twitch-oauth-authorization-code-express - npm Package Compare versions

Comparing version 2.0.0 to 2.1.0

dist/index.d.ts

@@ -1,1 +0,1 @@
-export { refreshToken, setupTwitchOAuthPath } from './oauth';
+export { refreshToken, setupTwitchOAuthPath, TokenInfo } from './oauth';

dist/oauth.d.ts

 import { Application } from "express";
+import * as express from "express";
 declare type TokenInfo = {
     access_token: string;
     refresh_token: string;
+    expiry_date: Date;
+    scopes: string[];
 };
-declare type OAuthTokenCallback = (req: any, res: any, info: TokenInfo) => void;
+declare type OAuthTokenCallback = (req: express.Request, res: express.Response, info: TokenInfo) => void;
 declare type TwitchOAuthPathOptions = {
@@ -15,5 +18,7 @@ app: Application;
     force_verify?: boolean;
+    token_url?: string;
+    authorize_url?: string;
 };
 declare function setupTwitchOAuthPath(options: TwitchOAuthPathOptions): void;
-declare function refreshToken(refresh_token: string, client_id: string, client_secret: string, scopes?: string[]): Promise<TokenInfo>;
-export { setupTwitchOAuthPath, refreshToken };
+declare function refreshToken(refresh_token: string, client_id: string, client_secret: string, scopes?: string[], token_url?: string): Promise<TokenInfo>;
+export { setupTwitchOAuthPath, refreshToken, TokenInfo, OAuthTokenCallback };

dist/oauth.js

@@ -40,2 +40,3 @@ "use strict";
 var https = require("https");
+var http = require("http");
 var crypto = require("crypto");
@@ -45,4 +46,9 @@ var url_1 = require("url");
 function setupTwitchOAuthPath(options) {
+    options.token_url = options.token_url || "https://id.twitch.tv/oauth2/token";
+    options.authorize_url = options.authorize_url || "https://id.twitch.tv/oauth2/authorize";
     var redirect_uri_obj = new url_1.URL(options.redirect_uri);
     options.app.get(redirect_uri_obj.pathname, function (req, res) {
+        if (!req.session) {
+            throw Error('No session middleware detected; Please attach session middleware!');
+        }
         if (req.query && req.query.code) {
@@ -56,3 +62,10 @@ //Have code, make request with
             }
-            var https_request = https.request("https://id.twitch.tv/oauth2/token" +
+            var requestModule = void 0;
+            if (options.token_url.startsWith('https://')) {
+                requestModule = https;
+            }
+            else {
+                requestModule = http;
+            }
+            var http_request = requestModule.request(options.token_url +
                 ("?client_id=" + options.client_id) +
@@ -73,3 +86,5 @@ ("&client_secret=" + options.client_secret) +
                         access_token: data.access_token,
-                        refresh_token: data.refresh_token
+                        refresh_token: data.refresh_token,
+                        scopes: data.scope,
+                        expiry_date: new Date(Date.now() + data.expires_in * 1000)
                     };
@@ -79,3 +94,3 @@ options.callback(req, res, info);
             });
-            https_request.on("error", function (e) {
+            http_request.on("error", function (e) {
                 //TODO better error handling?
@@ -85,3 +100,3 @@ res.send('Got error');
             });
-            https_request.end();
+            http_request.end();
         }
@@ -94,3 +109,3 @@ else {
             var scope_string = options.scopes ? options.scopes.join(' ') : '';
-            res.redirect(307, "https://id.twitch.tv/oauth2/authorize" +
+            var redirectUrl = options.authorize_url +
                 ("?client_id=" + options.client_id) +
@@ -101,3 +116,4 @@ ("&redirect_uri=" + encodeURIComponent(options.redirect_uri)) +
                 ("&state=" + req.session.oauth_state) +
-                (options.force_verify ? "&force_verify=" + options.force_verify : ''));
+                (options.force_verify ? "&force_verify=" + options.force_verify : '');
+            res.redirect(307, redirectUrl);
         }
@@ -108,3 +124,3 @@ });
 // Refresh token OAuth token - it is up to the user of this library to properly synchronize this
-function refreshToken(refresh_token, client_id, client_secret, scopes) {
+function refreshToken(refresh_token, client_id, client_secret, scopes, token_url) {
     return __awaiter(this, void 0, void 0, function () {
@@ -114,3 +130,11 @@ return __generator(this, function (_a) {
                     var scope_string = scopes ? scopes.join(' ') : undefined;
-                    var https_request = https.request("https://id.twitch.tv/oauth2/token" +
+                    token_url = token_url || "https://id.twitch.tv/oauth2/token";
+                    var requestModule;
+                    if (token_url.startsWith('https://')) {
+                        requestModule = https;
+                    }
+                    else {
+                        requestModule = http;
+                    }
+                    var https_request = requestModule.request(token_url +
                         ("?refresh_token=" + refresh_token) +
@@ -129,11 +153,16 @@ ("&client_id=" + client_id) +
                         https_res.on('end', function () {
+                            if (!https_res.statusCode) {
+                                return reject(new Error('No statusCode on response?!?!?!'));
+                            }
                             if (Math.floor(https_res.statusCode / 100) != 2) {
                                 //Not a 2xx status code; Meaning this is an error.
-                                reject(JSON.parse(rawData));
-                                return;
+                                return reject(JSON.parse(rawData));
                             }
                             var data = JSON.parse(rawData);
+                            var scopes = data.scope.trim() === '' ? [] : data.scope.split(' ');
                             var info = {
                                 access_token: data.access_token,
-                                refresh_token: data.refresh_token
+                                refresh_token: data.refresh_token,
+                                scopes: scopes,
+                                expiry_date: new Date(Date.now() + data.expires_in * 1000)
                             };
@@ -140,0 +169,0 @@ resolve(info);

package.json

 {
   "name": "twitch-oauth-authorization-code-express",
-  "version": "2.0.0",
+  "version": "2.1.0",
   "description": "Small library to get a Twitch OAuth code using the OAuth authorization code flow.",
@@ -8,4 +8,6 @@ "main": "dist/index.js",
   "scripts": {
-    "build-test": "tsc --project test.tsconfig.json",
-    "test": "node -r dotenv/config dist/test.js dotenv_config_path=config.env",
+    "build-test": "npx prisma generate && tsc --project test.tsconfig.json",
+    "test": "mocha dist/test/test.js",
+    "clean": "rm -r dist",
+    "clean_windows": "rd /s /q .\\dist",
     "build": "tsc"
@@ -29,4 +31,10 @@ },
   "devDependencies": {
-    "dotenv": "^8.2.0"
+    "@types/got": "^9.6.11",
+    "@types/mocha": "^7.0.2",
+    "dotenv": "^8.2.0",
+    "got": "^11.1.4",
+    "mocha": "^7.1.2",
+    "tough-cookie": "^4.0.0",
+    "twitch-mock-oauth-server": "^0.4.0"
   }
 }

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

12432

increased by18.05%

Lines of code

198

increased by20.73%

Worsened metrics

Dev dependency count

7

increased by600%

Number of medium supply chain risk alerts

2

increased by100%

No dependency changes