docs: remove dead links

Author: jankapunkt

CONTRIBUTING.md

@@ -10,7 +10,8 @@ First things first:
 This project has strong security implications, and we appreciate every help to
 improve security.
 
-**However, please read our [security policy](./SECURITY.md), before taking actions.**
+**However, please read our [security policy](https://github.com/node-oauth/node-oauth2-server/security/policy),
+before taking actions.**
 
 
 

docs/api/grant-types/abstract-grant-type.md

@@ -79,7 +79,7 @@ Get scope from the request body.
 
 ### abstractGrantType.validateScope(user, client, scope) ⇒ <code>string</code>
 Validate requested scope.
-Delegates validation to [Model#validateScope](Model#validateScope),
+Delegates validation to the Model's `validateScope` method,
 if the model implements this method.
 Otherwise, treats given scope as valid.
 

docs/api/handlers/authenticate-handler.md

@@ -20,7 +20,7 @@
 ### new AuthenticateHandler(options)
 **Throws**:
 
-- <code>InvalidArgumentError</code> if {model} is missing or does not implement [Model#getAccessToken](Model#getAccessToken)
+- <code>InvalidArgumentError</code> if {model} is missing or does not implement `getAccessToken`
 
 
 | Param | Type | Default | Description |

docs/api/server.md

@@ -54,8 +54,8 @@ const OAuth2Server = require('@node-oauth/oauth2-server');
 Authenticates a request.
 
 **Kind**: instance method of [<code>OAuth2Server</code>](#OAuth2Server)  
-**Returns**: <code>Promise.&lt;object&gt;</code> - A `Promise` that resolves to the access token object returned from [Model#getAccessToken](Model#getAccessToken).
-  In case of an error, the promise rejects with one of the error types derived from [OAuthError](OAuthError).  
+**Returns**: <code>Promise.&lt;object&gt;</code> - A `Promise` that resolves to the access token object returned from the model's `getAccessToken`.
+  In case of an error, the promise rejects with one of the error types derived from `OAuthError`.  
 **Throws**:
 
 - <code>UnauthorizedRequestError</code> The protected resource request failed authentication.
@@ -92,7 +92,7 @@ function authenticateHandler(options) {
 Authorizes a token request.
 **Remarks:**
 
-If `request.query.allowed` equals the string `'false'` the access request is denied and the returned promise is rejected with an [AccessDeniedError](AccessDeniedError).
+If `request.query.allowed` equals the string `'false'` the access request is denied and the returned promise is rejected with an `AccessDeniedError`.
 
