Merge pull request #617 from mozilla/hapi-latest

feat(server): update to Hapi 17
2018-10-18 11:40:07 -04:00 · 2018-10-18 11:40:07 -04:00 · 786e3c5bb6
--- a/.eslintrc
+++ b/.eslintrc
@ -5,3 +5,6 @@ extends: plugin:fxa/server
 rules:
  handle-callback-err: 0
  semi: [2, "always"]
+
+parserOptions:
+  ecmaVersion: 2017
--- a/bin/internal.js
+++ b/bin/internal.js
@ -5,11 +5,16 @@
 const config = require('../lib/config').getProperties();
 const db = require('../lib/db');
 const logger = require('../lib/logging')('bin.internal');
-const server = require('../lib/server/internal').create();
+const serverPromise = require('../lib/server/internal').create();

 logger.debug('config', config);
 db.ping().done(function() {
-  server.start(function() {
+  let server;
+
+  serverPromise.then((s) => {
+    server = s;
+    return server.start();
+  }).then(() => {
    logger.info('listening', server.info.uri);
  });
 }, function(err) {
--- a/bin/server.js
+++ b/bin/server.js
@ -5,15 +5,21 @@
 const config = require('../lib/config').getProperties();
 const db = require('../lib/db');
 const logger = require('../lib/logging')('bin.server');
-const server = require('../lib/server').create();
+const serverPromise = require('../lib/server').create();
 const events = require('../lib/events');

 logger.debug('config', config);
 db.ping().done(function() {
-  server.start(function() {
+  let server;
+
+  serverPromise.then((s) => {
+    server = s;
+    return server.start();
+  }).then(() => {
    logger.info('listening', server.info.uri);
+    events.start();
  });
-  events.start();
+
 }, function(err) {
  logger.critical('db.ping', err);
  process.exit(1);
--- a/lib/auth.js
+++ b/lib/auth.js
@ -21,19 +21,19 @@ exports.SCOPE_CLIENT_MANAGEMENT = ScopeSet.fromArray(['oauth']);

 exports.strategy = function() {
  return {
-    authenticate: function dogfoodStrategy(req, reply) {
+    authenticate: async function dogfoodStrategy(req, h) {
      var auth = req.headers.authorization;
      logger.debug('check.auth', { header: auth });
      if (! auth || auth.indexOf('Bearer ') !== 0) {
-        return reply(AppError.unauthorized('Bearer token not provided'));
+        throw AppError.unauthorized('Bearer token not provided');
      }
      var tok = auth.split(' ')[1];

      if (! validators.HEX_STRING.test(tok)) {
-        return reply(AppError.unauthorized('Illegal Bearer token'));
+        throw AppError.unauthorized('Illegal Bearer token');
      }

-      token.verify(tok).done(function tokenFound(details) {
+      return token.verify(tok).then(function tokenFound(details) {
        if (details.scope.contains(exports.SCOPE_CLIENT_MANAGEMENT)) {
          logger.debug('check.whitelist');
          var blocked = ! WHITELIST.some(function(re) {
@ -44,18 +44,16 @@ exports.strategy = function() {
              email: details.email,
              token: tok
            });
-            return reply(AppError.forbidden());
+            throw AppError.forbidden();
          }
        }

        logger.info('success', details);
        details.scope = details.scope.getScopeValues();
-        reply.continue({
-          credentials: details
-        });
+        return h.authenticated({credentials: details});
      }, function noToken(err) {
        logger.debug('error', err);
-        reply(AppError.unauthorized('Bearer token invalid'));
+        throw AppError.unauthorized('Bearer token invalid');
      });
    }
  };
--- a/lib/auth_bearer.js
+++ b/lib/auth_bearer.js
@ -19,28 +19,28 @@ exports.SCOPE_CLIENT_WRITE = authOAuthScope;

 exports.strategy = function() {
  return {
-    authenticate: function authBearerStrategy(req, reply) {
+    authenticate: async function authBearerStrategy(req, h) {
      var auth = req.headers.authorization;

      logger.debug(authName + '.check', { header: auth });
      if (! auth || auth.indexOf('Bearer ') !== 0) {
-        return reply(AppError.unauthorized('Bearer token not provided'));
+        throw AppError.unauthorized('Bearer token not provided');
      }
      var tok = auth.split(' ')[1];

      if (! validators.HEX_STRING.test(tok)) {
-        return reply(AppError.unauthorized('Illegal Bearer token'));
+        throw AppError.unauthorized('Illegal Bearer token');
      }

