refactor: update dependencies (#9)

* chore: update yarn bundle

* refactor(hydra oauth client): update type to module

* refactor: add supertest types

* style: fix lint

* chore: update types cookie package version to 0.6.0

* chore: update types express version to 4.17.21

* chore: update types node package

* chore: update types simple oauth2

* chore: update express package version

* chore: update get-port package version

* chore: update supertest package version

* chore: update cookie package version

* chore: update simple oauth2 package version

* chore: update types react dom package version

* chore: update next package version

* fix: integration tests

* chore: update cookie package version

* chore: update express package version

* style: fix integration test lint

* chore: update types node package version

* chore: update supertest package version

* chore: change kratos session type to module

Author: OsirisAnubiz

.config/husky/commit-msg

@@ -1,4 +1 @@
-#!/bin/sh
-. "$(dirname "$0")/_/husky.sh"
-
-yarn commit message lint
+yarn commit message lint

.config/husky/pre-commit

@@ -1,4 +1 @@
-#!/bin/sh
-. "$(dirname "$0")/_/husky.sh"
-
-yarn commit staged
+yarn commit staged

.config/husky/prepare-commit-msg

@@ -1,4 +1 @@
-#!/bin/sh
-. "$(dirname "$0")/_/husky.sh"
-
-yarn commit message $@
+yarn commit message $@

.pnp.cjs

@@ -2,18 +2,26 @@
  * @jest-environment node
  */
 
-import { Express }                      from 'express'
-import { Server }                       from 'http'
+import type { Express }                 from 'express'
+import type { Server }                  from 'http'
+import type { SuperTest }               from 'supertest'
+import type { Test }                    from 'supertest'
+
+import { describe }                     from '@jest/globals'
+import { afterAll }                     from '@jest/globals'
+import { beforeAll }                    from '@jest/globals'
+import { expect }                       from '@jest/globals'
+import { it }                           from '@jest/globals'
 import express                          from 'express'
 import getPort                          from 'get-port'
 import supertest                        from 'supertest'
 
-import { HydraAuthorizationCodeClient } from '../../src'
+import { HydraAuthorizationCodeClient } from '../../src/index.js'
 
 describe('authorization code', () => {
   let app: Express
   let server: Server
-  let request
+  let request: SuperTest<Test>
 
   beforeAll(async () => {
     const port = await getPort()
@@ -27,12 +35,19 @@ describe('authorization code', () => {
       redirectUri: `http://localhost:${port}/callback`,
     })
 
-    app.use('/login', (req, res) => client.authenticate(req, res))
-    app.use('/callback', async (req, res) => res.json(await client.verify(req, res)))
+    app.use('/login', (req, res) => {
+      client.authenticate(req, res)
+    })
+    app.use('/callback', async (req, res): Promise<void> => {
+      res.json(await client.verify(req, res))
+    })
 
-    app.use('/oauth2/token', (req, res) => res.json({ access_token: true }))
+    app.use('/oauth2/token', (req, res) => {
+      res.json({ access_token: true })
+    })
 
     server = app.listen(port)
+    // @ts-expect-error
     request = supertest.agent(server)
   })
 
@@ -43,7 +58,7 @@ describe('authorization code', () => {
   it('authenticate location', async () => {
     const response = await request.get('/login')
 
-    const location = new URL(response.get('location'))
+    const location = new URL(response.get('location')!)
 
     expect(location.searchParams.get('client_id')).toBe('client')
     expect(location.searchParams.get('response_type')).toBe('code')
@@ -52,23 +67,33 @@ describe('authorization code', () => {
   it('authenticate nonce', async () => {
     const response = await request.get('/login')
 
-    const nonce = response
-      .get('set-cookie')
-      .find((item) => item.includes(HydraAuthorizationCodeClient.NONCE_TOKEN))
+    // @ts-expect-error
+    const cookies = response.get('set-cookie') as Array<string>
+
+    if (!cookies) throw new Error('No cookies')
+
+    const nonce = cookies.find((item) => item.includes(HydraAuthorizationCodeClient.NONCE_TOKEN))
 
     expect(nonce).toBeDefined()
   })
 
   it('verify', async () => {
     const authenticate = await request.get('/login')
 
-    const location = new URL(authenticate.get('location'))
+    const location = new URL(authenticate.get('location')!)
 
-    const verify = await request.get('/callback').query({
-      state: location.searchParams.get('state'),
-      scope: 'openid offline',
-      code: 'code',
-    })
+    const cookies = authenticate.get('set-cookie')
+
+    if (!cookies) throw new Error('No cookies')
+
+    const verify = await request
+      .get('/callback')
+      .set('Cookie', cookies)
+      .query({
+        state: location.searchParams.get('state'),
+        scope: 'openid offline',
+        code: 'code',
+      })
 
     expect(verify.body.accessToken).toBeDefined()
   })

