Migrating from Restify 4.x to Restify 5.x. Closes #47

README.md

@@ -34,8 +34,8 @@ var restify = require("restify");
 var restifyOAuth2 = require("restify-oauth2");
 
 var server = restify.createServer({ name: "My cool server", version: "1.0.0" });
-server.use(restify.authorizationParser());
-server.use(restify.bodyParser({ mapParams: false }));
+server.use(restify.plugins.authorizationParser());
+server.use(restify.plugins.bodyParser({ mapParams: false }));
 
 restifyOAuth2.cc(server, options);
 // or

examples/cc-with-scopes/server.js

@@ -25,8 +25,8 @@ var RESOURCES = Object.freeze({
     SCOPED: "/scoped"
 });
 
-server.use(restify.authorizationParser());
-server.use(restify.bodyParser({ mapParams: false }));
+server.use(restify.plugins.authorizationParser());
+server.use(restify.plugins.bodyParser({ mapParams: false }));
 restifyOAuth2.cc(server, { tokenEndpoint: RESOURCES.TOKEN, hooks: hooks });
 
 

examples/cc/server.js

@@ -24,8 +24,8 @@ var RESOURCES = Object.freeze({
     SECRET: "/secret"
 });
 
-server.use(restify.authorizationParser());
-server.use(restify.bodyParser({ mapParams: false }));
+server.use(restify.plugins.authorizationParser());
+server.use(restify.plugins.bodyParser({ mapParams: false }));
 restifyOAuth2.cc(server, { tokenEndpoint: RESOURCES.TOKEN, hooks: hooks });
 
 

examples/ropc/server.js

@@ -24,8 +24,8 @@ var RESOURCES = Object.freeze({
     SECRET: "/secret"
 });
 
-server.use(restify.authorizationParser());
-server.use(restify.bodyParser({ mapParams: false }));
+server.use(restify.plugins.authorizationParser());
+server.use(restify.plugins.bodyParser({ mapParams: false }));
 restifyOAuth2.ropc(server, { tokenEndpoint: RESOURCES.TOKEN, hooks: hooks });
 
 

lib/cc/grantToken.js

@@ -20,7 +20,7 @@ module.exports = function grantToken(req, res, next, options) {
 
         if (!token) {
             res.header("WWW-Authenticate", "Basic realm=\"Client ID and secret did not authenticate.\"");
-            return next(makeOAuthError("Unauthorized", "invalid_client", "Client ID and secret did not authenticate."));
+            return next(makeOAuthError("InvalidClient", "Client ID and secret did not authenticate."));
         }
 
         var allCredentials = { clientId: clientId, clientSecret: clientSecret, token: token };

lib/common/finishGrantingToken.js

@@ -9,7 +9,7 @@ module.exports = function finishGrantingToken(allCredentials, token, options, re
     if (_.has(req.body, "scope")) {
         if (typeof req.body.scope !== "string") {
             var message = "The scope value must be a space-delimited string, if present.";
-            return next(makeOAuthError("BadRequest", "invalid_scope", message));
+            return next(makeOAuthError("InvalidScope", message));
         }
         shouldIncludeScopeInResponse = true;
         scopesRequested = req.body.scope.split(" ");
@@ -23,7 +23,7 @@ module.exports = function finishGrantingToken(allCredentials, token, options, re
         if (!scopesGranted) {
             var message = "The requested scopes are invalid, unknown, or exceed the set of scopes appropriate for " +
                           "these credentials.";
-            return next(makeOAuthError("BadRequest", "invalid_scope", message));
+            return next(makeOAuthError("InvalidScope", message));
         }
 
         if (scopesGranted === true) {

lib/common/makeErrorSenders.js

@@ -1,6 +1,7 @@
 "use strict";
 
 var restify = require("restify");
+var errs = require("restify-errors");
 
 var statusCodesToErrorCodes = {
     400: "invalid_request",
@@ -55,15 +56,15 @@ module.exports = function makeErrorSenders(grantTypes) {
                 message = "Bearer token required. Follow the oauth2-token link to get one!";
             }
 
-            sendWithHeaders(res, next, options, new restify.BadRequestError(message));
+            sendWithHeaders(res, next, options, new errs.BadRequestError(message));
         },
 
         authenticationRequired: function (res, next, options, message) {
             if (message === undefined) {
                 message = "Authentication via bearer token required. Follow the oauth2-token link to get one!";
             }
 
-            sendAuthenticationRequired(res, next, options, new restify.UnauthorizedError(message));
+            sendAuthenticationRequired(res, next, options, new errs.UnauthorizedError(message));
         },
 
         insufficientAuthorization: function (res, next, options, message) {
@@ -72,15 +73,15 @@ module.exports = function makeErrorSenders(grantTypes) {
                           "authorization!";
             }
 
-            sendInsufficientAuthorization(res, next, options, new restify.ForbiddenError(message));
+            sendInsufficientAuthorization(res, next, options, new errs.ForbiddenError(message));
         },
 
         tokenInvalid: function (res, next, options, message) {
             if (message === undefined) {
                 message = "Bearer token invalid. Follow the oauth2-token link to get a valid one!";
             }
 
-            sendWithHeaders(res, next, options, new restify.UnauthorizedError(message));
+            sendWithHeaders(res, next, options, new errs.UnauthorizedError(message));
         }
     };
 };

lib/common/makeOAuthError.js

@@ -1,8 +1,28 @@
 "use strict";
 
 var restify = require("restify");
+var errs = require("restify-errors");
 