-      token.verify(tok).done(function tokenFound(details) {
+      return token.verify(tok).then(function tokenFound(details) {
        logger.info(authName + '.success', details);
        details.scope = details.scope.getScopeValues();
-        reply.continue({
+        return h.authenticated({
          credentials: details
        });
      }, function noToken(err) {
        logger.debug(authName + '.error', err);
-        reply(AppError.unauthorized('Bearer token invalid'));
+        throw AppError.unauthorized('Bearer token invalid');
      });
    }
  };
--- a/lib/db/memory.js
+++ b/lib/db/memory.js
@ -136,7 +136,7 @@ function deleteByClientId(object, clientId) {

 MemoryStore.prototype = {
  ping: function ping() {
-    return P.resolve();
+    return P.resolve({});
  },
  registerClient: function registerClient(client) {
    if (client.id) {
--- a/lib/db/mysql/index.js
+++ b/lib/db/mysql/index.js
@ -249,7 +249,7 @@ MysqlStore.prototype = {
            logger.error('ping:', err);
            reject(err);
          } else {
-            resolve();
+            resolve({});
          }
        });
      });
--- a/lib/routes/authorization.js
+++ b/lib/routes/authorization.js
@ -217,14 +217,14 @@ module.exports = {
      'access_token'
    ])
  },
-  handler: function authorizationEndpoint(req, reply) {
+  handler: async function authorizationEndpoint(req) {
    /*eslint complexity: [2, 13] */
    logger.debug('response_type', req.payload.response_type);
    var start = Date.now();
    var wantsGrant = req.payload.response_type === TOKEN;
    var exitEarly = false;
    var scope = ScopeSet.fromString(req.payload.scope || '');
-    P.all([
+    return P.all([
      verify(req.payload.assertion).then(function(claims) {
        logger.info('time.browserid_verify', { ms: Date.now() - start });
        if (! claims) {
@ -316,7 +316,6 @@ module.exports = {
      scope,
      req
    ])
-    .spread(wantsGrant ? generateGrant : generateCode)
-    .done(reply, reply);
+    .spread(wantsGrant ? generateGrant : generateCode);
  }
 };
--- a/lib/routes/client-tokens/delete.js
+++ b/lib/routes/client-tokens/delete.js
@ -10,11 +10,11 @@ module.exports = {
    strategy: 'authBearer',
    scope: SCOPE_CLIENT_WRITE.getImplicantValues()
  },
-  handler: function activeServices(req, reply) {
+  handler: async function activeServices(req) {
    var clientId = req.params.client_id;
    return db.deleteClientAuthorization(clientId, req.auth.credentials.user)
-      .done(function() {
-        reply({});
-      }, reply);
+      .then(function() {
+        return {};
+      });
  }
 };
--- a/lib/routes/client-tokens/list.js
+++ b/lib/routes/client-tokens/list.js
@ -29,12 +29,12 @@ module.exports = {
    strategy: 'authBearer',
    scope: SCOPE_CLIENT_WRITE.getImplicantValues()
  },
-  handler: function activeServices(req, reply) {
+  handler: async function activeServices(req) {
    return db.getActiveClientsByUid(req.auth.credentials.user)
-      .done(function(clients) {
-        reply(clients.map(function(client) {
+      .then(function(clients) {
+        return clients.map(function(client) {
          return serialize(client, req.headers['accept-language']);
-        }));
-      }, reply);
+        });
+      });
  }
 };
--- a/lib/routes/client/delete.js
+++ b/lib/routes/client/delete.js
@ -17,19 +17,19 @@ module.exports = {
      client_id: validators.clientId
    }
  },
-  handler: function clientDeleteEndpoint(req, reply) {
+  handler: async function clientDeleteEndpoint(req, h) {
    var email = req.auth.credentials.email;
    var clientId = req.params.client_id;

