.eslintignore

@@ -1,3 +1,4 @@
 build/
 node_modules/
-docs/
+docs/
+_docpress

CHANGELOG.md

@@ -8,6 +8,34 @@ adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased] - xxxx-xx-xx
 
+## [v1.21.1] - 2024-05-27
+
+### Fixed
+
+- Bug: SDK failed to send any extended data if it had a key `length` with a
+  number type value. [#199](https://github.com/sharetribe/flex-sdk-js/pull/199)
+
+## [v1.21.0] - 2024-05-20
+
+### Added
+
+- Add a new function `loginAs`. The function takes a single parameter, `code`,
+  which is the authorization code to use. This function should be used to do
+  "Login As" instead of using `login` function with `code`.
+  [#196](https://github.com/sharetribe/flex-sdk-js/pull/196)
+- Add a new key `isLoggedInAs` to the return value of the `authInfo`. The value
+  is boolean where `true` indicates that "Login As" was used. Applications
+  should use this value to check if "Login As" was used instead of examining the
+  token scopes. [#196](https://github.com/sharetribe/flex-sdk-js/pull/196)
+- Add a new configuration option `disableDeprecationWarnings`
+  [#196](https://github.com/sharetribe/flex-sdk-js/pull/196)
+
+### Deprecated
+
+- Using the `login` function to do "Login As", i.e. logging in with `code`
+  instead of `username` and `password` is deprecated in favor of a newly added
+  `loginAs` function. [#196](https://github.com/sharetribe/flex-sdk-js/pull/196)
+
 ## [v1.20.1] - 2024-02-15
 
 ### Fixed
@@ -298,15 +326,17 @@ See: https://www.npmjs.com/package/sharetribe-flex-sdk
   to prepare for publishing to NPM. Remember to check your existing
   imports!
 
-[unreleased]: https://github.com/sharetribe/flex-sdk-js/compare/v1.20.1...HEAD
-
-[v1.20.1]: https://github.com/sharetribe/flex-sdk-js/compare/v1.20.0...v1.20.1]
-[v1.20.0]: https://github.com/sharetribe/flex-sdk-js/compare/v1.19.0...v1.20.0]
-[v1.19.0]: https://github.com/sharetribe/flex-sdk-js/compare/v1.18.1...v1.19.0]
-[v1.18.1]: https://github.com/sharetribe/flex-sdk-js/compare/v1.18.0...v1.18.1]
-[v1.18.0]: https://github.com/sharetribe/flex-sdk-js/compare/v1.17.0...v1.18.0]
-[v1.17.0]: https://github.com/sharetribe/flex-sdk-js/compare/v1.16.0...v1.17.0]
-[v1.16.0]: https://github.com/sharetribe/flex-sdk-js/compare/v1.15.0...v1.16.0]
+[unreleased]: https://github.com/sharetribe/flex-sdk-js/compare/v1.21.1...HEAD
+
+[v1.21.1]: https://github.com/sharetribe/flex-sdk-js/compare/v1.21.0...v1.21.1
+[v1.21.0]: https://github.com/sharetribe/flex-sdk-js/compare/v1.20.1...v1.21.0
+[v1.20.1]: https://github.com/sharetribe/flex-sdk-js/compare/v1.20.0...v1.20.1
+[v1.20.0]: https://github.com/sharetribe/flex-sdk-js/compare/v1.19.0...v1.20.0
+[v1.19.0]: https://github.com/sharetribe/flex-sdk-js/compare/v1.18.1...v1.19.0
+[v1.18.1]: https://github.com/sharetribe/flex-sdk-js/compare/v1.18.0...v1.18.1
+[v1.18.0]: https://github.com/sharetribe/flex-sdk-js/compare/v1.17.0...v1.18.0
+[v1.17.0]: https://github.com/sharetribe/flex-sdk-js/compare/v1.16.0...v1.17.0
+[v1.16.0]: https://github.com/sharetribe/flex-sdk-js/compare/v1.15.0...v1.16.0
 [v1.15.0]: https://github.com/sharetribe/flex-sdk-js/compare/v1.14.1...v1.15.0
 [v1.14.1]: https://github.com/sharetribe/flex-sdk-js/compare/v1.14.0...v1.14.1
 [v1.14.0]: https://github.com/sharetribe/flex-sdk-js/compare/v1.13.0...v1.14.0

