feat: uses create(de)Cipheriv instead of deprecated methods

BREAKING CHANGE: min node is 12.14.x, upgrades internal dependencies and hardens minimum
shared secret requirements. Introduces new token format of <version><iv><payload>, so that
in the future breaking changes are easier to mitigate. For back-compatibility introduces
ability to specify legacy secret with a length of 24, which is supported by createCipher/createDecipher.

Author: AVVS

.eslintrc

@@ -1,7 +1,6 @@
 {
   "extends": "makeomatic",
-  "parser": "babel-eslint",
   "rules": {
     "object-curly-newline": 0
-    }
+  }
 }

.mdeprc

@@ -1,3 +1,5 @@
 {
-  "node": "10.16.0"
+  "node": "12.14.1",
+  "auto_compose": true,
+  "with_local_compose": true
 }

.mocharc.json

@@ -0,0 +1,5 @@
+{
+  "require": "@babel/register",
+  "timeout": 10000,
+  "bail": true
+}

.releaserc.json

@@ -1,5 +1,5 @@
 {
-  "branch": "master",
+  "branches": ["master"],
   "analyzeCommits": {
     "preset": "angular",
     "releaseRules": [

README.md

@@ -40,7 +40,7 @@ const tokenManager = new TokenManager({
   },
   encrypt: {
     algorithm: 'aes256',
-    sharedSecret: Buffer.from('incredibly-long-secret'),
+    sharedSecret: Buffer.from('incredibly-long-secret-ooooohooo'),
   },
 });
 ```

package.json

@@ -30,43 +30,42 @@
   },
   "homepage": "https://github.com/makeomatic/ms-token#readme",
   "peerDependencies": {
-    "ioredis": "3.x.x || 4.x.x"
+    "ioredis": "4.x.x"
   },
   "engine": {
-    "node": ">= 8.9.0"
+    "node": ">= 12.14.0"
   },
   "devDependencies": {
-    "@babel/cli": "^7.4.4",
-    "@babel/core": "^7.4.5",
-    "@babel/plugin-proposal-class-properties": "^7.4.4",
-    "@babel/plugin-proposal-object-rest-spread": "^7.4.4",
-    "@babel/plugin-transform-strict-mode": "^7.2.0",
-    "@babel/register": "^7.4.4",
-    "@makeomatic/deploy": "^8.4.4",
-    "babel-eslint": "^10.0.2",
-    "babel-plugin-istanbul": "^5.1.4",
-    "codecov": "^3.5.0",
-    "cross-env": "^5.2.0",
-    "eslint": "^6.0.1",
-    "eslint-config-makeomatic": "^3.0.0",
-    "eslint-plugin-import": "^2.18.0",
-    "eslint-plugin-mocha": "^5.3.0",
+    "@babel/cli": "^7.8.3",
+    "@babel/core": "^7.8.3",
+    "@babel/plugin-proposal-class-properties": "^7.8.3",
+    "@babel/plugin-proposal-object-rest-spread": "^7.8.3",
+    "@babel/plugin-transform-strict-mode": "^7.8.3",
+    "@babel/register": "^7.8.3",
+    "@makeomatic/deploy": "^10.0.1",
+    "babel-plugin-istanbul": "^6.0.0",
+    "codecov": "^3.6.2",
+    "cross-env": "^6.0.3",
+    "eslint": "^6.8.0",
+    "eslint-config-makeomatic": "^4.0.0",
+    "eslint-plugin-import": "^2.20.0",
+    "eslint-plugin-mocha": "^6.2.2",
     "eslint-plugin-promise": "^4.2.1",
-    "ioredis": "^4.10.0",
-    "mocha": "^6.1.4",
-    "nyc": "^14.1.1",
-    "rimraf": "^2.6.3"
+    "ioredis": "^4.14.1",
+    "mocha": "^7.0.0",
+    "nyc": "^15.0.0",
+    "rimraf": "^3.0.0"
   },
   "dependencies": {
-    "@hapi/joi": "^15.0.0",
-    "base64-url": "^2.2.2",
-    "chance": "^1.0.18",
+    "@hapi/joi": "^17.1.0",
+    "base64-url": "^2.3.3",
+    "chance": "^1.1.4",
     "get-value": "^3.0.1",
-    "glob": "^7.1.4",
+    "glob": "^7.1.6",
     "is": "^3.3.0",
     "lodash.compact": "^3.0.1",
     "lodash.omit": "^4.5.0",
-    "uuid": "^3.3.2"
+    "uuid": "^3.4.0"
   },
   "files": [
     "src/",

src/actions/create.js

@@ -23,17 +23,19 @@ const schema = Joi
         .min(0)
         .max(Joi.ref('ttl')),
       Joi.boolean()
-        .only(true)
+        .valid(true)
     ),
 
