From 7bbed71885ef0a35277892394861e532e6250308 Mon Sep 17 00:00:00 2001 From: Leandro Costa Date: Sun, 21 Sep 2025 18:40:19 -0300 Subject: [PATCH 1/6] npm: audit fix --- package-lock.json | 204 +++++++++++++++++++++++++++++++++++++++++++--- package.json | 2 +- 2 files changed, 193 insertions(+), 13 deletions(-) diff --git a/package-lock.json b/package-lock.json index 07dab64..582172b 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "lhisp-oauth-client-dev", - "version": "1.0.20", + "version": "1.0.30", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "lhisp-oauth-client-dev", - "version": "1.0.20", + "version": "1.0.30", "license": "MIT", "dependencies": { "axios": "^1.10.0", @@ -1642,13 +1642,13 @@ } }, "node_modules/axios": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.10.0.tgz", - "integrity": "sha512-/1xYAC4MP/HEG+3duIhFr4ZQXR4sQXOIe+o6sdqzeykGLx6Upp/1p8MHqhINOvGeP7xyNHe7tsiJByc4SSVUxw==", + "version": "1.12.2", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.12.2.tgz", + "integrity": "sha512-vMJzPewAlRyOgxV2dU0Cuz2O8zzzx9VYtbJOaBgXFeLc4IV/Eg50n4LowmehOOR61S8ZMpc2K5Sa7g6A4jfkUw==", "license": "MIT", "dependencies": { "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", + "form-data": "^4.0.4", "proxy-from-env": "^1.1.0" } }, @@ -1776,9 +1776,9 @@ ] }, "node_modules/brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", + "version": "1.1.12", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz", + "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==", "license": "MIT", "dependencies": { "balanced-match": "^1.0.0", @@ -1883,6 +1883,19 @@ "dev": true, "license": "MIT" }, + "node_modules/call-bind-apply-helpers": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz", + "integrity": "sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==", + "license": "MIT", + "dependencies": { + "es-errors": "^1.3.0", + "function-bind": "^1.1.2" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/callsites": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz", @@ -2211,6 +2224,20 @@ "node": ">=8" } }, + "node_modules/dunder-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/dunder-proto/-/dunder-proto-1.0.1.tgz", + "integrity": "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==", + "license": "MIT", + "dependencies": { + "call-bind-apply-helpers": "^1.0.1", + "es-errors": "^1.3.0", + "gopd": "^1.2.0" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/eastasianwidth": { "version": "0.2.0", "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz", @@ -2271,6 +2298,51 @@ "is-arrayish": "^0.2.1" } }, + "node_modules/es-define-property": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.1.tgz", + "integrity": "sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==", + "license": "MIT", + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/es-errors": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", + "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", + "license": "MIT", + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/es-object-atoms": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/es-object-atoms/-/es-object-atoms-1.1.1.tgz", + "integrity": "sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==", + "license": "MIT", + "dependencies": { + "es-errors": "^1.3.0" + }, + "engines": { + "node": ">= 0.4" + } + }, + "node_modules/es-set-tostringtag": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz", + "integrity": "sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==", + "license": "MIT", + "dependencies": { + "es-errors": "^1.3.0", + "get-intrinsic": "^1.2.6", + "has-tostringtag": "^1.0.2", + "hasown": "^2.0.2" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/escalade": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz", @@ -2508,13 +2580,15 @@ } }, "node_modules/form-data": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", - "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.4.tgz", + "integrity": "sha512-KrGhL9Q4zjj0kiUt5OO4Mr/A/jlI2jDYs5eHBpYHPcBEVSiipAvn2Ko2HnPe20rmcuuvMHNdZFp+4IlGTMF0Ow==", "license": "MIT", "dependencies": { "asynckit": "^0.4.0", "combined-stream": "^1.0.8", + "es-set-tostringtag": "^2.1.0", + "hasown": "^2.0.2", "mime-types": "^2.1.12" }, "engines": { @@ -2542,6 +2616,15 @@ "node": "^8.16.0 || ^10.6.0 || >=11.0.0" } }, + "node_modules/function-bind": { + "version": "1.1.2", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", + "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", + "license": "MIT", + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/gensync": { "version": "1.0.0-beta.2", "resolved": "https://registry.npmjs.org/gensync/-/gensync-1.0.0-beta.2.tgz", @@ -2562,6 +2645,30 @@ "node": "6.