CONTRIBUTING.md

@@ -0,0 +1,34 @@
+# Contributing to Sharetribe
+
+First of all, thank you for your interest in Sharetribe!
+
+Before you spend time working on Sharetribe repositories, please read over our
+guidelines:
+
+## Reporting issues :+1:
+
+Issue reports are welcome! Please use the repository's issue template, if
+provided.
+
+## Bug fixes :+1:
+
+If you encounter an issue caused by a bug in the code and can fix it in a simple
+and backward-compatible way, you can open a PR for the bug fix.
+
+If you are unsure that a bug causes the issue, or if the fix to it is not simple
+or may cause breakage for the users of the repository, please open a new Issue
+to discuss it first.
+
+## Code refactoring :-1:
+
+By default, we do not accept Pull Requests that do only code refactoring.
+
+If you have a refactoring idea that you think should be implemented, please open
+a new Issue to discuss it first.
+
+## New features :-1:
+
+By default, we do not accept Pull Requests that add new features.
+
+If you have an idea for a new feature that you think should be implemented,
+please open a new Issue to discuss it first.

README.md

@@ -2,7 +2,7 @@
 
 Use Sharetribe Marketplace API with ease.
 
-[![CircleCI](https://circleci.com/gh/sharetribe/flex-sdk-js.svg?style=svg&circle-token=f2209b7cd8300d10f73d359072d7f03f81bff8f4)](https://circleci.com/gh/sharetribe/flex-sdk-js)
+[![CircleCI](https://dl.circleci.com/status-badge/img/gh/sharetribe/flex-sdk-js/tree/master.svg?style=svg)](https://dl.circleci.com/status-badge/redirect/gh/sharetribe/flex-sdk-js/tree/master)
 
 ## Table of Contents
 

build/sharetribe-flex-sdk-web.js.LICENSE.txt

@@ -0,0 +1,14 @@
+/*!
+ * JavaScript Cookie v2.2.1
+ * https://github.com/js-cookie/js-cookie
+ *
+ * Copyright 2006, 2015 Klaus Hartl & Fagner Brack
+ * Released under the MIT license
+ */
+
+/*!
+ * The buffer module from node.js, for the browser.
+ *
+ * @author   Feross Aboukhadijeh <feross@feross.org> <http://feross.org>
+ * @license  MIT
+ */

docs/authentication.md

@@ -24,6 +24,16 @@ the session information may not be saved after successful login. In
 this case, you should configure the SDK to use [memory-based token
 store](./token-store.md#memory-store).
 
+## Login As
+
+**`sdk.loginAs({ code: string, redirect_uri: string, code_verifier: string }) : Promise`**
+
+Logs in the marketplace operator as the marketplace user and returns a Promise.
+
+The session information will be saved to the SDK instance when the
+Promise is resolved. Subsequent requests will be made as the logged in
+user.
+
 ## Login with IdP
 
 **`sdk.loginWithIdp({ idpId: string, idpClientId: string, idpToken: string }) : Promise`**
@@ -45,10 +55,11 @@ user.
 
 **`sdk.authInfo() : Promise(Object)`**
 
-Returns a Promise with an Object as a value. The object may contain two fields:
+Returns a Promise with an Object as a value. The object may contain the following fields:
 
 - `scopes`: an array containing the scopes associated with the currently stored token
 - `isAnonymous`: a boolean denoting if the currently stored token only allows public read access
+- `isLoggedInAs`: a boolean denoting if the marketplace operator is logged in as a marketplace user
 
 To determine if the user is logged in, check if `isAnonymous` equals
 `false`.

