fix closure memory leak in OAuth-provider

Author: lionelB

src/providers/oauth-provider.js

@@ -26,7 +26,6 @@ var requiredKeys = [
  */
 
 function OAuthProvider() {
-  var defaultConfig;
 
   /**
    * @private
@@ -72,9 +71,8 @@ function OAuthProvider() {
    *
    * @param {object} params - An `object` of params to extend.
    */
-  this.configure = function(params) {
-    defaultConfig = sanitizeConfigParams(params);
-    return defaultConfig;
+  this.configure = (params) => {
+    this.defaultConfig = sanitizeConfigParams(params);
   };
 
   /**
@@ -88,10 +86,8 @@ function OAuthProvider() {
        * Check if `OAuthProvider` is configured.
        */
 
-      constructor() {
-        if (!defaultConfig) {
-          throw new Error('`OAuthProvider` must be configured first.');
-        }
+      constructor(config) {
+        this.config = config;
       }
 
       /**
@@ -100,8 +96,7 @@ function OAuthProvider() {
        * @param {Object} params - An object of params to extend
        */
       configure(params) {
-        defaultConfig = sanitizeConfigParams(params);
-        return defaultConfig;
+        this.config = sanitizeConfigParams(params);
       }
 
 
@@ -127,12 +122,12 @@ function OAuthProvider() {
 
       getAccessToken(data, options) {
         data = angular.extend({
-          client_id: defaultConfig.clientId,
+          client_id: this.config.clientId,
           grant_type: 'password'
         }, data);
 
-        if (null !== defaultConfig.clientSecret) {
-          data.client_secret = defaultConfig.clientSecret;
+        if (null !== this.config.clientSecret) {
+          data.client_secret = this.config.clientSecret;
         }
 
         data = queryString.stringify(data);
@@ -144,7 +139,7 @@ function OAuthProvider() {
           }
         }, options);
 
-        return $http.post(`${defaultConfig.baseUrl}${defaultConfig.grantPath}`, data, options).then((response) => {
+        return $http.post(`${this.config.baseUrl}${this.config.grantPath}`, data, options).then((response) => {
           OAuthToken.setToken(response.data);
 
           return response;
@@ -162,13 +157,13 @@ function OAuthProvider() {
 
       getRefreshToken(data, options) {
         data = angular.extend({
-          client_id: defaultConfig.clientId,
+          client_id: this.config.clientId,
           grant_type: 'refresh_token',
           refresh_token: OAuthToken.getRefreshToken(),
         }, data);
 
-        if (null !== defaultConfig.clientSecret) {
-          data.client_secret = defaultConfig.clientSecret;
+        if (null !== this.config.clientSecret) {
+          data.client_secret = this.config.clientSecret;
         }
 
         data = queryString.stringify(data);
@@ -180,7 +175,7 @@ function OAuthProvider() {
           }
         }, options);
 
-        return $http.post(`${defaultConfig.baseUrl}${defaultConfig.grantPath}`, data, options).then((response) => {
+        return $http.post(`${this.config.baseUrl}${this.config.grantPath}`, data, options).then((response) => {
           OAuthToken.setToken(response.data);
 
           return response;
@@ -200,13 +195,13 @@ function OAuthProvider() {
         var refreshToken = OAuthToken.getRefreshToken();
 
         data = angular.extend({
-          client_id: defaultConfig.clientId,
+          client_id: this.config.clientId,
           token: refreshToken ? refreshToken : OAuthToken.getAccessToken(),
           token_type_hint: refreshToken ? 'refresh_token' : 'access_token'
         }, data);
 
-        if (null !== defaultConfig.clientSecret) {
-          data.client_secret = defaultConfig.clientSecret;
+        if (null !== this.config.clientSecret) {
+          data.client_secret = this.config.clientSecret;
         }
 
         data = queryString.stringify(data);
@@ -217,15 +212,15 @@ function OAuthProvider() {
           }
         }, options);
 