-module.exports = function makeOAuthError(errorClass, errorType, errorDescription) {
-    var body = { error: errorType, error_description: errorDescription };
-    return new restify[errorClass + "Error"]({ message: errorDescription, body: body });
+errs.makeConstructor('InvalidRequestError', {
+    statusCode: 400
+});
+
+errs.makeConstructor('InvalidScopeError', {
+    statusCode: 400
+});
+
+errs.makeConstructor('UnsupportedGrantTypeError', {
+    statusCode: 400
+});
+
+errs.makeConstructor('InvalidClientError', {
+    statusCode: 401
+});
+
+errs.makeConstructor('InvalidGrantError', {
+    statusCode: 401
+});
+
+module.exports = function makeOAuthError(errorClass, errorDescription) {
+    return new errs[errorClass + "Error"]({ message: errorDescription });
 };

lib/common/validateGrantTokenRequest.js

@@ -5,33 +5,32 @@ var makeOAuthError = require("./makeOAuthError");
 
 module.exports = function validateGrantTokenRequest(grantType, req, next) {
     function sendBadRequestError(type, description) {
-        next(makeOAuthError("BadRequest", type, description));
+      next(makeOAuthError(type, description));
     }
 
-
     if (!req.body || typeof req.body !== "object") {
-        sendBadRequestError("invalid_request", "Must supply a body.");
+        sendBadRequestError("InvalidRequest", "Must supply a body.");
         return false;
     }
 
     if (!_.has(req.body, "grant_type")) {
-        sendBadRequestError("invalid_request", "Must specify grant_type field.");
+        sendBadRequestError("InvalidRequest", "Must specify grant_type field.");
         return false;
     }
 
     if (req.body.grant_type !== grantType) {
-        sendBadRequestError("unsupported_grant_type", "Only grant_type=" + grantType + " is supported.");
+        sendBadRequestError("UnsupportedGrantType", "Only grant_type=" + grantType + " is supported.");
         return false;
     }
 
     if (!req.authorization || !req.authorization.basic) {
-        sendBadRequestError("invalid_request", "Must include a basic access authentication header.");
+        sendBadRequestError("InvalidRequest", "Must include a basic access authentication header.");
         return false;
     }
 
     if (_.has(req.body, "scope")) {
         if (typeof req.body.scope !== "string") {
-            sendBadRequestError("invalid_request", "Must specify a space-delimited string for the scope field.");
+            sendBadRequestError("InvalidRequest", "Must specify a space-delimited string for the scope field.");
             return false;
         }
     }

lib/ropc/grantToken.js

@@ -7,7 +7,7 @@ var makeOAuthError = require("../common/makeOAuthError");
 module.exports = function grantToken(req, res, next, options) {
     function sendUnauthorizedError(type, description) {
         res.header("WWW-Authenticate", "Basic realm=\"" + description + "\"");
-        next(makeOAuthError("Unauthorized", type, description));
+        next(makeOAuthError(type, description));
     }
 
 
@@ -19,11 +19,11 @@ module.exports = function grantToken(req, res, next, options) {
     var password = req.body.password;
 
     if (!username) {
-        return next(makeOAuthError("BadRequest", "invalid_request", "Must specify username field."));
+        return next(makeOAuthError("InvalidRequest", "Must specify username field."));
     }
 
     if (!password) {
-        return next(makeOAuthError("BadRequest", "invalid_request", "Must specify password field."));
+        return next(makeOAuthError("InvalidRequest", "Must specify password field."));
     }
 
     var clientId = req.authorization.basic.username;
@@ -36,7 +36,7 @@ module.exports = function grantToken(req, res, next, options) {
         }
 
         if (!result) {
-            return sendUnauthorizedError("invalid_client", "Client ID and secret did not validate.");
+            return sendUnauthorizedError("InvalidClient", "Client ID and secret did not validate.");
         }
 
         var allCredentials = { clientId: clientId, clientSecret: clientSecret, username: username, password: password };
@@ -46,7 +46,7 @@ module.exports = function grantToken(req, res, next, options) {
             }
 
             if (!token) {
-                return sendUnauthorizedError("invalid_grant", "Username and password did not authenticate.");
+                return sendUnauthorizedError("InvalidGrant", "Username and password did not authenticate.");
             }
 
             var allCredentials = {

package.json

@@ -32,15 +32,17 @@
     "underscore": "1.x"
   },
   "peerDependencies": {
-    "restify": "4.x"
+    "restify": "5.x",
+    "restify-errors": "5.x"
   },
   "devDependencies": {
     "api-easy": "^0.4.0",
     "chai": "^3.2.0",
     "coffee-script": "^1.9.3",
     "jshint": "^2.8.0",
     "mocha": "^2.2.5",
-    "restify": "^4.0",
+    "restify": "^5.0",
+    "restify-errors": "^5.0",
     "sinon": "^1.16.1",
     "sinon-chai": "^2.8.0",
     "vows": "^0.8.1"

test/cc-integration.coffee

@@ -65,8 +65,8 @@ suite
             .setHeader("Content-Type", "application/json")
             .post({ grant_type: "client_credentials" })
                 .expect(401)
-                .expect("should respond with error: invalid_client", (err, res, body) ->
-                    JSON.parse(body).should.have.property("error", "invalid_client")
+                .expect("should respond with error: InvalidClient", (err, res, body) ->
+                    JSON.parse(body).should.have.property("code", "InvalidClient")
                 )
         .undiscuss()
     .unpath().next()