docs/configurations.md

@@ -95,7 +95,12 @@ var sdk = sharetribeSdk.createInstance({
   // but if you know what you are doing, and you have secured the website properly so
   // that Client Secret is not leaked, you can suppress the warning by setting this
   // to `true`.
-  dangerouslyAllowClientSecretInBrowser: false
+  dangerouslyAllowClientSecretInBrowser: false,
 
+  // Disables deprecation warnings.
+  //
+  // Deprecation warnings are printed with `console.warn` if `console.warn`
+  // is available. Setting this value to `true` will suppress those warnings.
+  disableDeprecationWarnings: false
 });
 ```

docs/developing-sdk.md

@@ -55,14 +55,18 @@ $ yarn run build-docs
 #### Update the Github Pages
 
 ```sh
+$ git checkout master
 $ yarn run build
 $ cp build/sharetribe-flex-sdk-web.js docs/sharetribe-flex-sdk-web.js
 $ yarn run build-docs
 $ mv _docpress ../
 $ git checkout gh-pages
 $ cp -r ../_docpress/* ./
 $ rm -r ../_docpress
-$ // git add, commit, push
+$ git add .
+$ git commit -m "Update docs"
+$ git push --force
+$ git checkout master
 ```
 
 #### Release a new version to NPM

package.json

@@ -1,6 +1,6 @@
 {
   "name": "sharetribe-flex-sdk",
-  "version": "1.20.1",
+  "version": "1.21.1",
   "description": "Sharetribe SDK for JavaScript",
   "main": "build/sharetribe-flex-sdk-node.js",
   "browser": "build/sharetribe-flex-sdk-web.js",
@@ -54,7 +54,7 @@
     "jest": "^29.7.0",
     "open": "^7.0.2",
     "prettier": "^1.14.0",
-    "webpack": "^4.46.0",
+    "webpack": "^4.47.0",
     "webpack-cli": "^4.10.0"
   },
   "dependencies": {
@@ -65,7 +65,9 @@
     "transit-js": "^0.8.861"
   },
   "resolutions": {
-    "docpress/**/lodash": "^4.17.10"
+    "docpress/**/lodash": "^4.17.10",
+    "terser-webpack-plugin": "^4.2.3",
+    "chokidar": "^3.6.0"
   },
   "babel": {
     "plugins": [

src/fake/token_store.js

@@ -202,6 +202,7 @@ const createTokenStore = () => {
           refresh_token: generateRefreshToken(username),
           token_type: 'bearer',
           expires_in: 86400,
+          // TODO missing `scope`
         },
         user: {
           username,

src/interceptors/add_authorization_code_grant_type_to_params.js

@@ -0,0 +1,13 @@
+/**
+   Add `authorization_code` value to `params.grantType`
+
+   Changes to `ctx`:
+
+   - Add `authorization_code` value to `params.grantType`
+ */
+
+export default class AddAuthorizationCodeGrantTypeToParams {
+  enter({ params, ...ctx }) {
+    return { ...ctx, params: { grant_type: 'authorization_code', ...params } };
+  }
+}

src/interceptors/add_grant_type_to_params.js

@@ -6,6 +6,9 @@
 
    - add `params.grant_type`
  */
+
+import { deprecated } from '../utils';
+
 export default class AddGrantTypeToParams {
   enter({ params, ...ctx }) {
     const { username, password, code } = params;
@@ -15,6 +18,11 @@ export default class AddGrantTypeToParams {
     }
 
     if (code) {
+      deprecated(
+        'Using sdk.login to login as a user is deprecated. Use sdk.loginAs instead.',
+        ctx.disableDeprecationWarnings
+      );
+
       return { ...ctx, params: { grant_type: 'authorization_code', ...params } };
     }
 

src/interceptors/add_is_logged_in_as_to_context.js

@@ -0,0 +1,13 @@
+/**
+   Add isLoggedInAs true to context.
+
+   Changes to `ctx`:
+
+   - add `isLoggedInAs`
+ */
+
+export default class AddIsLoggedInAsToContext {
+  enter(ctx) {
+    return { ...ctx, isLoggedInAs: true };
+  }
+}

src/interceptors/add_is_logged_in_as_to_context_from_params.js

@@ -0,0 +1,22 @@
+/**
+   See if `code` is passed as a parameter and if yes, store isLoggedInAs true to
+   context.