.yarn/releases/yarn-0.0.1-git.20230911.hash-1c44e15.cjs

@@ -2,6 +2,7 @@
   "name": "@atls/hydra-oauth-client",
   "version": "0.0.1",
   "license": "BSD 3-Clause",
+  "type": "module",
   "main": "src/index.ts",
   "files": [
     "dist"
@@ -12,17 +13,19 @@
     "postpack": "rm -rf dist"
   },
   "dependencies": {
-    "cookie": "0.5.0",
-    "simple-oauth2": "5.0.0"
+    "cookie": "1.0.1",
+    "simple-oauth2": "5.1.0"
   },
   "devDependencies": {
-    "@types/cookie": "0.5.2",
-    "@types/express": "4.17.17",
-    "@types/node": "20.6.3",
-    "@types/simple-oauth2": "5.0.4",
-    "express": "4.18.2",
-    "get-port": "7.0.0",
-    "supertest": "6.3.3"
+    "@jest/globals": "29.7.0",
+    "@types/cookie": "0.6.0",
+    "@types/express": "5.0.0",
+    "@types/node": "22.7.5",
+    "@types/simple-oauth2": "5.0.7",
+    "@types/supertest": "6.0.2",
+    "express": "5.0.1",
+    "get-port": "7.1.0",
+    "supertest": "7.0.0"
   },
   "publishConfig": {
     "access": "public",

.yarn/releases/yarn.cjs

@@ -1,25 +1,29 @@
-import { AuthorizationCode }                   from 'simple-oauth2'
-import { ModuleOptions }                       from 'simple-oauth2'
-import { randomBytes }                         from 'crypto'
-import cookie                                  from 'cookie'
-
-import { HydraAuthorizationCodeClientOptions } from './hydra-authorization-code.interfaces'
-import { HydraAuthorizationCodeResult }        from './hydra-authorization-code.interfaces'
-import { AuthenticationStateOptions }          from './hydra-authorization-code.interfaces'
-import { State }                               from './hydra-authorization-code.interfaces'
-import { serializeState }                      from './state.utils'
-import { parseState }                          from './state.utils'
+import type { Request }                             from 'express'
+import type { Response }                            from 'express'
+import type { ModuleOptions }                       from 'simple-oauth2'
+
+import type { HydraAuthorizationCodeClientOptions } from './hydra-authorization-code.interfaces.js'
+import type { HydraAuthorizationCodeResult }        from './hydra-authorization-code.interfaces.js'
+import type { AuthenticationStateOptions }          from './hydra-authorization-code.interfaces.js'
+import type { State }                               from './hydra-authorization-code.interfaces.js'
+
+import { AuthorizationCode }                        from 'simple-oauth2'
+import { randomBytes }                              from 'crypto'
+import cookie                                       from 'cookie'
+
+import { serializeState }                           from './state.utils.js'
+import { parseState }                               from './state.utils.js'
 
 export class HydraAuthorizationCodeClient {
   static NONCE_TOKEN = 'anonce'
 
+  logoutUrl: string
+
   private client: AuthorizationCode
 
   private redirectUri: string
 
-  private scope: string[]
-
-  logoutUrl: string
+  private scope: Array<string>
 
   constructor(options: HydraAuthorizationCodeClientOptions) {
     const credentials: ModuleOptions = {
@@ -44,11 +48,11 @@ export class HydraAuthorizationCodeClient {
     this.logoutUrl = new URL('/oauth2/sessions/logout', options.tokenHost).toString()
   }
 
-  getReturnToUrl(req): string | undefined {
+  getReturnToUrl(req: Request): string | undefined {
     const query = req.query || req.params
 
     if (query.return_to) {
-      return query.return_to
+      return query.return_to as string
     }
 
     const referrer = req.get('referrer')
@@ -63,8 +67,8 @@ export class HydraAuthorizationCodeClient {
     return undefined
   }
 
-  setNonce(req, res, nonce: string) {
-    let setCookieHeader = req.get('Set-Cookie') || []
+  setNonce(req: Request, res: Response, nonce: string): void {
+    let setCookieHeader = req.get('Set-Cookie') || ([] as Array<string>)
 
     if (!Array.isArray(setCookieHeader)) {
       setCookieHeader = [setCookieHeader]
@@ -81,7 +85,7 @@ export class HydraAuthorizationCodeClient {
     res.set('Set-Cookie', setCookieHeader)
   }
 
-  getAuthorizationUrl(params = {}) {
+  getAuthorizationUrl(params = {}): string {
     const state = serializeState(params)
 
     return this.client.authorizeURL({
@@ -91,29 +95,34 @@ export class HydraAuthorizationCodeClient {
     })
   }
 
-  authenticate(req, res, options: AuthenticationStateOptions = {}) {
+  authenticate(req: Request, res: Response, options: AuthenticationStateOptions = {}): void {
     const params = {
       ...options,
+      // eslint-disable-next-line react/no-is-mounted
       returnTo: this.getReturnToUrl(req),
       nonce: randomBytes(20).toString('hex'),
     }
 
+    // eslint-disable-next-line react/no-is-mounted
     this.setNonce(req, res, params.nonce)
 
-    return res.redirect(this.getAuthorizationUrl(params))
+    // eslint-disable-next-line react/no-is-mounted
+    res.redirect(this.getAuthorizationUrl(params))
   }
 