     metadata: Joi.any(),
 
+    legacy: Joi.boolean().default(false),
+
     secret: Joi.alternatives()
       .try(
         Joi.boolean(),
         Joi.object({
           type: Joi.string()
-            .only(['alphabet', 'number', 'uuid'])
+            .valid('alphabet', 'number', 'uuid')
             .required(),
 
           alphabet: Joi.any()
@@ -45,16 +47,16 @@ const schema = Joi
 
           length: Joi.any()
             .when('type', {
-              is: Joi.string().only(['alphabet', 'number']),
+              is: Joi.string().valid('alphabet', 'number'),
               then: Joi.number().integer().min(1).required(),
               otherwise: Joi.forbidden(),
             }),
 
           encrypt: Joi.boolean()
             .when('type', {
               is: 'uuid',
-              then: Joi.default(true),
-              otherwise: Joi.default(false),
+              then: Joi.any().default(true),
+              otherwise: Joi.any().default(false),
             }),
         })
       )
@@ -63,7 +65,7 @@ const schema = Joi
     regenerate: Joi.boolean()
       .when('secret', {
         is: false,
-        then: Joi.only(false),
+        then: Joi.valid(false),
         otherwise: Joi.optional(),
       }),
   })
@@ -96,7 +98,7 @@ function getSecret(_secret) {
 module.exports = async function create(args) {
   const opts = Joi.attempt(args, schema);
 
-  const { action, id, ttl, metadata } = opts;
+  const { action, id, ttl, metadata, legacy } = opts;
   const throttle = getThrottle(opts.throttle, ttl);
   const uid = opts.regenerate ? uuid.v4() : false;
   const secret = getSecret(opts.secret);
@@ -125,7 +127,7 @@ module.exports = async function create(args) {
 
   if (secret) {
     settings.secret = secret;
-    output.secret = crypto.secret(this.encrypt, secret, { id, action, uid });
+    output.secret = await crypto.secret(this.encrypt, secret, { id, action, uid }, legacy);
   }
 
   await this.backend.create(settings, output);

src/actions/info.js

@@ -42,7 +42,7 @@ const schema = Joi.alternatives()
         .required(),
 
       encrypt: Joi.bool()
-        .only(true)
+        .valid(true)
         .required(),
     }),
 
@@ -59,7 +59,7 @@ const schema = Joi.alternatives()
         .required(),
 
       encrypt: Joi.bool()
-        .only(false)
+        .valid(false)
         .required(),
     })
   );

src/actions/regenerate.js

@@ -18,7 +18,7 @@ const schema = Joi.alternatives()
   );
 
 // helper function used to generate new secret
-const generateSecret = encrypt => (id, action, uid, secret) => (
+const generateSecret = (encrypt) => async (id, action, uid, secret) => (
   crypto.secret(encrypt, secret, { id, action, uid })
 );
 

src/actions/verify.js

@@ -33,15 +33,6 @@ const optsSchema = Joi.object({
     .default({}),
 });
 
-/**
- * Enriches error and includes args into it
- * @param  {Error} e
- */
-function enrichError(e) {
-  e.args = this;
-  throw e;
-}
-
 /**
  * Parses input options
  * @param  {Function}
@@ -83,12 +74,13 @@ function assertControlOptions(args, opts) {
  * @param  {Object} [_opts={}]
  * @return {Promise}
  */
-module.exports = async function create(_args, _opts = {}) {
+module.exports = async function verify(_args, _opts = {}) {
   const { args, opts } = parseInput(this.decrypt, _args, _opts);
   assertControlOptions(args, opts);
   try {
     return await this.backend.verify(args, opts);
   } catch (e) {
-    return enrichError.call(args, e);
+    e.args = args;
+    throw e;
   }
 };