    return db.developerOwnsClient(email, clientId)
      .then(
        function () {
-          return db.removeClient(clientId).done(function() {
-            reply().code(204);
-          }, reply);
+          return db.removeClient(clientId).then(function() {
+            return h.response({}).code(204);
+          });
        },
        function () {
-          return reply(AppError.unauthorized('Illegal Developer'));
+          throw new AppError.unauthorized('Illegal Developer');
        }
      );
  }
--- a/lib/routes/client/get.js
+++ b/lib/routes/client/get.js
@ -25,22 +25,34 @@ module.exports = {
      redirect_uri: Joi.string().required().allow('')
    }
  },
-  handler: function requestInfoEndpoint(req, reply) {
+  handler: async function requestInfoEndpoint(req) {
    var params = req.params;
-    db.getClient(Buffer.from(params.client_id, 'hex')).then(function(client) {
-      if (! client) {
-        logger.debug('notFound', { id: params.client_id });
-        throw AppError.unknownClient(params.client_id);
-      }
-      return client;
-    }).done(function(client) {
-      reply({
-        id: hex(client.id),
-        name: client.name,
-        trusted: client.trusted,
-        image_uri: client.imageUri,
-        redirect_uri: client.redirectUri
+
+    function makeReq() {
+      return new Promise((resolve) => {
+        return db.getClient(Buffer.from(params.client_id, 'hex')).then(function (client) {
+          if (! client) {
+            logger.debug('notFound', {id: params.client_id});
+            throw AppError.unknownClient(params.client_id);
+          }
+          return client;
+        }).done(function (client) {
+          resolve({
+            id: hex(client.id),
+            name: client.name,
+            trusted: client.trusted,
+            image_uri: client.imageUri,
+            redirect_uri: client.redirectUri
+          });
+        });
+      });
+    }
+
+    return makeReq().then((resp) => {
+      return resp;
+    })
+      .catch((err) => {
+        throw err;
      });
-    }, reply);
  }
 };
--- a/lib/routes/client/list.js
+++ b/lib/routes/client/list.js
@ -39,13 +39,13 @@ module.exports = {
      )
    }
  },
-  handler: function listEndpoint(req, reply) {
-    var developerEmail = req.auth.credentials.email;
+  handler: async function listEndpoint(req) {
+    const developerEmail = req.auth.credentials.email;

-    db.getClients(developerEmail).done(function(clients) {
-      reply({
+    return db.getClients(developerEmail).then(function(clients) {
+      return {
        clients: clients.map(serialize)
-      });
-    }, reply);
+      };
+    });
  }
 };
--- a/lib/routes/client/register.js
+++ b/lib/routes/client/register.js
@ -37,7 +37,7 @@ module.exports = {
      trusted: Joi.boolean().required()
    }
  },
-  handler: function registerEndpoint(req, reply) {
+  handler: async function registerEndpoint(req, h) {
    var payload = req.payload;
    var secret = unique.secret();
    var client = {
@ -68,7 +68,7 @@ module.exports = {
        return db.registerClientDeveloper(developerId, hex(client.id));
      })
      .then(function() {
-        reply({
+        return h.response({
          id: hex(client.id),
          secret: hex(secret),
          name: client.name,
@ -77,6 +77,6 @@ module.exports = {
          can_grant: client.canGrant,
          trusted: client.trusted
        }).code(201);
-      }, reply);
+      });
  }
 };
--- a/lib/routes/client/update.js
+++ b/lib/routes/client/update.js
@ -26,10 +26,10 @@ module.exports = {
      can_grant: Joi.boolean()
    }
  },
-  handler: function updateClientEndpoint(req, reply) {
-    var clientId = req.params.client_id;
-    var payload = req.payload;
-    var email = req.auth.credentials.email;
+  handler: async function updateClientEndpoint(req, reply) {
+    const clientId = req.params.client_id;
+    const payload = req.payload;
+    const email = req.auth.credentials.email;

    return db.developerOwnsClient(email, clientId)
      .then(
@ -40,12 +40,12 @@ module.exports = {
            redirectUri: payload.redirect_uri,
            imageUri: payload.image_uri,
            canGrant: payload.can_grant
-          }).done(function() {
-            reply({});
-          }, reply);
+          }).then(function() {
+            return {};
+          });
        },
        function () {
-          return reply(AppError.unauthorized('Illegal Developer'));
+          throw AppError.unauthorized('Illegal Developer');
        }
      );
  }
--- a/lib/routes/config.js
+++ b/lib/routes/config.js
@ -13,7 +13,7 @@ const CONFIG = {
 };