+
+   Changes to `ctx`:
+
+   - add `isLoggedInAs`
+
+   Deprecated: login as user should use loginAs method.
+ */
+
+export default class AddIsLoggedInAsToContextFromParams {
+  enter(ctx) {
+    const { code } = ctx.params;
+
+    if (code) {
+      return { ...ctx, isLoggedInAs: !!code };
+    }
+
+    return ctx;
+  }
+}

src/interceptors/auth_info.js

@@ -5,7 +5,8 @@
    - scopes: list of scopes associated with the access token in store
    - isAnonymous: boolean value indicating if the access token only grants
      access to publicly read data from API
-
+   - isLoggedInAs: boolean value indicating that the operator has logged in as
+     a marketplace user
 
    Changes to `ctx`:
 
@@ -22,6 +23,7 @@ export default class AuthInfo {
         .then(storedToken => {
           if (storedToken) {
             const tokenScope = storedToken.scope;
+            const { isLoggedInAs } = storedToken;
 
             if (tokenScope) {
               const scopes = tokenScope.split(' ');
@@ -31,14 +33,17 @@ export default class AuthInfo {
               // that rely on this attribute
               const grantType = isAnonymous ? 'client_credentials' : 'refresh_token';
 
-              return { ...ctx, res: { scopes, isAnonymous, grantType } };
+              return {
+                ...ctx,
+                res: { scopes, isAnonymous, grantType, isLoggedInAs: !!isLoggedInAs },
+              };
             }
 
             // Support old tokens that are stored in the client's token store
             // and possibly do not have the scope attribute
             const isAnonymous = !storedToken.refresh_token;
             const grantType = isAnonymous ? 'client_credentials' : 'refresh_token';
-            return { ...ctx, res: { isAnonymous, grantType } };
+            return { ...ctx, res: { isAnonymous, grantType, isLoggedInAs: !!isLoggedInAs } };
           }
 
           return { ...ctx, res: {} };

src/interceptors/multipart_request.js

@@ -1,4 +1,5 @@
 import _ from 'lodash';
+import { entries } from '../utils';
 
 /**
    Takes `params` from `ctx` and converts to `FormData`
@@ -17,14 +18,11 @@ export default class MultipartRequest {
         );
       }
 
-      const formDataObj = _.reduce(
-        params,
-        (fd, val, key) => {
-          fd.append(key, val);
-          return fd;
-        },
-        new FormData()
-      );
+      const formDataObj = entries(params).reduce((fd, entry) => {
+        const [key, val] = entry;
+        fd.append(key, val);
+        return fd;
+      }, new FormData());
       /* eslint-enable no-undef */
 
       return { params: formDataObj, ...ctx };

src/interceptors/save_token.js

@@ -1,17 +1,19 @@
 /**
-   On `leave` phase, take `authToken` from `ctx` and save it to tokenStore
+   On `leave` phase, take `authToken` from `ctx` and save it to tokenStore.
+
+   Stores also the `isLoggedInAs` alongside with the auth token.
 
    Changes to `ctx`:
 
    - None
 */
 export default class SaveToken {
   leave(ctx) {
-    const { authToken, tokenStore } = ctx;
+    const { authToken, tokenStore, isLoggedInAs } = ctx;
 
     if (tokenStore) {
       return Promise.resolve()
-        .then(() => tokenStore.setToken(authToken))
+        .then(() => tokenStore.setToken({ ...authToken, isLoggedInAs }))
         .then(() => ctx);
     }
 

src/sdk.js

@@ -18,7 +18,10 @@ import FetchAuthTokenFromStore from './interceptors/fetch_auth_token_from_store'
 import AddClientIdToParams from './interceptors/add_client_id_to_params';
 import AddClientSecretToParams from './interceptors/add_client_secret_to_params';
