@mojaloop/sdk-scheme-adapter 12.0.0 → 12.0.1

package/.nvmrc

@@ -1 +1 @@
-v14.15
+v16.14

package/.versionrc

@@ -1,4 +1,5 @@
 {
+  "header": "# Changelog: [mojaloop/thirdparty-api-svc](https://github.com/mojaloop/thirdparty-api-svc)",
   "types": [
     {"type": "feat", "section": "Features"},
     {"type": "fix", "section": "Bug Fixes"},

package/CHANGELOG.md

@@ -1,6 +1,10 @@
-# Changelog
+# Changelog: [mojaloop/thirdparty-api-svc](https://github.com/mojaloop/thirdparty-api-svc)
+### [12.0.1](https://github.com/mojaloop/sdk-scheme-adapter/compare/v12.0.0...v12.0.1) (2022-04-19)
 
-All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
+
+### Bug Fixes
+
+* remove outdated koa2-oauth-server and bump to node 16 ([#302](https://github.com/mojaloop/sdk-scheme-adapter/issues/302)) ([9c1ae18](https://github.com/mojaloop/sdk-scheme-adapter/commit/9c1ae18375f033fe59c219fa7cc970bd4d0c72f2))
 
 ## [12.0.0](https://github.com/mojaloop/sdk-scheme-adapter/compare/v11.18.12...v12.0.0) (2022-03-18)
 

package/OAuthTestServer/index.js

@@ -10,11 +10,13 @@
 
 'use strict';
 
-const http = require('http');
-const Koa = require('koa');
-const koaBody = require('koa-body');
-const OAuthServer = require('koa2-oauth-server');
+const { assert } = require('assert');
+const express = require('express');
+const bodyParser = require('body-parser');
+const OAuth2Server = require('oauth2-server');
 const { InMemoryCache } = require('./model');
+const {Request, Response} = require('oauth2-server');
+const UnauthorizedRequestError = require('oauth2-server/lib/errors/unauthorized-request-error');
 
 class OAuthTestServer {
     /**
@@ -29,36 +31,95 @@ class OAuthTestServer {
         this._api = null;
         this._port = port;
         this._logger = logger;
-        this._api = OAuthTestServer._SetupApi({ clientKey, clientSecret });
-        this._server = http.createServer(this._api.callback());
+        this._clientKey = clientKey;
+        this._clientSecret = clientSecret;
     }
 
     async start() {
-        if (this._server.listening) {
+        if (this._app) {
             return;
         }
-        await new Promise((resolve) => this._server.listen(this._port, resolve));
+        this._app = express();
+
+        this._oauth = new OAuth2Server({
+            model: new InMemoryCache({ clientKey: this._clientKey, clientSecret:this._clientSecret }),
+            accessTokenLifetime: 60 * 60,
+            allowBearerTokensInQueryString: true,
+        });
+
+        this._app.use(bodyParser.urlencoded({ extended: false }));
+        this._app.use(bodyParser.json());
+        this._app.use(this.tokenMiddleware());
+
+
+        await new Promise((resolve) => this._app.listen(this._port, resolve));
         this._logger.push({ port: this._port }).log('Serving OAuth2 Test Server');
     }
 
     async stop() {
-        await new Promise(resolve => this._server.close(resolve));
+        if (!this._app) {
+            return;
+        }
+        await new Promise(resolve => this._app.close(resolve));
+        this._app = null;
         this._logger.log('OAuth2 Test Server shut down complete');
     }
 
-    static _SetupApi({ clientKey, clientSecret }) {
-        const result = new Koa();
+    async reconfigure({ port, clientKey, clientSecret, logger }) {
+        assert(port === this._port, 'Cannot reconfigure running port');
+        return () => {
+            this._port = port;
+            this._logger = logger;
+            this.stop().then(() => this.start());
+            this._api = OAuthTestServer._SetupApi({ clientKey, clientSecret });
+            this._logger.log('restarted');
+        };
+    }
 
-        result.oauth = new OAuthServer({
-            model: new InMemoryCache({ clientKey, clientSecret }),
-            accessTokenLifetime: 60 * 60,
-            allowBearerTokensInQueryString: true,
-        });
+    handleResponse(req, res, response) {
+        if (response.status === 302) {
+            const location = response.headers.location;
+            delete response.headers.location;
+            res.set(response.headers);
+            res.redirect(location);
+        } else {
+            res.set(response.headers);
+            res.status(response.status).send(response.body);
+        }
+    }
+
+    handleError(e, req, res, response) {
+        if (response) {
+            res.set(response.headers);
+        }
+
+        res.status(e.code);
+
+        if (e instanceof UnauthorizedRequestError) {
+            return res.send();
+        }
+
+        res.send({ error: e.name, error_description: e.message });
+    }
+
+    tokenMiddleware(options) {
+        return async (req, res, next) => {
+            const request = new Request(req);
+            const response = new Response(res);
+
+            let token;
+
+            try {
+                token = await this._oauth.token(request, response, options);
+                res.locals.oauth = {token};
+            } catch (e) {
+                await this.handleError(e, req, res, response, next);
+                return;
+            }
 