 module.exports = {
-  handler: function configRoute(req, reply) {
-    reply(CONFIG);
+  handler: async function configRoute() {
+    return CONFIG;
  }
 };
--- a/lib/routes/destroy.js
+++ b/lib/routes/destroy.js
@ -19,7 +19,7 @@ module.exports = {
      refresh_token: validators.token
    }).rename('token', 'access_token').xor('access_token', 'refresh_token')
  },
-  handler: function destroyToken(req, reply) {
+  handler: async function destroyToken(req) {
    var token;
    var getToken;
    var removeToken;
@ -33,13 +33,13 @@ module.exports = {
      token = encrypt.hash(req.payload.refresh_token);
    }

-    db[getToken](token).then(function(tok) {
+    return db[getToken](token).then(function(tok) {
      if (! tok) {
        throw AppError.invalidToken();
      }
      return db[removeToken](token);
-    }).done(function() {
-      reply({});
-    }, reply);
+    }).then(function() {
+      return {};
+    });
  }
 };
--- a/lib/routes/developer/activate.js
+++ b/lib/routes/developer/activate.js
@ -19,8 +19,8 @@ module.exports = {
    strategy: auth.AUTH_STRATEGY,
    scope: auth.SCOPE_CLIENT_MANAGEMENT.getImplicantValues()
  },
-  handler: function activateRegistration(req, reply) {
-    var email = req.auth.credentials.email;
+  handler: async function activateRegistration(req) {
+    const email = req.auth.credentials.email;

    return db.getDeveloper(email)
        .then(function(developer) {
@ -30,7 +30,6 @@ module.exports = {
            return db.activateDeveloper(email);
          }
        })
-        .then(developerResponse)
-        .done(reply, reply);
+      .then(developerResponse);
  }
 };
--- a/lib/routes/heartbeat.js
+++ b/lib/routes/heartbeat.js
@ -5,7 +5,7 @@
 const db = require('../db');

 module.exports = {
-  handler: function heartbeat(req, reply) {
-    db.ping().done(reply, reply);
+  handler: async function heartbeat() {
+    return db.ping();
  }
 };
--- a/lib/routes/jwks.js
+++ b/lib/routes/jwks.js
@ -34,7 +34,7 @@ const KEYS = (function() {
 })();

 module.exports = {
-  handler: function jwks(req, reply) {
-    reply(KEYS);
+  handler: async function jwks() {
+    return KEYS;
  }
 };
--- a/lib/routes/key_data.js
+++ b/lib/routes/key_data.js
@ -38,7 +38,7 @@ module.exports = {
      })
    ])
  },
-  handler: function keyDataRoute(req, reply) {
+  handler: async function keyDataRoute(req) {
    logger.debug('keyDataRoute.start', {
      params: req.params,
      payload: req.payload
@ -47,7 +47,7 @@ module.exports = {
    const requestedScopes = ScopeSet.fromString(req.payload.scope);
    const requestedClientId = req.payload.client_id;

-    P.all([
+    return P.all([
      verify(req.payload.assertion),
      db.getClient(Buffer.from(requestedClientId, 'hex')).then((client) => {
        if (client) {
@ -81,7 +81,7 @@ module.exports = {
      });

      return response;
-    })).done(reply, reply);
+    }));

  }
 };
--- a/lib/routes/redirect.js
+++ b/lib/routes/redirect.js
@ -27,15 +27,15 @@ function actionToPathname(action) {
 }

 module.exports = {
-  handler: function redirectAuthorization(req, reply) {
+  handler: async function redirectAuthorization(req, h) {
    var redirect = url.parse(config.get('contentUrl'), true);
    var err = false;

    try {
-      redirect.pathname += actionToPathname(req.query.action, reply);
+      redirect.pathname += actionToPathname(req.query.action);
    } catch (e) {
      err = true;
-      reply(AppError.invalidRequestParameter('action'));
+      throw AppError.invalidRequestParameter('action');
    }

    if (! err) {
@ -56,7 +56,7 @@ module.exports = {

      delete redirect.search;
      delete redirect.path;
-      reply().redirect(url.format(redirect));
+      return h.redirect(url.format(redirect));
    }
  }
 };
--- a/lib/routes/root.js
+++ b/lib/routes/root.js
@ -18,9 +18,9 @@ try {
 }

 module.exports = {
-  handler: function index(req, reply) {
+  handler: async function index(req, h) {
    function sendReply() {
-      reply({
+      return h.response({
        version: version,
        commit: commitHash,
        source: source
@ -31,16 +31,24 @@ module.exports = {
      return sendReply();
    }

