OAuth2-Introspect plugin was always using the same passport strategy

.eslintrc

@@ -26,6 +26,7 @@
       "always"
     ],
     "no-console": "warn",
+    "no-prototype-builtins": "off",
     "prefer-const": "error",
     "node/no-deprecated-api": [
       "error",

bin/generators/credentials/create.js

@@ -14,9 +14,9 @@ module.exports = class extends eg.Generator {
         yargs
           .usage(`Usage: $0 ${process.argv[2]} create [options]`)
           .example(`$0 ${process.argv[2]} create -c jdoe -t key-auth`)
-          .example(`echo '{"consumer":"jdoe", "type": "key-auth"}'` +
+          .example('echo \'{"consumer":"jdoe", "type": "key-auth"}\'' +
             `| $0 ${process.argv[2]} create --stdin`)
-          .example(`echo '{"consumer":"jdoe", "type": "key-auth", "scopes":["existingScope"]}'` +
+          .example('echo \'{"consumer":"jdoe", "type": "key-auth", "scopes":["existingScope"]}\'' +
             `| $0 ${process.argv[2]} create --stdin`)
           .example(`cat all_apps.json | $0 ${process.argv[2]} create --stdin`)
           .example(`$0 ${process.argv[2]} create -u jdoe -p 'scopes=existingScope'`)

bin/generators/users/list.js

@@ -14,6 +14,7 @@ module.exports = class extends eg.Generator {
           .example(`$0 ${process.argv[2]} list`)
     });
   }
+
   prompting () {
     return this.admin.users.list({ all: this.argv.a })
       .then(data => {

lib/conditions/index.js

@@ -18,7 +18,7 @@ function register({ type = 'condition', name, handler, schema }) {
     }
 
     logger.error(`Condition ${chalk.default.red.bold(name)} config validation failed: ${validationResult.error}`);
-    throw new Error(`CONDITION_PARAMS_VALIDATION_FAILED`);
+    throw new Error('CONDITION_PARAMS_VALIDATION_FAILED');
   };
 }
 

lib/plugin-installer.js

@@ -129,7 +129,8 @@ class PluginInstaller {
   updateConfigurationFiles ({
     pluginOptions,
     enablePlugin,
-    addPoliciesToWhitelist }) {
+    addPoliciesToWhitelist
+  }) {
     // WARNING (kevinswiber): Updating YAML while maintaining presentation
     // style is not easy.  We're using the YAWN library here, which has
     // a decent approach given the current state of available YAML parsers,

lib/policies/index.js

@@ -16,7 +16,7 @@ const register = (policyOptions) => {
     }
 
     logger.error(`Policy ${chalk.default.red.bold(name)} params validation failed: ${validationResult.error}`);
-    throw new Error(`POLICY_PARAMS_VALIDATION_FAILED`);
+    throw new Error('POLICY_PARAMS_VALIDATION_FAILED');
   };
 
   policies[name] = policyOptions;

lib/policies/jwt/extractors.js

@@ -1,8 +1,8 @@
 const passportJWT = require('passport-jwt');
 
 module.exports = {
-  'header': passportJWT.ExtractJwt.fromHeader,
-  'query': passportJWT.ExtractJwt.fromUrlQueryParameter,
-  'authScheme': passportJWT.ExtractJwt.fromAuthHeaderWithScheme,
-  'authBearer': passportJWT.ExtractJwt.fromAuthHeaderAsBearerToken
+  header: passportJWT.ExtractJwt.fromHeader,
+  query: passportJWT.ExtractJwt.fromUrlQueryParameter,
+  authScheme: passportJWT.ExtractJwt.fromAuthHeaderWithScheme,
+  authBearer: passportJWT.ExtractJwt.fromAuthHeaderAsBearerToken
 };

lib/policies/oauth2-introspect/oauth2-introspect.js

@@ -1,13 +1,15 @@
 const tokenIntrospectionGenerator = require('./token-introspector');
 const BearerStrategy = require('passport-http-bearer');
 const passport = require('passport');
+const uuid = require('uuid/v4');
 
 module.exports = function (actionParams) {
   actionParams.session = false;
   const scannedTokens = [];
   const tokenIntrospection = tokenIntrospectionGenerator(actionParams);
+  const strategyName = `bearer-introspect-${uuid()}`;
 