 import AddSubjectTokenToParams from './interceptors/add_subject_token_to_params';
+import AddIsLoggedInAsToContextFromParams from './interceptors/add_is_logged_in_as_to_context_from_params';
+import AddIsLoggedInAsToContext from './interceptors/add_is_logged_in_as_to_context';
 import AddGrantTypeToParams from './interceptors/add_grant_type_to_params';
+import AddAuthorizationCodeGrantTypeToParams from './interceptors/add_authorization_code_grant_type_to_params';
 import AddTokenExchangeGrantTypeToParams from './interceptors/add_token_exchange_grant_type_to_params';
 import AddScopeToParams from './interceptors/add_scope_to_params';
 import AuthInfo from './interceptors/auth_info';
@@ -45,6 +48,7 @@ const defaultSdkConfig = {
   httpAgent: null,
   httpsAgent: null,
   transitVerbose: false,
+  disableDeprecationWarnings: false,
 };
 
 /**
@@ -122,11 +126,20 @@ const authenticateInterceptors = [
 const loginInterceptors = [
   new AddClientIdToParams(),
   new AddGrantTypeToParams(),
+  new AddIsLoggedInAsToContextFromParams(),
   new AddScopeToParams(),
   new SaveToken(),
   new AddAuthTokenResponse(),
 ];
 
+const loginAsInterceptors = [
+  new AddClientIdToParams(),
+  new AddAuthorizationCodeGrantTypeToParams(),
+  new AddIsLoggedInAsToContext(),
+  new SaveToken(),
+  new AddAuthTokenResponse(),
+];
+
 const logoutInterceptors = [
   new FetchAuthTokenFromStore(),
   new ClearTokenAfterRevoke(),
@@ -227,6 +240,17 @@ const authApiSdkFns = (authApiEndpointInterceptors, ctx) => [
       ],
     }),
   },
+  {
+    path: 'loginAs',
+    fn: createAuthApiSdkFn({
+      ctx,
+      interceptors: [
+        new FormatHttpResponse(),
+        ...loginAsInterceptors,
+        ..._.get(authApiEndpointInterceptors, 'token'),
+      ],
+    }),
+  },
   {
     path: 'logout',
     fn: createAuthApiSdkFn({
@@ -504,6 +528,7 @@ export default class SharetribeSdk {
       clientSecret: sdkConfig.clientSecret,
       typeHandlers: sdkConfig.typeHandlers,
       transitVerbose: sdkConfig.transitVerbose,
+      disableDeprecationWarnings: sdkConfig.disableDeprecationWarnings,
     };
 
     // Assign SDK functions to 'this'

src/sdk.test.js

@@ -34,6 +34,10 @@ const report = responsePromise =>
 const createSdk = (config = {}) => {
   const defaults = {
     clientId: '08ec69f6-d37e-414d-83eb-324e94afddf0',
+
+    // We do want to test that also deprecated function work, so disable
+    // deprecation warnings to keep output clean.
+    disableDeprecationWarnings: true,
   };
 
   // Extract adapter and token store here so that they can be passed to SDK
@@ -418,7 +422,7 @@ describe('new SharetribeSdk', () => {
     );
   });
 
-  it('logs in with an authorization code', () => {
+  it('deprecated: logs in with an authorization code', () => {
     const { sdk, sdkTokenStore } = createSdk();
 
     return sdk.login({ code: 'flex-authorization-code' }).then(() => {
@@ -428,6 +432,16 @@ describe('new SharetribeSdk', () => {
     });
   });
 
+  it('logs in with an authorization code', () => {
+    const { sdk, sdkTokenStore } = createSdk();
+
+    return sdk.loginAs({ code: 'flex-authorization-code' }).then(() => {
+      const { access_token, refresh_token } = sdkTokenStore.getToken();
+      expect(access_token).toEqual('joe.dunphy@example.com-access-1');
+      expect(refresh_token).toEqual('joe.dunphy@example.com-refresh-1');
+    });
+  });
+
   it('logs in with idp token', () => {
     const { sdk, sdkTokenStore } = createSdk({
       clientSecret: '8af2bf99c380b3a303ab90ae4012c8cd8f69d309',
@@ -741,19 +755,26 @@ describe('new SharetribeSdk', () => {
           .authInfo()