-    // figure it out from .git
-    var gitDir = path.resolve(__dirname, '..', '..', '.git');
-    exec('git rev-parse HEAD', { cwd: gitDir }, function(err, stdout) {
-      commitHash = stdout.replace(/\s+/, '');
-      var configPath = path.join(gitDir, 'config');
-      var cmd = 'git config --get remote.origin.url';
-      exec(cmd, { env: { GIT_CONFIG: configPath, PATH: process.env.PATH }}, function(err, stdout) {
-        source = stdout.replace(/\s+/, '');
-        return sendReply();
+    function runGitCmd() {
+      return new Promise((resolve) => {
+        // figure it out from .git
+        var gitDir = path.resolve(__dirname, '..', '..', '.git');
+        exec('git rev-parse HEAD', { cwd: gitDir }, function(err, stdout) {
+          commitHash = stdout.replace(/\s+/, '');
+          var configPath = path.join(gitDir, 'config');
+          var cmd = 'git config --get remote.origin.url';
+          exec(cmd, { env: { GIT_CONFIG: configPath, PATH: process.env.PATH }}, function(err, stdout) {
+            source = stdout.replace(/\s+/, '');
+            return resolve();
+          });
+        });
      });
+    }
+
+    return runGitCmd().then((resp) => {
+      return sendReply();
    });
  }
 };
--- a/lib/routes/token.js
+++ b/lib/routes/token.js
@ -171,10 +171,10 @@ module.exports = {
      keys_jwe: validators.jwe.optional()
    })
  },
-  handler: function tokenEndpoint(req, reply) {
+  handler: async function tokenEndpoint(req) {
    var params = req.payload;
    params.scope = ScopeSet.fromString(params.scope || '');
-    P.try(function() {
+    return P.try(function() {

      // Clients are allowed to provide credentials in either
      // the Authorization header or request body.  Normalize.
@ -237,8 +237,7 @@ module.exports = {
      }
      return vals;
    })
-    .then(generateTokens)
-    .done(reply, reply);
+    .then(generateTokens);
  }
 };

--- a/lib/routes/verify.js
+++ b/lib/routes/verify.js
@ -24,8 +24,8 @@ module.exports = {
      profile_changed_at: Joi.number().min(0)
    }
  },
-  handler: function verify(req, reply) {
-    token.verify(req.payload.token).then(function(info) {
+  handler: async function verify(req) {
+    return token.verify(req.payload.token).then(function(info) {
      info.scope = info.scope.getScopeValues();
      if (req.payload.email !== undefined) {
        logger.warn('email.requested', {
@ -40,6 +40,6 @@ module.exports = {
        scope: info.scope
      });
      return info;
-    }).done(reply, reply);
+    });
  }
 };
--- a/lib/server/config.js
+++ b/lib/server/config.js
@ -5,25 +5,33 @@
 const config = require('../config').getProperties();

 module.exports = {
-  connections: {
-    routes: {
-      cache: {
-        otherwise: config.cacheControl
+  host: config.server.host,
+  port: config.server.port,
+  routes: {
+    cache: {
+      otherwise: config.cacheControl
+    },
+    cors: true,
+    payload: {
+      maxBytes: 16384
+    },
+    security: {
+      hsts: {
+        maxAge: 15552000,
+        includeSubdomains: true
      },
-      cors: true,
-      payload: {
-        maxBytes: 16384
-      },
-      security: {
-        hsts: {
-          maxAge: 15552000,
-          includeSubdomains: true
-        },
-        xframe: true,
-        xss: true,
-        noOpen: false,
-        noSniff: true
+      xframe: true,
+      xss: true,
+      noOpen: false,
+      noSniff: true
+    },
+    validate: {
+      failAction: async (request, h, err) => {
+        // Starting with Hapi 17, the framework hides the validation info
+        // We want the full validation information and use it in server `onPreResponse`
+        // See: https://github.com/hapijs/hapi/issues/3706#issuecomment-349765943
+        throw err;
      }
-    }
+    },
  }
 };
--- a/lib/server/index.js
+++ b/lib/server/index.js
@ -13,7 +13,7 @@ const logger = require('../logging')('server');
 const hapiLogger = require('../logging')('server.hapi');
 const summary = require('../logging/summary');

