Upgrade dependencies to fix security issues

.eslintrc

@@ -0,0 +1,41 @@
+{
+  "env": {
+    "es6": true,
+    "mocha": true,
+    "node": true
+  },
+  "parserOptions": {
+    "ecmaVersion": 2018
+  },
+  "globals": {
+    "Promise": true
+  },
+  "rules": {
+    "no-bitwise": 2,
+    "curly": 2,
+    "eqeqeq": 2,
+    "no-unused-expressions": 2,
+    "strict": 0,
+    "wrap-iife": [
+      2,
+      "any"
+    ],
+    "indent": [
+      2,
+      2,
+      {
+        "SwitchCase": 1
+      }
+    ],
+    "no-use-before-define": 0,
+    "new-cap": 2,
+    "no-caller": 2,
+    "require-yield": 2,
+    "quotes": [
+      2,
+      "single"
+    ],
+    "no-undef": 2,
+    "no-unused-vars": 2
+  }
+}

.travis.yml

@@ -1,13 +1,8 @@
 language: node_js
 
 node_js:
-  - 4
-  - 4.0
   - 6
-  - 6.0
-  - 7
-  - 7.0
   - 8
-  - 8.0
+  - 10
 
 sudo: false

examples/mongodb/model.js

@@ -90,16 +90,16 @@ module.exports.saveToken = function(token, client, user) {
   // Can't just chain `lean()` to `save()` as we did with `findOne()` elsewhere. Instead we use `Promise` to resolve the data.
   return new Promise( function(resolve,reject){
     accessToken.save(function(err,data){
-      if( err ) reject( err );
-      else resolve( data );
+      if( err ) {reject( err );}
+      else {resolve( data );}
     }) ;
   }).then(function(saveResult){
     // `saveResult` is mongoose wrapper object, not doc itself. Calling `toJSON()` returns the doc.
-    saveResult = saveResult && typeof saveResult == 'object' ? saveResult.toJSON() : saveResult;
+    saveResult = saveResult && typeof saveResult === 'object' ? saveResult.toJSON() : saveResult;
 
     // Unsure what else points to `saveResult` in oauth2-server, making copy to be safe
     var data = new Object();
-    for( var prop in saveResult ) data[prop] = saveResult[prop];
+    for( var prop in saveResult ) {data[prop] = saveResult[prop];}
 
     // /oauth-server/lib/models/token-model.js complains if missing `client` and `user`. Creating missing properties.
     data.client = data.clientId;

examples/postgresql/model.js

@@ -27,7 +27,7 @@ module.exports.getAccessToken = function(bearerToken) {
  * Get client.
  */
 
-module.exports.getClient = function *(clientId, clientSecret) {
+module.exports.getClient = function(clientId, clientSecret) {
   return pg.query('SELECT client_id, client_secret, redirect_uri FROM oauth_clients WHERE client_id = $1 AND client_secret = $2', [clientId, clientSecret])
     .then(function(result) {
       var oAuthClient = result.rows[0];
@@ -48,7 +48,7 @@ module.exports.getClient = function *(clientId, clientSecret) {
  * Get refresh token.
  */
 
-module.exports.getRefreshToken = function *(bearerToken) {
+module.exports.getRefreshToken = function(bearerToken) {
   return pg.query('SELECT access_token, access_token_expires_on, client_id, refresh_token, refresh_token_expires_on, user_id FROM oauth_tokens WHERE refresh_token = $1', [bearerToken])
     .then(function(result) {
       return result.rowCount ? result.rows[0] : false;
@@ -59,7 +59,7 @@ module.exports.getRefreshToken = function *(bearerToken) {
  * Get user.
  */
 
-module.exports.getUser = function *(username, password) {
+module.exports.getUser = function(username, password) {
   return pg.query('SELECT id FROM users WHERE username = $1 AND password = $2', [username, password])
     .then(function(result) {
       return result.rowCount ? result.rows[0] : false;
@@ -70,7 +70,7 @@ module.exports.getUser = function *(username, password) {
  * Save token.
  */
 
-module.exports.saveAccessToken = function *(token, client, user) {
+module.exports.saveAccessToken = function(token, client, user) {
   return pg.query('INSERT INTO oauth_tokens(access_token, access_token_expires_on, client_id, refresh_token, refresh_token_expires_on, user_id) VALUES ($1, $2, $3, $4)', [
     token.accessToken,
     token.accessTokenExpiresOn,