {Promise} An error is thrown for many reasons associated with getAPIFile or validateSecuritySchemes or extractProperties.
+ * @param {UUID.<string>} correlationId - CorrelationId when logging activites.
+ * @param {object} options - Options associated with the call. Use to pass `metrics` to `rpRetry` and `apiKey`` to access private API.
+ * @return {Promise}.
+ * &fulfil {object} The API file, the API filename, the existing known security schemes and the defined security schemes.
+ * @throws {Promise} An error is thrown for many reasons assocated with getAPIFile or validateSecuritySchemes or extractProperties.
  */
 export const setupServerFiles = (apiFilename, controllersDirectory, buildDirectory, correlationId, options) => getAPIFile(apiFilename, correlationId, options)
   .then((apiDefinition) => {
-    const existingSecuritySchemes = validateSecuritySchemes(apiDefinition, correlationId).filter(Boolean);
+    const existingSecuritySchemes = compact(validateSecuritySchemes(apiDefinition, correlationId));
 
     extractProperties(apiDefinition, controllersDirectory, buildDirectory, correlationId);
     const schemes = apiDefinition.components?.securitySchemes;

package/lib/ajvHelpers.js

@@ -14,7 +14,7 @@ const ajvFormats = origFormats => (ajv) => {
       validate: /((^\s*((([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]))\s*$)|(^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$))/u,
     },
   };
-  const libFormats = [...DEFAULT_FORMATS];
+  const libFormats = DEFAULT_FORMATS;
   let formats = origFormats;
 
   if (!formats) formats = {};

package/lib/baseHandlers.js

@@ -34,8 +34,9 @@ const unauthorizedHandler = (con, req, res) => {
   let error = new Error('Unauthorized');
 
   error.statusCode = UNAUTHORIZED_ERROR;
-  const schemes = Object.keys(con.security).filter(key => key !== 'authorized');
+  const schemes = Object.keys(con.security);
 
+  delete schemes.authorized;
   schemes.forEach((scheme) => {
     const { error: schemeError } = con.security[scheme] || {};
     if (schemeError) {
@@ -48,7 +49,7 @@ const unauthorizedHandler = (con, req, res) => {
 const notImplemented = (con, req, res) => {
   const { method } = req;
   const path = req.url;
-  const error = new Error(`${method} ${path} defined in Swagger specification, but not implemented`);
+  const error = new Error(`${req.method} ${path} defined in Swagger specification, but no implemented`);
 
   error.statusCode = NOT_IMPLEMENTED_ERROR;
   error.info = {

package/lib/oauthValidation-helper.js

@@ -13,7 +13,7 @@ const validateOauth2 = (securitySchemes, securityType, flow) => {
       if (security.type !== OAUTH2) {
         throw getRichError('System', `auth type is not ${OAUTH2}`, { securityType, receivedAuth: security.type, expectedAuth: OAUTH2 });
       }
-      if (!security.flows || !security.flows[flow]) {
+      if (!security.flows[flow]) {
         throw getRichError('System', 'no flow type available', { securityType, flow });
       }
       return securityType;

package/lib/securityHandlers.js

@@ -19,6 +19,8 @@ import {
   USER_SECURITY,
 } from './common.js';
 import { TOKEN_PARAMS } from '@mimik/swagger-helper';
+import difference from 'lodash.difference';
+import intersection from 'lodash.intersection';
 import jwt from 'jsonwebtoken';
 
 const UNAUTHORIZED_ERROR = 401;
@@ -91,7 +93,7 @@ const checkHeaders = (headers) => {
 
 const checkScopes = (tokenScopes, defScopes, definition) => {
   if (!tokenScopes) {
-    throw getError('no scope in authorization token', UNAUTHORIZED_ERROR);
+    throw new Error('no scope in authorization token');
   }
   let claims = [];
   let onBehalf = false;
@@ -124,10 +126,10 @@ const checkScopes = (tokenScopes, defScopes, definition) => {
           }
           const includedClaims = analyzedScope[CLAIMS_INDEX].split(CLAIMS_SEPARATOR);
           const definitionClaims = Object.keys(includedDefinition);
-          const claimsIntersects = includedClaims.filter(cla => definitionClaims.includes(cla));
+          const claimsIntersects = intersection(includedClaims, definitionClaims);
 
