openid 2.0.10 → 2.0.12

package/SECURITY.md

@@ -0,0 +1,5 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Please send an e-mail to havard.stranden at that mail domain provided by that search giant beginning with the letter after f in the alphabet.

package/package.json

@@ -18,7 +18,7 @@
     "name": "Håvard Stranden",
     "email": "havard.stranden@gmail.com"
   },
-  "version": "2.0.10",
+  "version": "2.0.12",
   "repository": {
     "type": "git",
     "url": "http://github.com/havard/node-openid.git"
@@ -36,10 +36,10 @@
     "node": ">= 0.6.0"
   },
   "devDependencies": {
-    "jest": "^26.6.3"
+    "jest": "^29.7.0"
   },
   "dependencies": {
-    "axios": "^0.21.4",
+    "axios": "^1.6.0",
     "qs": "^6.5.2"
   }
 }

package/test/integration_tests.test.js

@@ -43,20 +43,20 @@ test('Empty identifier', () => {
     });
 });
 
-// 2016-09-09: XRI.net certificate has expired as of 2016-08-15, 
-// so disable this test for now.
+// // 2016-09-09: XRI.net certificate has expired as of 2016-08-15, 
+// // so disable this test for now.
 
-// test('Resolve =ryan XRI', () => {
-//   openid.discover('=ryan',
-//     true,
-//     (error, providers) => {
-//       expect(!error).toBe(true);
-//       expect(providers.length).toBe(2);
-//     });
-// });
+// // test('Resolve =ryan XRI', () => {
+// //   openid.discover('=ryan',
+// //     true,
+// //     (error, providers) => {
+// //       expect(!error).toBe(true);
+// //       expect(providers.length).toBe(2);
+// //     });
+// // });
 
-test('Resolve login.ubuntu.com', () => {
-  openid.discover('https://login.ubuntu.com',
+test('Resolve Steam', () => {
+  openid.discover('https://steamcommunity.com/openid/',
     true,
     (error, providers) => {
       expect(error).toBeFalsy();
@@ -64,8 +64,8 @@ test('Resolve login.ubuntu.com', () => {
     });
 });
 
-test('Resolve LiveJournal user', () => {
-  openid.discover('http://omnifarious.livejournal.com/',
+test('Resolve https://login.ubuntu.com', () => {
+  openid.discover('https://login.ubuntu.com',
     true,
     (error, providers) => {
       expect(error).toBeFalsy();
@@ -73,22 +73,37 @@ test('Resolve LiveJournal user', () => {
     });
 });
 
-test('Resolve OpenID 1.1 provider', () => {
-  // FIXME: relying on a third party for back-level protocol support is brittle.
-  openid.discover('http://pupeno.com/',
+test('Resolve LiveJournal user', () => {
+  openid.discover('http://omnifarious.livejournal.com/',
     true,
     (error, providers) => {
       expect(error).toBeFalsy();
       expect(providers.length).toBe(1);
-      expect(providers[0].version).toBe('http://openid.net/signon/1.1');
     });
 });
 
-const performAssociation = (url, version) => {
+// 2023-11-12: This OpenID 1.1 provider seems to have gone away,
+// so disable this test for now.
+// test('Resolve OpenID 1.1 provider', done => {
+//   // FIXME: relying on a third party for back-level protocol support is brittle.
+//   openid.discover('http://pupeno.com/',
+//     true,
+//     (error, providers) => {
+//       expect(error).toBeFalsy();
+//       expect(providers).not.toBeNull();
+//       expect(providers).toHaveLength(1);
+//       expect(providers[0].version).toBe('http://openid.net/signon/1.1');
+//       done();
+//     });
+// });
+
+const performAssociation = (url, version, done) => {
   openid.discover(url,
     true,
     (error, providers) => {
       expect(error).toBeFalsy();
+      expect(providers).not.toBeNull();
+      expect(providers).toHaveLength(1);
       const provider = providers[0];
       openid.associate(provider, (error, result) => {
         expect(error).toBeFalsy();
@@ -96,42 +111,46 @@ const performAssociation = (url, version) => {
           expect(provider.version).toBe(version);
         }
         expect(result.expires_in).toBeTruthy();
+        done();
       });
     }
   );
 }
 
-test('Associate with https://login.ubuntu.com', () => {
-  performAssociation('https://login.ubuntu.com');
+test('Associate with https://login.ubuntu.com', done => {
+  performAssociation('https://login.ubuntu.com',null, done);
 });
 
-test('Associate with http://omnifarious.livejournal.com/', () => {
-  performAssociation('http://omnifarious.livejournal.com/');
+test('Associate with http://omnifarious.livejournal.com/', done => {
+  performAssociation('http://omnifarious.livejournal.com/', null, done);
 });
-test('Associate with https://matt.wordpress.com/', () => {
+
+test('Associate with https://matt.wordpress.com/', done => {
   // FIXME: relying on a third party for back-level protocol support is brittle.
-  performAssociation('https://matt.wordpress.com/', 'http://openid.net/signon/1.1', test);
+  performAssociation('https://matt.wordpress.com/', 'http://openid.net/signon/1.1', done);
 });
 
-test('Immediate authentication with https://login.ubuntu.com', () => {
+test('Immediate authentication with https://login.ubuntu.com', done => {
   openid.authenticate('https://login.ubuntu.com', 
   'http://example.com/verify', null, true, false, 
   (error, url) => {
     expect(error).toBeFalsy();
     expect(url.indexOf('checkid_immediate')).not.toBe(-1);
+    done();
   });
 });
 
-test('Setup authentication with https://login.ubuntu.com', () => {
+test('Setup authentication with https://login.ubuntu.com', done => {
   openid.authenticate('https://login.ubuntu.com', 
   'http://example.com/verify', null, false, false, 
   (error, url) => {
     expect(error).toBeFalsy();
     expect(url.indexOf('checkid_setup')).not.toBe(-1);
+    done();
   });
 });
 
-test('Setup authentication with https://login.ubuntu.com using RelyingParty object', () => {
+test('Setup authentication with https://login.ubuntu.com using RelyingParty object', done => {
   const rp = new openid.RelyingParty(
       'http://example.com/verify',
       null,
@@ -142,5 +161,6 @@ test('Setup authentication with https://login.ubuntu.com using RelyingParty obje
   (error, url) => {
     expect(error).toBeFalsy();
     expect(url.indexOf('checkid_setup')).not.toBe(-1);
+    done();
   });
 });