-  passport.use('bearer-introspect', new BearerStrategy({ passReqToCallback: true }, (req, accessToken, done) => {
+  passport.use(strategyName, new BearerStrategy({ passReqToCallback: true }, (req, accessToken, done) => {
     const requestedScopes = req.egContext.apiEndpoint.scopes;
 
     const scopeCheck = (tokenData, done) => {
@@ -34,6 +36,6 @@ module.exports = function (actionParams) {
   }));
 
   return (req, res, next) => {
-    passport.authenticate('bearer-introspect', actionParams, actionParams.getCommonAuthCallback(req, res, next))(req, res, next);
+    passport.authenticate(strategyName, actionParams, actionParams.getCommonAuthCallback(req, res, next))(req, res, next);
   };
 };

lib/policies/oauth2/index.js

@@ -13,7 +13,7 @@ module.exports = {
       {
         type: 'object',
         properties: {
-          jwt: { '$ref': 'jwt.json' }
+          jwt: { $ref: 'jwt.json' }
         }
       }]
   }

lib/policies/oauth2/oauth2.js

@@ -110,7 +110,7 @@ function authenticateLocal(req, clientId, clientSecret, done) {
             return done(null, false);
           }
 
-          delete req.headers['authorization'];
+          delete req.headers.authorization;
           return done(null, consumer);
         });
     })

lib/policies/request-transformer/schema.js

@@ -23,8 +23,8 @@ module.exports = {
     }
   },
   properties: {
-    headers: { '$ref': '#/definitions/addRemove' },
-    body: { '$ref': '#/definitions/addRemove' }
+    headers: { $ref: '#/definitions/addRemove' },
+    body: { $ref: '#/definitions/addRemove' }
   },
   anyOf: [{ required: ['headers'] }, { required: ['body'] }]
 };

lib/services/consumers/application.dao.js

@@ -106,11 +106,11 @@ dao.getAllAppIdsByUser = function (userId) {
 };
 
 dao.activate = function (id) {
-  return db.hmset(appHashKey(id), { 'isActive': 'true', 'updatedAt': String(new Date()) });
+  return db.hmset(appHashKey(id), { isActive: 'true', updatedAt: String(new Date()) });
 };
 
 dao.deactivate = function (id) {
-  return db.hmset(appHashKey(id), { 'isActive': 'false', 'updatedAt': String(new Date()) });
+  return db.hmset(appHashKey(id), { isActive: 'false', updatedAt: String(new Date()) });
 };
 
 dao.deactivateAll = function (userId) {

lib/services/credentials/credential.dao.js

@@ -134,11 +134,11 @@ dao.getCredential = function (id, type) {
 };
 
 dao.activateCredential = function (id, type) {
-  return db.hmset(buildIdKey(type, id), { 'isActive': 'true', 'updatedAt': String(new Date()) });
+  return db.hmset(buildIdKey(type, id), { isActive: 'true', updatedAt: String(new Date()) });
 };
 
 dao.deactivateCredential = function (id, type) {
-  return db.hmset(buildIdKey(type, id), { 'isActive': 'false', 'updatedAt': String(new Date()) });
+  return db.hmset(buildIdKey(type, id), { isActive: 'false', updatedAt: String(new Date()) });
 };
 
 dao.removeCredential = function (id, type) {

lib/services/credentials/credential.service.js

@@ -101,7 +101,7 @@ s.insertCredential = function (id, type, credentialDetails) {
     ])
       .then(([scopes, { hash, password }, credentialProps]) => {
         if (scopes) {
-          newCredential['scopes'] = JSON.stringify(scopes);
+          newCredential.scopes = JSON.stringify(scopes);
         }
         newCredential[credentialConfig.properties.passwordKey.default] = hash;
         delete credentialProps[credentialConfig.properties.passwordKey.default];
@@ -287,20 +287,20 @@ function validateAndHashPassword (credentialConfig, credentialDetails) {
 }
 
 function validateNewCredentialScopes (credentialConfig, credentialDetails) {
-  if (!credentialConfig.properties || !credentialConfig.properties['scopes']) {
+  if (!credentialConfig.properties || !credentialConfig.properties.scopes) {
     return Promise.resolve(null);
   }
 
-  if (credentialDetails['scopes']) {
-    return validateExistingScopes(credentialDetails['scopes']);
+  if (credentialDetails.scopes) {
+    return validateExistingScopes(credentialDetails.scopes);
   }
 
   if (credentialConfig.required && credentialConfig.required.includes('scopes')) {
     throw new Error('scopes are required'); // TODO: replace with validation error
   }
 
-  if (credentialConfig.properties['scopes'].default) {
-    return Promise.resolve(credentialConfig.properties['scopes'].default);
+  if (credentialConfig.properties.scopes.default) {
+    return Promise.resolve(credentialConfig.properties.scopes.default);
   }
 
   return Promise.resolve(null);