           .then(authInfo => {
             // No auth info yet.
+
+            // deprecated: grantType
             expect(authInfo.grantType).toBeUndefined();
+
             expect(authInfo.isAnonymous).toBeUndefined();
             expect(authInfo.scopes).toBeUndefined();
+            expect(authInfo.isLoggedInAs).toBeUndefined();
           })
           .then(() =>
             sdk.marketplace
               .show()
               .then(sdk.authInfo)
               .then(authInfo => {
                 // Anonymous token
+
+                // deprecated: grantType
                 expect(authInfo.grantType).toEqual('client_credentials');
                 expect(authInfo.isAnonymous).toEqual(true);
                 expect(authInfo.scopes).toEqual(['public-read']);
+                expect(authInfo.isLoggedInAs).toEqual(false);
               })
           )
           .then(() =>
@@ -765,9 +786,51 @@ describe('new SharetribeSdk', () => {
               .then(sdk.authInfo)
               .then(authInfo => {
                 // Login token
+
+                // deprecated: grantType
+                // Please note that the value is also off. Token
+                // hasn't been refreshed, thus, grantType should be password
                 expect(authInfo.grantType).toEqual('refresh_token');
+
                 expect(authInfo.isAnonymous).toEqual(false);
                 expect(authInfo.scopes).toEqual(['user']);
+                expect(authInfo.isLoggedInAs).toEqual(false);
+              })
+          )
+          .then(() =>
+            sdk
+              .login({ code: 'flex-authorization-code' })
+              .then(sdk.authInfo)
+              .then(authInfo => {
+                // deprecated: Login as
+
+                // deprecated: grantType
+                // Please note that the value is also off. Token
+                // hasn't been refreshed, thus, grantType should be
+                // authorization_code
+                expect(authInfo.grantType).toEqual('refresh_token');
+
+                expect(authInfo.isAnonymous).toEqual(false);
+                expect(authInfo.scopes).toEqual(['user:limited']);
+                expect(authInfo.isLoggedInAs).toEqual(true);
+              })
+          )
+          .then(() =>
+            sdk
+              .loginAs({ code: 'flex-authorization-code' })
+              .then(sdk.authInfo)
+              .then(authInfo => {
+                // Login as
+
+                // deprecated: grantType
+                // Please note that the value is also off. Token
+                // hasn't been refreshed, thus, grantType should be
+                // authorization_code
+                expect(authInfo.grantType).toEqual('refresh_token');
+
+                expect(authInfo.isAnonymous).toEqual(false);
+                expect(authInfo.scopes).toEqual(['user:limited']);
+                expect(authInfo.isLoggedInAs).toEqual(true);
               })
           )
           .then(() =>
@@ -776,9 +839,13 @@ describe('new SharetribeSdk', () => {
               .then(sdk.authInfo)
               .then(authInfo => {
                 // Logout
+
+                // deprecated: grantType
                 expect(authInfo.grantType).toBeUndefined();
+
                 expect(authInfo.isAnonymous).toBeUndefined();
                 expect(authInfo.scopes).toBeUndefined();
+                expect(authInfo.isLoggedInAs).toBeUndefined();
               })
           )
           .then(() =>
@@ -787,9 +854,13 @@ describe('new SharetribeSdk', () => {
               .then(sdk.authInfo)