* || 8.* || >= 10.*" } }, + "node_modules/get-intrinsic": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.3.0.tgz", + "integrity": "sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==", + "license": "MIT", + "dependencies": { + "call-bind-apply-helpers": "^1.0.2", + "es-define-property": "^1.0.1", + "es-errors": "^1.3.0", + "es-object-atoms": "^1.1.1", + "function-bind": "^1.1.2", + "get-proto": "^1.0.1", + "gopd": "^1.2.0", + "has-symbols": "^1.1.0", + "hasown": "^2.0.2", + "math-intrinsics": "^1.1.0" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/get-package-type": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz", @@ -2572,6 +2679,19 @@ "node": ">=8.0.0" } }, + "node_modules/get-proto": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/get-proto/-/get-proto-1.0.1.tgz", + "integrity": "sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==", + "license": "MIT", + "dependencies": { + "dunder-proto": "^1.0.1", + "es-object-atoms": "^1.0.0" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/get-stream": { "version": "6.0.1", "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-6.0.1.tgz", @@ -2642,6 +2762,18 @@ "node": ">=4" } }, + "node_modules/gopd": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz", + "integrity": "sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==", + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, "node_modules/graceful-fs": { "version": "4.2.11", "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz", @@ -2659,6 +2791,45 @@ "node": ">=8" } }, + "node_modules/has-symbols": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.1.0.tgz", + "integrity": "sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==", + "license": "MIT", + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/has-tostringtag": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/has-tostringtag/-/has-tostringtag-1.0.2.tgz", + "integrity": "sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==", + "license": "MIT", + "dependencies": { + "has-symbols": "^1.0.3" + }, + "engines": { + "node": ">= 0.4" + }, + "funding": { + "url": "https://github.com/sponsors/ljharb" + } + }, + "node_modules/hasown": { + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", + "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", + "license": "MIT", + "dependencies": { + "function-bind": "^1.1.2" + }, + "engines": { + "node": ">= 0.4" + } + }, "node_modules/html-escaper": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz", @@ -3698,6 +3869,15 @@ "tmpl": "1.0.5" } }, + "node_modules/math-intrinsics": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/math-intrinsics/-/math-intrinsics-1.1.0.tgz", + "integrity": "sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==", + "license": "MIT", + "engines": { + "node": ">= 0.4" + } + }, "node_modules/merge-stream": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz", diff --git a/package.json b/package.json index 14bc972..2106932 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "lhisp-oauth-client-dev", - "version": "1.0.30", + "version": "1.0.31", "main": "src/index", "types": "src/index.d.ts", "repository": { From 7c9c3edcaac302dac6c608977a9d820c451a1b2d Mon Sep 17 00:00:00 2001 From: Leandro Costa Date: Sun, 21 Sep 2025 19:09:26 -0300 Subject: [PATCH 2/6] feat: validate auth call --- package.json | 2 +- src/lhisp-oauth-client.ts | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index 2106932..8ddec11 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "lhisp-oauth-client-dev", - "version": "1.0.31", + "version": "1.0.32", "main": "src/index", "types": "src/index.d.ts", "repository": { diff --git a/src/lhisp-oauth-client.ts b/src/lhisp-oauth-client.ts index f8ddcb0..54816b7 100644 --- a/src/lhisp-oauth-client.ts +++ b/src/lhisp-oauth-client.ts @@ -128,6 +128,10 @@ export class LhispOauthClient { contentType: this.authContentType, }); const resp = await axios.request(authRequestOpt); + if (!resp?.data) { + logger.error({ message: "LhispOauthClient.getAccessToken", resp }); + throw new Error("Resposta inválida ao obter token de