edgegrid - npm Package Compare versions

Comparing version 1.1.4 to 1.2.0

package.json

 {
   "name": "edgegrid",
-  "version": "1.1.4",
+  "version": "1.2.0",
   "description": "Authorisation process and API helper for Akamai OPEN APIs",
   "main": "index.js",
   "scripts": {
-    "test": "mocha"
+    "test": "EDGEGRID_ENV=test ./node_modules/.bin/mocha $(find test -name '*.js')"
   },
@@ -22,6 +22,11 @@ "repository": {
     "log4js": "^0.6.14",
+    "request": "2.60.0",
     "moment": "^2.7.0",
     "node-uuid": "^1.4.1",
     "underscore": "^1.6.0"
+  },
+  "devDependencies": {
+    "mocha": "2.2.5",
+    "nock": "2.7.0"
   }
 }

src/api.js

@@ -1,152 +0,97 @@
-// Node modules
 
-var https = require('https'),
-  url = require('url');
-  fs = require('fs');
-// EdgeGrid Auth Module
-var auth = require('./auth.js');
+var request = require('request'),
+    fs = require('fs'),
+    auth = require('./auth'),
+    edgerc = require('./edgerc'),
+    helpers = require('./helpers'),
+    logger = require('./logger');
 
-var _client_token = null,
-  _client_secret = null,
-  _access_token = null,
-  _base_uri = null,
-  _request = null;
-
-function parseEdgerc(path, conf) {
-  var edgerc = fs.readFileSync(path).toString().split("\n");
-  var confData = [];
-  for(var i=0;i<edgerc.length;i++) {
-    var matchConf = edgerc[i].match(/\[(.*)\]/);
-    // if we found our matching config, push the next 4 lines into a temp array
-    if (matchConf && matchConf[1] === conf) {
-      confData.push(edgerc[i+1]);
-      confData.push(edgerc[i+2]);
-      confData.push(edgerc[i+3]);
-      confData.push(edgerc[i+4]);
-      // convert the array to a descriptive object
-      confData = confData.map(function(el) {
-        var ret = {}
-        var key = el.split(' = ')[0].trim();
-        var val = el.split(' = ')[1].trim();
-        if (key === 'host') {
-          val = 'https://' + val;
-        }
-        ret[key] = val;
-        return ret;
-      });
-      // turn the array of objects into a single object
-      var result = {};
-      for (var i = 0, length = confData.length; i < length; i++) {
-        result[Object.keys(confData[i])[0]] = confData[i][Object.keys(confData[i])[0]];
-      }
-      return result;
-    }
-  }
-  // if we escaped the parse loop without returning, something is wrong
-  throw('An error occurred parsing the .edgerc file. You probably specified an invalid group name.');
-} 
-
-var EdgeGrid = function(client_token, client_secret, access_token, base_uri) {
+var EdgeGrid = function(client_token, client_secret, access_token, host) {
   // accepting an object containing a path to .edgerc and a config group
   if (typeof arguments[0] === 'object') {
-    var path = arguments[0].path;
-    var group = arguments[0].group;
-    if (path === undefined) {
-      console.log("No .edgerc path");
-      return false;
-    }
-    if (group === undefined) {
-      console.log("No .edgerc group provided, using 'default'");
-      group = 'default';
-    }
-    var config = parseEdgerc(path, group);
-    _client_token = config.client_token;
-    _client_secret = config.client_secret;
-    _access_token = config.access_token;
-    _base_uri = config.host;
+    this._setConfigFromObj(arguments[0]);
+  } else {
+    this._setConfigFromStrings(client_token, client_secret, access_token, host);
   }
-  else {
-    if (client_token === undefined || client_token === null) {
-      console.log("No client token");
-      return false;
-    } else if (client_secret === undefined || client_secret === null) {
-      console.log("No client secret");
-      return false;
-    } else if (access_token === undefined || access_token === null) {
-      console.log("No access token");
-      return false;
-    } else if (base_uri === undefined || base_uri === null) {
-      console.log("No base uri");
-      return false;
-    }
+};
 