-exports.create = function createServer() {
+exports.create = async function createServer() {

  if (config.localRedirects && config.env !== 'dev') {
    // nightly, latest, etc will probably set this to true, but it's
@ -26,11 +26,6 @@ exports.create = function createServer() {
    require('./config')
  );

-  server.connection({
-    host: config.server.host,
-    port: config.server.port
-  });
-
  server.auth.scheme(authBearer.AUTH_SCHEME, authBearer.strategy);
  server.auth.strategy(authBearer.AUTH_STRATEGY, authBearer.AUTH_SCHEME);

@ -49,13 +44,9 @@ exports.create = function createServer() {
      hpkpOptions.reportOnly = config.hpkpConfig.reportOnly;
    }

-    server.register({
-      register: require('hapi-hpkp'),
+    await server.register({
+      plugin: require('hapi-hpkp'),
      options: hpkpOptions
-    }, function (err) {
-      if (err) {
-        throw err;
-      }
    });
  }

@ -87,13 +78,13 @@ exports.create = function createServer() {
  server.route(routes);

  // hapi internal logging: server and request
-  server.on('log', function onServerLog(ev, tags) {
+  server.events.on('log', function onServerLog(ev, tags) {
    if (tags.error && tags.implementation) {
      hapiLogger.critical('error.uncaught.server', ev.data);
    }
  });

-  server.on('request', function onRequestLog(req, ev, tags) {
+  server.events.on('request', function onRequestLog(req, ev, tags) {
    if (tags.error && tags.implementation) {
      if (ev.data.stack.indexOf('hapi/lib/validation.js') !== -1) {
        hapiLogger.error('error.payload.validation', ev.data);
@ -107,7 +98,8 @@ exports.create = function createServer() {
  const sentryDsn = config.sentryDsn;
  if (sentryDsn) {
    Raven.config(sentryDsn, {});
-    server.on('request-error', function (request, err) {
+    server.events.on({ name: 'request', channel: 'error' }, function (req, ev) {
+      const err = ev && ev.error || null;
      let exception = '';
      if (err && err.stack) {
        try {
@ -125,17 +117,17 @@ exports.create = function createServer() {
    });
  }

-  server.ext('onPreResponse', function onPreResponse(request, next) {
+  server.ext('onPreResponse', function onPreResponse(request, h) {
    var response = request.response;
    if (response.isBoom) {
      response = AppError.translate(response);
    }
    summary(request, response);

-    next(response);
+    return response;
  });

-  server.ext('onPreAuth', function (request, reply) {
+  server.ext('onPreAuth', function (request, h) {
    // Construct source-ip-address chain for logging.
    var xff = (request.headers['x-forwarded-for'] || '').split(/\s*,\s*/);
    xff.push(request.info.remoteAddress);
@ -151,7 +143,7 @@ exports.create = function createServer() {

    request.app.remoteAddressChain = xff;
    request.app.clientAddress = xff[clientAddressIndex];
-    reply.continue();
+    return h.continue;
  });

  return server;
--- a/lib/server/internal.js
+++ b/lib/server/internal.js
@ -12,17 +12,14 @@ const logger = require('../logging')('server.clients');
 const hapiLogger = require('../logging')('server.hapi');
 const summary = require('../logging/summary');

-exports.create = function createServer() {
+exports.create = async function createServer() {
  var isProd = env.isProdLike();

-  var server = new Hapi.Server(
-    require('./config')
-  );
+  const serverConfig = require('./config');
+  serverConfig.host = config.serverInternal.host;
+  serverConfig.port = config.serverInternal.port;

-  server.connection({
-    host: config.serverInternal.host,
-    port: config.serverInternal.port
-  });
+  var server = new Hapi.Server(serverConfig);

  server.auth.scheme(auth.AUTH_SCHEME, auth.strategy);
  server.auth.strategy(auth.AUTH_STRATEGY, auth.AUTH_SCHEME);
@ -42,13 +39,9 @@ exports.create = function createServer() {
      hpkpOptions.reportOnly = config.hpkpConfig.reportOnly;
    }