-  async verify(req, res): Promise<HydraAuthorizationCodeResult> {
+  async verify(req: Request, res: Response): Promise<HydraAuthorizationCodeResult> {
     const query = req.query || req.params
 
     const tokenConfig = {
       redirect_uri: this.redirectUri,
-      code: query.code,
-      scope: query.scope,
+      code: query.code as string,
+      scope: query.scope as string,
     }
 
+    // @ts-expect-error
     const state: State = parseState(query.state) || {}
 
+    // @ts-expect-error
     const cookies = cookie.parse(req.get('cookie'))
 
     if (state.nonce !== cookies[HydraAuthorizationCodeClient.NONCE_TOKEN]) {

packages/hydra-oauth-client/integration/test/authorization-code.test.ts

@@ -1,6 +1,6 @@
-import { AccessToken } from 'simple-oauth2'
+import type { AccessToken } from 'simple-oauth2'
 
-export type StateTargetType = 'login' | 'registration' | 'verification' | 'recovery'
+export type StateTargetType = 'login' | 'recovery' | 'registration' | 'verification'
 
 export interface State {
   nonce?: string
@@ -17,7 +17,7 @@ export interface HydraAuthorizationCodeClientOptions {
   clientSecret: string
   tokenHost: string
   redirectUri: string
-  scope?: string[]
+  scope?: Array<string>
 }
 
 export interface HydraAuthorizationCodeResult {

packages/hydra-oauth-client/package.json

@@ -1,3 +1,3 @@
-export * from './hydra-authorization-code.interfaces'
-export * from './hydra-authorization-code.client'
-export * from './state.utils'
+export * from './hydra-authorization-code.interfaces.js'
+export * from './hydra-authorization-code.client.js'
+export * from './state.utils.js'

packages/hydra-oauth-client/src/hydra-authorization-code.client.ts

@@ -1,11 +1,11 @@
-import { State } from './hydra-authorization-code.interfaces'
+import type { State } from './hydra-authorization-code.interfaces.js'
 
-export const serializeState = (state: State) =>
+export const serializeState = (state: State): string =>
   Buffer.from(JSON.stringify(state)).toString('base64')
 
 export const parseState = (state: string): State | null => {
   try {
-    return JSON.parse(Buffer.from(state, 'base64').toString())
+    return JSON.parse(Buffer.from(state, 'base64').toString()) as State
   } catch {
     // TODO: log error
 

packages/hydra-oauth-client/src/hydra-authorization-code.interfaces.ts

@@ -1,3 +1,7 @@
+import { describe } from '@jest/globals'
+import { expect }   from '@jest/globals'
+import { it }       from '@jest/globals'
+
 describe('stub', () => {
   it('should be false', () => {
     expect(false).toBeFalsy()

packages/hydra-oauth-client/src/index.ts

@@ -2,6 +2,7 @@
   "name": "@atls/kratos-session",
   "version": "0.0.1",
   "license": "BSD 3-Clause",
+  "type": "module",
   "main": "src/index.ts",
   "files": [
     "dist"
@@ -17,8 +18,8 @@
   },
   "devDependencies": {
     "@types/react": "18.2.22",
-    "@types/react-dom": "18.2.7",
-    "next": "13.5.2"
+    "@types/react-dom": "18.3.1",
+    "next": "13.5.7"
   },
   "publishConfig": {
     "access": "public",

packages/hydra-oauth-client/src/state.utils.ts

@@ -1,9 +1,9 @@
 import { Configuration } from '@ory/kratos-client'
 import { PublicApi }     from '@ory/kratos-client'
 
-let kratos
+let kratos: PublicApi
 
-export const getKratosClient = () => {
+export const getKratosClient = (): PublicApi => {
   if (!kratos) {
     kratos = new PublicApi(new Configuration({ basePath: process.env.KRATOS_PUBLIC_URL }))
   }

packages/hydra-oauth-client/src/stub.test.ts

@@ -1,10 +1,10 @@
-import type { NextApiRequest } from 'next'
+import type { Session }         from '@ory/kratos-client'
+import type { IncomingMessage } from 'http'
+import type { NextApiRequest }  from 'next'
 
-import { Logger }              from '@atls/logger'
-import { Session }             from '@ory/kratos-client'
-import { IncomingMessage }     from 'http'
+import { Logger }               from '@atls/logger'
 
-import { getKratosClient }     from './get-kratos.client'
+import { getKratosClient }      from './get-kratos.client.js'
 
 const logger = new Logger('getKratosSession')
 
@@ -30,11 +30,14 @@ export const getKratosSession = async (
     try {
       const kratos = getKratosClient()
 
+      // @ts-expect-error
+      // eslint-disable-next-line @typescript-eslint/no-unsafe-call
       const { data: session } = await kratos.whoami(cookie, authorization)
 
       if (session) {
         logger.debug(session)
 
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-return
         return session
       }
     } catch (error) {

packages/kratos-session/package.json

@@ -1,2 +1,2 @@
-export * from './get-kratos.session'
-export * from './get-kratos.client'
+export * from './get-kratos.session.js'
+export * from './get-kratos.client.js'