           if (claimsIntersects.length !== includedClaims.length) {
-            throw getError(`incorrect claims included: ${includedClaims.filter(cla => !claimsIntersects.includes(cla))}`, FORBIDDEN_ERROR);
+            throw getError(`incorrect claims included: ${difference(includedClaims, claimsIntersects)}`, FORBIDDEN_ERROR);
           }
           claims = claims.concat(claimsIntersects);
         }

package/package.json

@@ -1,17 +1,23 @@
 {
   "name": "@mimik/api-helper",
-  "version": "2.0.9",
+  "version": "2.0.10",
   "description": "helper for openAPI backend and mimik service",
   "main": "./index.js",
-  "type": "module",
+  "type": "module",  
   "scripts": {
     "lint": "eslint . --no-error-on-unmatched-pattern",
     "docs": "jsdoc2md index.js > README.md",
-    "test": "mocha test/ --recursive",
-    "test-ci": "c8 --reporter=lcov --reporter=text npm test",
+    "test": "echo \"Error: no test specified\" && exit 0",
+    "test-ci": "echo \"Error: no test specified\" && exit 0",
     "prepublishOnly": "npm run docs && npm run lint && npm run test-ci",
     "commit-ready": "npm run docs && npm run lint && npm run test-ci"
   },
+  "husky": {
+    "hooks": {
+      "pre-commit": "npm run commit-ready",
+      "pre-push": "npm run test"
+    }
+  },
   "keywords": [
     "mimik",
     "microservice",
@@ -19,37 +25,33 @@
   ],
   "author": "mimik technology inc <support@mimik.com> (https://developer.mimik.com/)",
   "license": "MIT",
-  "engines": {
-    "node": ">=24"
-  },
   "repository": {
     "type": "git",
     "url": "https://bitbucket.org/mimiktech/api-helper"
   },
   "dependencies": {
-    "@mimik/request-retry": "^4.0.9",
-    "@mimik/response-helper": "^4.0.10",
-    "@mimik/sumologic-winston-logger": "^2.1.13",
-    "@mimik/swagger-helper": "^5.0.3",
+    "@mimik/request-helper":"^2.0.2",
+    "@mimik/request-retry": "^4.0.3",
+    "@mimik/response-helper": "^4.0.4",
+    "@mimik/sumologic-winston-logger": "^2.0.3",
+    "@mimik/swagger-helper": "^5.0.2",
     "ajv-formats": "3.0.1",
-    "js-base64": "3.7.8",
-    "js-yaml": "4.1.1",
-    "jsonwebtoken": "9.0.3",
-    "openapi-backend": "5.16.1",
-    "swagger-client": "3.36.2"
+    "js-base64": "3.7.7",
+    "js-yaml":"4.1.0",
+    "jsonwebtoken": "9.0.2",
+    "lodash.compact": "3.0.1", 
+    "lodash.difference": "4.5.0",
+    "lodash.intersection": "4.4.0",
+    "openapi-backend": "5.13.0",
+    "swagger-client": "3.35.6"
   },
   "devDependencies": {
     "@eslint/js": "9.32.0",
     "@mimik/eslint-plugin-document-env": "^2.0.8",
-    "@stylistic/eslint-plugin": "5.9.0",
-    "c8": "10.1.3",
-    "chai": "6.2.2",
+    "@stylistic/eslint-plugin": "5.2.2",
     "eslint": "9.32.0",
     "eslint-plugin-import": "2.32.0",
-    "esmock": "2.7.3",
-    "globals": "17.3.0",
     "husky": "9.1.7",
-    "jsdoc-to-markdown": "9.1.3",
-    "mocha": "11.7.5"
+    "jsdoc-to-markdown": "9.1.2"
   }
 }

package/.claude/settings.local.json

@@ -1,9 +0,0 @@
-{
-  "permissions": {
-    "allow": [
-      "Bash(npx mocha:*)",
-      "Bash(npm test:*)",
-      "Bash(npx eslint:*)"
-    ]
-  }
-}

package/.husky/pre-commit

@@ -1,2 +0,0 @@
-#!/bin/sh
-npm run commit-ready

package/.husky/pre-push

@@ -1,2 +0,0 @@
-#!/bin/sh
-npm run test