-    _client_token = client_token;
-    _client_secret = client_secret;
-    _access_token = access_token;
-    _base_uri = base_uri;
-  }
+EdgeGrid.prototype.auth = function(req) {
+  req = helpers.extend(req, {
+    url: this.config.host + req.path,
+    method: 'GET',
+    headers: {
+      'Content-Type': "application/json"
+    },
+    body: {}
+  });
 
-  return this;
-
+  this.request = auth.generate_auth(req, this.config.client_token, this.config.client_secret, this.config.access_token, this.config.host);
 };
 
-EdgeGrid.prototype.auth = function(request, callback) {
-  _request = auth.generate_auth(request, _client_token, _client_secret, _access_token, _base_uri);
+EdgeGrid.prototype.send = function(callback) {
 
-  if (callback && typeof callback == "function") {
-    callback(this);
-  }
+  request(this.request, function(error, response, body) {
+    if (error) { throw new Error(error); }
 
-  return this;
+    callback(body, response);
+  });
 };
 
-EdgeGrid.prototype.send = function(callback) { 
+EdgeGrid.prototype._setConfigFromObj = function(obj) {
+  if (!obj.path) {
+    if (!process.env.EDGEGRID_ENV === 'test') {
+      logger.error('No .edgerc path');
+    }
 
-  var request = _request,
-    data = "";
+    throw new Error('No edgerc path');
+  }
 
-  var parts = url.parse(request.url);
-  request.hostname = parts.hostname;
-  request.port = parts.port;
-  request.path = parts.path;
+  this.config = edgerc(obj.path, obj.group);
+};
 
-  // headers are case-insensitive so this function returns the value of a header
-  // no matter what its case is. Returns undefined if there's no header defined.
-  request.getHeader = function(header) {
-    var result = undefined;
-    for (k in this.headers) {
-      if (k.toLowerCase() === header) {
-        result = this.headers[k];
-        break;
-      }
-    }
-    return result;
+EdgeGrid.prototype._setConfigFromStrings = function(client_token, client_secret, access_token, host) {
+  if (!validatedArgs([client_token, client_secret, access_token, host])) {
+    throw new Error('Insufficient Akamai credentials');
   }
 
-  if (request.method == "POST" || request.method == "PUT" || request.method == "DELETE") {
-    // Accept user-defined, case-insensitive content-type header -- or use default type
-    request.headers['content-type'] = request.getHeader('content-type') || 'application/x-www-form-urlencoded';
-    request.headers['content-length'] = request.body.length;
-  }
+  this.config = {
+    client_token: client_token,
+    client_secret: client_secret,
+    access_token: access_token,
+    host: host.indexOf('https://') > -1 ? host : 'https://' + host
+  };
+};
 
-  var req = https.request(request, function(res) {
-    res.on('data', function(d) {
-      data += d;
-    });
+function validatedArgs(args) {
+  var expected = [
+        'client_token', 'client_secret', 'access_token', 'host'
+      ],
+      valid = true,
+      i;
 
-    res.on('end', function() {
-      if (callback && typeof callback == "function") {
-        callback(data, res);
+  expected.forEach(function(arg, i) {
+    if (!args[i]) {
+      if (process.env.EDGEGRID_ENV !== 'test' ) {
+        logger.error('No defined ' + arg);
       }
 
-    });
+      valid = false;
+    }
   });
 
-  if (request.method == "POST" || request.method == "PUT" || request.method == "DELETE") {
-    req.write(request.body);
+  return valid;
+}
+
+EdgeGrid.prototype._setConfigFromObj = function(obj) {
+  if (!obj.path) {
+    if (!process.env.EDGEGRID_ENV === 'test') {
+      logger.error('No .edgerc path');
+    }
+
+    throw new Error('No edgerc path');
   }
 
-  req.end();
+  this.config = edgerc(obj.path, obj.group);
 };
 
 module.exports = EdgeGrid;

src/auth.js

@@ -9,11 +9,4 @@ // Authorization: EG1-HMAC-SHA256
   url = require('url'),
-  log4js = require('log4js');
+  logger = require('./logger');
 