               .then(authInfo => {
                 // Logging out already logged out user does nothing
+
+                // deprecated: grantType
                 expect(authInfo.grantType).toBeUndefined();
+
                 expect(authInfo.isAnonymous).toBeUndefined();
                 expect(authInfo.scopes).toBeUndefined();
+                expect(authInfo.isLoggedInAs).toBeUndefined();
               })
           )
       );

src/serializer.js

@@ -3,6 +3,7 @@
 import transit from 'transit-js';
 import _ from 'lodash';
 import { UUID, LatLng, Money, BigDecimal, toType } from './types';
+import { entries } from './utils';
 
 /**
    Composes two readers (sdk type and app type) so that:
@@ -168,14 +169,11 @@ const MapHandler = [
   transit.makeWriteHandler({
     tag: () => 'map',
     rep: v =>
-      _.reduce(
-        v,
-        (map, val, key) => {
-          map.set(transit.keyword(key), val);
-          return map;
-        },
-        transit.map()
-      ),
+      entries(v).reduce((map, entry) => {
+        const [key, val] = entry;
+        map.set(transit.keyword(key), val);
+        return map;
+      }, transit.map()),
   }),
 ];
 

src/serializer.test.js

@@ -19,6 +19,24 @@ describe('serializer', () => {
     expect(r.read(w.write(testData))).toEqual(testData);
   });
 
+  it('reads and writes Object with key length', () => {
+    // See: https://github.com/lodash/lodash/issues/5870
+    const testData = {
+      a: 1,
+      b: 2,
+      c: [3, 4, 5],
+      d: {
+        e: true,
+      },
+      length: 10,
+    };
+
+    const r = reader();
+    const w = writer();
+
+    expect(r.read(w.write(testData))).toEqual(testData);
+  });
+
   it('reads and writes transit JSON verbose', () => {
     const testData = {
       a: 1,

src/utils.js

@@ -1,5 +1,15 @@
 import _ from 'lodash';
 
+/**
+ Null-safe version of Object.entries
+ */
+export const entries = obj => {
+  if (obj == null) {
+    return [];
+  }
+  return Object.entries(obj);
+};
+
 /**
    Take URL and remove the trailing slashes.
 
@@ -17,14 +27,13 @@ export const fnPath = path =>
   _.without(path.split('/'), '').map(part => part.replace(/_\w/g, m => m[1].toUpperCase()));
 
 export const formData = params =>
-  _.reduce(
-    params,
-    (pairs, v, k) => {
+  entries(params)
+    .reduce((pairs, entry) => {
+      const [k, v] = entry;
       pairs.push(`${encodeURIComponent(k)}=${encodeURIComponent(v)}`);
       return pairs;
-    },
-    []
-  ).join('&');
+    }, [])
+    .join('&');
 
 /**
    Serialize a single attribute in an object query parameter.
@@ -112,3 +121,13 @@ export const canonicalAssetPaths = paths => {
 
   return { pathPrefix, relativePaths };
 };
+
+const consoleAvailable = typeof console !== 'undefined';
+
+export const deprecated = (msg, disable) => {
+  /* eslint-disable no-console */
+  /* eslint-disable no-undef */
+  if (consoleAvailable && console.warn && !disable) {
+    console.warn(msg);
+  }
+};

src/utils.test.js

@@ -33,6 +33,11 @@ describe('utils', () => {
         formData({ username: 'joe.dunphy@example.com', password: '}4$3.872487=3&&]/6?.' })
       ).toEqual('username=joe.dunphy%40example.com&password=%7D4%243.872487%3D3%26%26%5D%2F6%3F.');
     });
+
+    it('encodes Object with key length', () => {
+      // See: https://github.com/lodash/lodash/issues/5870
+      expect(formData({ length: 10 })).toEqual('length=10');
+    });
   });
 
   describe('objectQueryString', () => {

src/version.js

@@ -1,3 +1,3 @@
 // Update this when updating package.json
-const sdkVersion = '1.20.1';
+const sdkVersion = '1.21.1';
 export default sdkVersion;