 In order to retrieve the user associated with the request, `options.authenticateHandler` should be supplied.
 The `authenticateHandler` has to be an object implementing a `handle(request, response)` function that returns a user object.
@@ -115,8 +115,8 @@ let authenticateHandler = {
 ```
 
 **Kind**: instance method of [<code>OAuth2Server</code>](#OAuth2Server)  
-**Returns**: <code>Promise.&lt;object&gt;</code> - A `Promise` that resolves to the authorization code object returned from [Model#saveAuthorizationCode](Model#saveAuthorizationCode)
-  In case of an error, the promise rejects with one of the error types derived from [OAuthError](OAuthError).  
+**Returns**: <code>Promise.&lt;object&gt;</code> - A `Promise` that resolves to the authorization code object returned from model's `saveAuthorizationCode`
+  In case of an error, the promise rejects with one of the error types derived from `OAuthError`.  
 **Throws**:
 
 - <code>AccessDeniedError</code> The resource owner denied the access request (i.e. `request.query.allow` was `'false'`).
@@ -177,8 +177,8 @@ let options = {
 For information on how to implement a handler for a custom grant type see the extension grants.
 
 **Kind**: instance method of [<code>OAuth2Server</code>](#OAuth2Server)  
-**Returns**: <code>Promise.&lt;object&gt;</code> - A `Promise` that resolves to the token object returned from [Model#saveToken](Model#saveToken).
-  In case of an error, the promise rejects with one of the error types derived from [OAuthError](OAuthError).  
+**Returns**: <code>Promise.&lt;object&gt;</code> - A `Promise` that resolves to the token object returned from the model's `saveToken` method.
+  In case of an error, the promise rejects with one of the error types derived from `OAuthError`.  
 **Throws**:
 
 - <code>InvalidGrantError</code> The access token request was invalid or not authorized.

docs/guide/getting-started.md

@@ -90,7 +90,3 @@ DB, Caching) and client management.
 
 Note, that different workflows require different models.
 Read the [model overview](./model.md) of what is required for the model in context of specific grant types.
-
-## Next steps
-
-You should get familiar with grant types and t

lib/grant-types/abstract-grant-type.js

@@ -103,7 +103,7 @@ class AbstractGrantType {
 
   /**
    * Validate requested scope.
-   * Delegates validation to {@link Model#validateScope},
+   * Delegates validation to the Model's `validateScope` method,
    * if the model implements this method.
    * Otherwise, treats given scope as valid.
    * @param user {object}

lib/handlers/authenticate-handler.js

@@ -28,7 +28,7 @@ class AuthenticateHandler {
      * @param [options.addAcceptedScopesHeader=true] {boolean=} Set the `X-Accepted-OAuth-Scopes` HTTP header on response objects.
      * @param [options.addAuthorizedScopesHeader=true] {boolean=} Set the `X-OAuth-Scopes` HTTP header on response objects.
      * @param [options.allowBearerTokensInQueryString=false] {boolean=} Allow clients to pass bearer tokens in the query string of a request.
-     * @throws {InvalidArgumentError} if {model} is missing or does not implement {@link Model#getAccessToken}
+     * @throws {InvalidArgumentError} if {model} is missing or does not implement `getAccessToken`
      */
   constructor (options) {
     options = options || {};

lib/server.js

@@ -78,8 +78,8 @@ class OAuth2Server {
    * @param [options.addAuthorizedScopesHeader=true] {boolean=} Set the `X-OAuth-Scopes` HTTP header on response objects.
    * @param [options.allowBearerTokensInQueryString=false] {boolean=} Allow clients to pass bearer tokens in the query string of a request.
    * @throws {UnauthorizedRequestError} The protected resource request failed authentication.
-   * @return {Promise.<object>} A `Promise` that resolves to the access token object returned from {@link Model#getAccessToken}.
-   *   In case of an error, the promise rejects with one of the error types derived from {@link OAuthError}.
+   * @return {Promise.<object>} A `Promise` that resolves to the access token object returned from the model's `getAccessToken`.
+   *   In case of an error, the promise rejects with one of the error types derived from `OAuthError`.
    * @example
    * const oauth = new OAuth2Server({model: ...});
    * function authenticateHandler(options) {
@@ -111,7 +111,7 @@ class OAuth2Server {
    * Authorizes a token request.
    * **Remarks:**
    *
-   * If `request.query.allowed` equals the string `'false'` the access request is denied and the returned promise is rejected with an {@link AccessDeniedError}.
+   * If `request.query.allowed` equals the string `'false'` the access request is denied and the returned promise is rejected with an `AccessDeniedError`.
    *
    * In order to retrieve the user associated with the request, `options.authenticateHandler` should be supplied.
    * The `authenticateHandler` has to be an object implementing a `handle(request, response)` function that returns a user object.
@@ -143,8 +143,8 @@ class OAuth2Server {
    * @param [options.allowEmptyState=false] {boolean=} Allow clients to specify an empty `state
    * @param [options.authorizationCodeLifetime=300] {number=} Lifetime of generated authorization codes in seconds (default = 300 s = 5 min)
    * @throws {AccessDeniedError} The resource owner denied the access request (i.e. `request.query.allow` was `'false'`).
-   * @return {Promise.<object>} A `Promise` that resolves to the authorization code object returned from {@link Model#saveAuthorizationCode}
-   *   In case of an error, the promise rejects with one of the error types derived from {@link OAuthError}.
+   * @return {Promise.<object>} A `Promise` that resolves to the authorization code object returned from model's `saveAuthorizationCode`
+   *   In case of an error, the promise rejects with one of the error types derived from `OAuthError`.
    * @example
    * const oauth = new OAuth2Server({model: ...});
    * function authorizeHandler(options) {
@@ -203,8 +203,8 @@ class OAuth2Server {
    * @param [options.requireClientAuthentication=object] {object|boolean} Require a client secret for grant types (names as keys). Defaults to `true` for all grant types.
    * @param [options.alwaysIssueNewRefreshToken=true] {boolean=} Always revoke the used refresh token and issue a new one for the `refresh_token` grant.
    * @param [options.extendedGrantTypes=object] {object} Additional supported grant types.
-   * @return {Promise.<object>} A `Promise` that resolves to the token object returned from {@link Model#saveToken}.
-   *   In case of an error, the promise rejects with one of the error types derived from {@link OAuthError}.
+   * @return {Promise.<object>} A `Promise` that resolves to the token object returned from the model's `saveToken` method.
+   *   In case of an error, the promise rejects with one of the error types derived from `OAuthError`.
    * @throws {InvalidGrantError} The access token request was invalid or not authorized.
    * @example
    * const oauth = new OAuth2Server({model: ...});

package.json

@@ -52,7 +52,7 @@
     "lint": "npx eslint .",
     "lint:fix": "npx eslint . --fix",
     "docs:dev": "vitepress dev docs",
-    "docs:build": "npm run docs:api && vitepress build docs",
+    "docs:build": "npm run docs:setup && npm run docs:api && vitepress build docs",
     "docs:preview": "vitepress preview docs",
     "docs:api": "node docs/build-api.js lib docs/api",
     "docs:setup": "cd docs/guide && ln -sf ../../CONTRIBUTING.md contributing.md"