-        result.use(koaBody());
-        result.use(result.oauth.token());
+            await this.handleResponse(req, res, response);
 
-        return result;
+        };
     }
 }
 

package/audit-resolve.json

@@ -389,6 +389,31 @@
       "decision": "ignore",
       "madeAt": 1647565602524,
       "expiresAt": 1650157555692
+    },
+    "1069972|@mojaloop/central-services-shared>@mojaloop/event-sdk>moment": {
+      "decision": "ignore",
+      "madeAt": 1649898254012,
+      "expiresAt": 1652490250295
+    },
+    "1069972|@mojaloop/event-sdk>moment": {
+      "decision": "ignore",
+      "madeAt": 1649898254012,
+      "expiresAt": 1652490250295
+    },
+    "1067456|@mojaloop/central-services-shared>widdershins>markdown-it": {
+      "decision": "ignore",
+      "madeAt": 1649898255401,
+      "expiresAt": 1652490250295
+    },
+    "1068310|@mojaloop/central-services-shared>widdershins>yargs>yargs-parser": {
+      "decision": "ignore",
+      "madeAt": 1649898256486,
+      "expiresAt": 1652490250295
+    },
+    "1067946|ajv": {
+      "decision": "ignore",
+      "madeAt": 1649898257344,
+      "expiresAt": 1652490250295
     }
   },
   "rules": {},

package/package.json

@@ -1,11 +1,11 @@
 {
   "name": "@mojaloop/sdk-scheme-adapter",
-  "version": "12.0.0",
+  "version": "12.0.1",
   "description": "An adapter for connecting to Mojaloop API enabled switches.",
   "main": "index.js",
   "types": "index.d.ts",
   "engines": {
-    "node": ">=14.15"
+    "node": "=16.x"
   },
   "scripts": {
     "audit:resolve": "SHELL=sh resolve-audit --production",
@@ -49,12 +49,6 @@
     "type": "git",
     "url": "git@github.com:mojaloop/sdk-scheme-adapter.git"
   },
-  "@comment dependencies": [
-    "koa2-oauth-server is an old unmaintained repo. It uses the now unsupported git protocol.",
-    "Please see https://github.blog/2021-09-01-improving-git-protocol-security-github/ for more information.",
-    "If you regenerate package-lock.json, you will manually have to update `git://` to `https://` on its",
-    "dependencies."
-  ],
   "dependencies": {
     "@koa/cors": "^3.1.0",
     "@mojaloop/central-services-error-handling": "11.3.0",
@@ -70,12 +64,13 @@
     "co-body": "^6.1.0",
     "dotenv": "^10.0.0",
     "env-var": "^7.0.1",
+    "express": "^4.17.2",
     "javascript-state-machine": "^3.1.0",
     "js-yaml": "^4.1.0",
     "json-schema-ref-parser": "^9.0.9",
     "koa": "^2.13.1",
     "koa-body": "^4.2.0",
-    "koa2-oauth-server": "^1.0.0",
+    "oauth2-server": "^4.0.0-dev.2",
     "openapi-jsonschema-parameters": "^9.3.0",
     "promise-timeout": "^1.3.0",
     "redis": "^3.1.2",
@@ -96,7 +91,7 @@
     "jest": "^27.2.0",
     "jest-junit": "^12.2.0",
     "nock": "^13.1.3",
-    "npm-audit-resolver": "^2.3.1",
+    "npm-audit-resolver": "^3.0.0-0",
     "npm-check-updates": "^11.8.5",
     "openapi-response-validator": "^9.3.0",
     "openapi-typescript": "^4.0.2",

package/test/unit/InboundServer.test.js

@@ -376,7 +376,7 @@ describe('Inbound Server', () => {
 
         afterEach(async () => {
             await svr.stop();
-            fs.rmdirSync(keysDir, { recursive: true });
+            fs.rmSync(keysDir, { recursive: true });
         });
 
         it('updates server configuration when a new JWS verification key '

package/test/unit/config.test.js

@@ -33,7 +33,7 @@ describe('config', () => {
 
     afterEach(() => {
         process.env = { ...env };
-        fs.rmdirSync(certDir, { recursive: true });
+        fs.rmSync(certDir, { recursive: true });
         jest.resetModules();
     });