acesso."); + } this.accessToken = this.buildAccessToken(resp.data); this.tokenCreatedAt = new Date().getTime(); this.tokenExpiresIn = this.accessToken?.expires_in || this.tokenCreatedAt + 60000; From fcf57d8cd1f6b1efb1a0621cc631c41a37809754 Mon Sep 17 00:00:00 2001 From: Leandro Costa Date: Sun, 21 Sep 2025 20:06:25 -0300 Subject: [PATCH 3/6] feat: validate auth token --- package.json | 2 +- src/lhisp-oauth-client.ts | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index 8ddec11..27bb6b6 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "lhisp-oauth-client-dev", - "version": "1.0.32", + "version": "1.0.33", "main": "src/index", "types": "src/index.d.ts", "repository": { diff --git a/src/lhisp-oauth-client.ts b/src/lhisp-oauth-client.ts index 54816b7..a9f3e64 100644 --- a/src/lhisp-oauth-client.ts +++ b/src/lhisp-oauth-client.ts @@ -151,6 +151,10 @@ export class LhispOauthClient { return this.formatAccessToken(this.accessToken); } + if (!this.accessToken) { + throw new Error("Access Token não disponível."); + } + return `${this.accessToken?.token_type} ${this.accessToken?.access_token}`; } From 5b1699aff43337bd6b6aad23cd7c910dd65d6a90 Mon Sep 17 00:00:00 2001 From: Leandro Costa Date: Sun, 21 Sep 2025 20:21:35 -0300 Subject: [PATCH 4/6] feat: pass headers --- src/lhisp-oauth-client.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/lhisp-oauth-client.ts b/src/lhisp-oauth-client.ts index a9f3e64..d6c4ad6 100644 --- a/src/lhisp-oauth-client.ts +++ b/src/lhisp-oauth-client.ts @@ -176,14 +176,14 @@ export class LhispOauthClient { }; const response = await axios.request({ + ...opt, method, url: `${this.apiUrl}${path}`, httpsAgent: this.agent, - headers, + headers: { ...headers, ...opt.headers }, data, params, timeout: this.timeout, - ...opt, }); return response.data; From 5603323fe6e62cd4411ccb9826fa269624a76212 Mon Sep 17 00:00:00 2001 From: Leandro Costa Date: Sun, 21 Sep 2025 20:41:26 -0300 Subject: [PATCH 5/6] feat: parse headers --- package.json | 2 +- src/lhisp-oauth-client.ts | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/package.json b/package.json index 27bb6b6..e884514 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "lhisp-oauth-client-dev", - "version": "1.0.33", + "version": "1.0.34", "main": "src/index", "types": "src/index.d.ts", "repository": { diff --git a/src/lhisp-oauth-client.ts b/src/lhisp-oauth-client.ts index d6c4ad6..12aa603 100644 --- a/src/lhisp-oauth-client.ts +++ b/src/lhisp-oauth-client.ts @@ -164,15 +164,17 @@ export class LhispOauthClient { data, params, contentType = ContentType.APPLICATION_JSON, + headers, ...opt }: ExecutarRequestParams): Promise { try { await this.getAccessToken(); - const headers = { + const actualHeaders = { "Content-Type": contentType, [this.tokenHeaderName]: this.getAuthToken(), ...(this.headers || {}), + ...(headers || {}), }; const response = await axios.request({ @@ -180,7 +182,7 @@ export class LhispOauthClient { method, url: `${this.apiUrl}${path}`, httpsAgent: this.agent, - headers: { ...headers, ...opt.headers }, + headers: actualHeaders, data, params, timeout: this.timeout, From f8a6af2958fe910fee42589ec97eb3ff8a1caebd Mon Sep 17 00:00:00 2001 From: Leandro Costa Date: Sun, 21 Sep 2025 20:48:26 -0300 Subject: [PATCH 6/6] feat: headers --- package.json | 2 +- src/lhisp-oauth-client.ts | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index e884514..9c554ee 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "lhisp-oauth-client-dev", - "version": "1.0.34", + "version": "1.0.35", "main": "src/index", "types": "src/index.d.ts", "repository": { diff --git a/src/lhisp-oauth-client.ts b/src/lhisp-oauth-client.ts index 12aa603..1b5b2d8 100644 --- a/src/lhisp-oauth-client.ts +++ b/src/lhisp-oauth-client.ts @@ -164,17 +164,17 @@ export class LhispOauthClient { data, params, contentType = ContentType.APPLICATION_JSON, - headers, + headers: paramsHeaders, ...opt }: ExecutarRequestParams): Promise { try { await this.getAccessToken(); - const actualHeaders = { + const headers = { "Content-Type": contentType, [this.tokenHeaderName]: this.getAuthToken(), ...(this.headers || {}), - ...(headers || {}), + ...(paramsHeaders || {}), }; const response = await axios.request({ @@ -182,7 +182,7 @@ export class LhispOauthClient { method, url: `${this.apiUrl}${path}`, httpsAgent: this.agent, - headers: actualHeaders, + headers, data, params, timeout: this.timeout,