chore: Bump uuid from 3.3.3 to 9.0.0 (#830)

package.json

@@ -45,7 +45,7 @@
     "proxy-agent": "^5.0.0",
     "request": "^2.88.0",
     "url-template": "^2.0.8",
-    "uuid": "^3.3.3"
+    "uuid": "^9.0.0"
   },
   "devDependencies": {
     "@types/jest": "^27.1.5",
@@ -56,7 +56,7 @@
     "@types/request": "^2.48.5",
     "@types/shelljs": "^0.8.9",
     "@types/url-template": "^2.0.28",
-    "@types/uuid": "^8.3.0",
+    "@types/uuid": "^9.0.1",
     "better-docs": "^2.7.2",
     "chai": "^4.2.0",
     "doctoc": "^2.2.1",

src/token-manager.ts

@@ -9,7 +9,7 @@
 import Promise from 'bluebird';
 import httpStatusCodes from 'http-status';
 import jwt from 'jsonwebtoken';
-import uuid from 'uuid';
+import { v4 as uuidv4 } from 'uuid';
 import APIRequestManager from './api-request-manager';
 import errors from './util/errors';
 import getRetryTimeout from './util/exponential-backoff';
@@ -389,7 +389,7 @@ class TokenManager {
 			audience: BOX_JWT_AUDIENCE,
 			subject: id,
 			issuer: this.config.clientID,
-			jwtid: uuid.v4(),
+			jwtid: uuidv4(),
 			noTimestamp: !this.config.appAuth.verifyTimestamp,
 			keyid: this.config.appAuth.keyID,
 		};
@@ -486,7 +486,7 @@ class TokenManager {
 			}
 			// Add length of retry timeout to current expiration time to calculate the expiration time for the JTI claim.
 			claims.exp = Math.ceil(time + this.config.appAuth.expirationTime + retryTimeoutinSeconds);
-			jwtOptions.jwtid = uuid.v4();
+			jwtOptions.jwtid = uuidv4();
 
 			try {
 				params.assertion = jwt.sign(claims, keyParams, jwtOptions);
@@ -576,7 +576,7 @@ class TokenManager {
 				algorithm: 'none',
 				expiresIn: '1m',
 				noTimestamp: true,
-				jwtid: uuid.v4(),
+				jwtid: uuidv4(),
 			};
 
 			var token;

tests/integration_test/lib/utils.js

@@ -1,10 +1,10 @@
 'use strict';
 
-const uuid = require('uuid');
+const { v4: uuidv4 } = require('uuid');
 
-const randomName = () => uuid.v4();
+const randomName = () => uuidv4();
 
-const randomEmail = () => `${uuid.v4()}@box.com`;
+const randomEmail = () => `${uuidv4()}@box.com`;
 
 const deleteFilePermanently = async(client, fileID) => {
 	await client.files.delete(fileID);

tests/lib/token-manager-test.js

@@ -49,7 +49,13 @@ describe('token-manager', function() {
 		// Setup Dependencies
 		requestManagerFake = leche.fake(APIRequestManager.prototype);
 		jwtFake = leche.fake(jwt);
-		uuidFake = leche.fake(uuid);
+
+		// From uuid@7 uses `Object.defineProperty` to export the v4 function, which
+		// causes the function is not able to be stubbed out by sinon. We need to
+		// create a fake function that can be stubbed out.
+		uuidFake = {
+			v4: () => uuid.v4()
+		};
 
 		config = new Config({
 			clientID: BOX_CLIENT_ID,
@@ -440,7 +446,6 @@ describe('token-manager', function() {
 		});
 
 		it('should create JWT assertion with correct parameters when called', function() {
-
 			sandbox.useFakeTimers(100000);
 
 			sandbox.stub(uuidFake, 'v4').returns(TEST_JTI);