-// Set output level
-var logger = log4js.getLogger();
-
-if (!process.env.LOG4JS_CONFIG) {
-  logger.setLevel(log4js.levels.ERROR);
-}
-
 var _headers_to_sign = null,
@@ -159,3 +152,3 @@ _max_body = null;
 module.exports = {
-  generate_auth: function(request, client_token, client_secret, access_token, base_uri, headers_to_sign, max_body, guid, timestamp) {
+  generate_auth: function(request, client_token, client_secret, access_token, host, headers_to_sign, max_body, guid, timestamp) {
 
@@ -171,3 +164,3 @@ _max_body = max_body || 2048;
     }
-    request.url = base_uri + request.path;
+    request.url = host + request.path;
     request.headers.Authorization = make_auth_header(request, client_token, access_token, client_secret, timestamp, guid);
@@ -174,0 +167,0 @@ return request;

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

53658

increased by22.42%

Number of package files

16

increased by77.78%

Lines of code

916

increased by37.74%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Dependency count

5

increased by25%

Dev dependency count

2

increased byInfinity%

Number of low supply chain risk alerts

8

increased by100%

Dependency changes

• + Addedrequest@2.60.0

• + Addedansi-regex@2.1.1(transitive)

• + Addedansi-styles@2.2.1(transitive)

• + Addedasn1@0.1.11(transitive)

• + Addedassert-plus@0.1.5(transitive)

• + Addedasync@2.6.4(transitive)

• + Addedaws-sign2@0.5.0(transitive)

• + Addedbl@1.0.3(transitive)

• + Addedbluebird@2.11.0(transitive)

• + Addedboom@2.10.1(transitive)

• + Addedcaseless@0.11.0(transitive)

• + Addedchalk@1.1.3(transitive)

• + Addedcombined-stream@1.0.8(transitive)

• + Addedcommander@2.20.3(transitive)

• + Addedcryptiles@2.0.5(transitive)

• + Addedctype@0.5.3(transitive)

• + Addeddelayed-stream@1.0.0(transitive)

• + Addedescape-string-regexp@1.0.5(transitive)

• + Addedextend@3.0.2(transitive)

• + Addedforever-agent@0.6.1(transitive)

• + Addedform-data@1.0.1(transitive)

• + Addedgenerate-function@2.3.1(transitive)

• + Addedgenerate-object-property@1.2.0(transitive)

• + Addedhar-validator@1.8.0(transitive)

• + Addedhas-ansi@2.0.0(transitive)

• + Addedhawk@3.1.3(transitive)

• + Addedhoek@2.16.3(transitive)

• + Addedhttp-signature@0.11.0(transitive)

• + Addedis-my-ip-valid@1.0.1(transitive)

• + Addedis-my-json-valid@2.20.6(transitive)

• + Addedis-property@1.0.2(transitive)

• + Addedisarray@1.0.0(transitive)

• + Addedisstream@0.1.2(transitive)

• + Addedjson-stringify-safe@5.0.1(transitive)

• + Addedjsonpointer@5.0.1(transitive)

• + Addedlodash@4.17.21(transitive)

• + Addedmime-db@1.52.0(transitive)

• + Addedmime-types@2.1.35(transitive)

• + Addedoauth-sign@0.8.2(transitive)

• + Addedprocess-nextick-args@1.0.7(transitive)

• + Addedqs@4.0.0(transitive)

• + Addedreadable-stream@2.0.6(transitive)

• + Addedrequest@2.60.0(transitive)

• + Addedsntp@1.0.9(transitive)

• + Addedstringstream@0.0.6(transitive)

• + Addedstrip-ansi@3.0.1(transitive)

• + Addedsupports-color@2.0.0(transitive)

• + Addedtldts@6.1.75(transitive)

• + Addedtldts-core@6.1.75(transitive)

• + Addedtough-cookie@5.1.0(transitive)

• + Addedtunnel-agent@0.4.3(transitive)

• + Addedutil-deprecate@1.0.2(transitive)

• + Addedxtend@4.0.2(transitive)