-        return $http.post(`${defaultConfig.baseUrl}${defaultConfig.revokePath}`, data, options).then((response) => {
+        return $http.post(`${this.config.baseUrl}${this.config.revokePath}`, data, options).then((response) => {
           OAuthToken.removeToken();
 
           return response;
         });
       }
     }
 
-    return new OAuth();
+    return new OAuth(this.defaultConfig);
   };
 
   this.$get.$inject = ['$http', 'OAuthToken'];

test/unit/providers/oauth-provider.spec.js

@@ -60,9 +60,10 @@ describe('OAuthProvider', function() {
     });
 
     it('should not throw an error if `clientSecret` param is empty', function() {
-      var config = provider.configure(_.omit(defaults, 'clientSecret'));
-
-      (null === config.clientSecret).should.true;
+      try {
+        provider.configure(_.omit(defaults, 'clientSecret'));
+        should.not.fail();
+      } catch(e) {}
     });
 
     it('should throw an error if `grantPath` param is empty', function() {
@@ -77,19 +78,19 @@ describe('OAuthProvider', function() {
     });
 
     it('should remove trailing slash from `baseUrl`', function() {
-      var config = provider.configure(_.defaults({
+      provider.configure(_.defaults({
         baseUrl: 'https://api.website.com/'
       }, defaults));
 
-      config.baseUrl.should.equal('https://api.website.com');
+      provider.defaultConfig.baseUrl.should.equal('https://api.website.com');
     });
 
     it('should add facing slash from `grantPath`', function() {
-      var config = provider.configure(_.defaults({
+      provider.configure(_.defaults({
         grantPath: 'oauth2/token'
       }, defaults));
 
-      config.grantPath.should.equal('/oauth2/token');
+      provider.defaultConfig.grantPath.should.equal('/oauth2/token');
     });
 
     it('should throw an error if `revokePath` param is empty', function() {
@@ -104,11 +105,11 @@ describe('OAuthProvider', function() {
     });
 
     it('should add facing slash from `revokePath`', function() {
-      var config = provider.configure(_.defaults({
+      provider.configure(_.defaults({
         revokePath: 'oauth2/revoke'
       }, defaults));
 
-      config.revokePath.should.equal('/oauth2/revoke');
+      provider.defaultConfig.revokePath.should.equal('/oauth2/revoke');
     });
   });
 
@@ -125,6 +126,11 @@ describe('OAuthProvider', function() {
     afterEach(inject(function(OAuthToken) {
       OAuthToken.removeToken();
     }));
+    describe('construtor', function() {
+      it('should set initialize config with data passed in configure', inject(function(OAuth) {
+        OAuth.config.should.eql(defaults);
+      }))
+    })
 
     describe('configure()', function() {
       it('should throw an error if configuration is not an object', inject(function(OAuth) {
@@ -161,9 +167,11 @@ describe('OAuthProvider', function() {
       }));
 
       it('should not throw an error if `clientSecret` param is empty', inject(function(OAuth) {
-        var config = OAuth.configure(_.omit(defaults, 'clientSecret'));
-
-        (null === config.clientSecret).should.true;
+        try{
+          OAuth.configure(_.omit(defaults, 'clientSecret'));
+          
+          should.not.fail();
+        } catch(e) {}
       }));
 
       it('should throw an error if `grantPath` param is empty', inject(function(OAuth) {
@@ -178,19 +186,19 @@ describe('OAuthProvider', function() {
       }));
 
       it('should remove trailing slash from `baseUrl`', inject(function(OAuth) {
-        var config = OAuth.configure(_.defaults({
+        OAuth.configure(_.defaults({
           baseUrl: 'https://api.website.com/'
         }, defaults));
 
-        config.baseUrl.should.equal('https://api.website.com');
+        OAuth.config.baseUrl.should.equal('https://api.website.com');
       }));
 
       it('should add facing slash from `grantPath`', inject(function(OAuth) {
-        var config = OAuth.configure(_.defaults({
+        OAuth.configure(_.defaults({
           grantPath: 'oauth2/token'
         }, defaults));
 
-        config.grantPath.should.equal('/oauth2/token');
+        OAuth.config.grantPath.should.equal('/oauth2/token');
       }));
 
       it('should throw an error if `revokePath` param is empty', inject(function(OAuth) {
@@ -205,11 +213,11 @@ describe('OAuthProvider', function() {
       }));
 
       it('should add facing slash from `revokePath`', inject(function(OAuth) {
-        var config = OAuth.configure(_.defaults({
+        OAuth.configure(_.defaults({
           revokePath: 'oauth2/revoke'
         }, defaults));
 
-        config.revokePath.should.equal('/oauth2/revoke');
+        OAuth.config.revokePath.should.equal('/oauth2/revoke');
       }));
     });