-    server.register({
-      register: require('hapi-hpkp'),
+    await server.register({
+      plugin: require('hapi-hpkp'),
      options: hpkpOptions
-    }, function (err) {
-      if (err) {
-        throw err;
-      }
    });
  }

@ -80,25 +73,25 @@ exports.create = function createServer() {
  server.route(routes);

  // hapi internal logging: server and request
-  server.on('log', function onServerLog(ev, tags) {
+  server.events.on('log', function onServerLog(ev, tags) {
    if (tags.error && tags.implementation) {
      hapiLogger.critical('error.uncaught', { tags: ev.tags, error: ev.data });
    }
  });

-  server.on('request', function onRequestLog(req, ev, tags) {
+  server.events.on('request', function onRequestLog(req, ev, tags) {
    if (tags.error && tags.implementation) {
      hapiLogger.critical('error.uncaught', { tags: ev.tags, error: ev.data });
    }
  });

-  server.ext('onPreResponse', function onPreResponse(request, next) {
+  server.ext('onPreResponse', function onPreResponse(request, h) {
    var response = request.response;
    if (response.isBoom) {
      response = AppError.translate(response);
    }
    summary(request, response);
-    next(response);
+    return response;
  });

  return server;
--- a/npm-shrinkwrap.json
+++ b/npm-shrinkwrap.json
@ -242,12 +242,27 @@
      "dev": true
    },
    "accept": {
-      "version": "2.1.4",
-      "resolved": "https://registry.npmjs.org/accept/-/accept-2.1.4.tgz",
-      "integrity": "sha1-iHr1TO7lx/RDBGGXHsQAxh0JrLs=",
+      "version": "3.0.2",
+      "resolved": "https://registry.npmjs.org/accept/-/accept-3.0.2.tgz",
+      "integrity": "sha512-bghLXFkCOsC1Y2TZ51etWfKDs6q249SAoHTZVfzWWdlZxoij+mgkj9AmUJWQpDY48TfnrTDIe43Xem4zdMe7mQ==",
      "requires": {
-        "boom": "5.x.x",
-        "hoek": "4.x.x"
+        "boom": "7.x.x",
+        "hoek": "5.x.x"
+      },
+      "dependencies": {
+        "boom": {
+          "version": "7.2.0",
+          "resolved": "https://registry.npmjs.org/boom/-/boom-7.2.0.tgz",
+          "integrity": "sha1-K/8kpVVldn/ehp7ICDF+sQxI6WY=",
+          "requires": {
+            "hoek": "5.x.x"
+          }
+        },
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        }
      }
    },
    "accept-language": {
@ -321,12 +336,18 @@
      "dev": true
    },
    "ammo": {
-      "version": "2.0.4",
-      "resolved": "https://registry.npmjs.org/ammo/-/ammo-2.0.4.tgz",
-      "integrity": "sha1-v4CqshFpjqePY+9efxE91dnokX8=",
+      "version": "3.0.1",
+      "resolved": "https://registry.npmjs.org/ammo/-/ammo-3.0.1.tgz",
+      "integrity": "sha512-4UqoM8xQjwkQ78oiU4NbBK0UgYqeKMAKmwE4ec7Rz3rGU8ZEBFxzgF2sUYKOAlqIXExBDYLN6y1ShF5yQ4hwLQ==",
      "requires": {
-        "boom": "5.x.x",
-        "hoek": "4.x.x"
+        "hoek": "5.x.x"
+      },
+      "dependencies": {
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        }
      }
    },
    "ansi-align": {
@ -549,9 +570,9 @@
      "integrity": "sha512-32NDda82rhwD9/JBCCkB+MRYDp0oSvlo2IL6rQWA10PQi7tDUM3eqMSltXmY+Oyl/7N3P3qNtAlv7X0d9bI28w=="
    },
    "b64": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/b64/-/b64-3.0.3.tgz",
-      "integrity": "sha512-Pbeh0i6OLubPJdIdCepn8ZQHwN2MWznZHbHABSTEfQ706ie+yuxNSaPdqX1xRatT6WanaS1EazMiSg0NUW2XxQ=="
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/b64/-/b64-4.0.0.tgz",
+      "integrity": "sha512-EhmUQodKB0sdzPPrbIWbGqA5cQeTWxYrAgNeeT1rLZWtD3tbNTnphz8J4vkXI3cPgBNlXBjzEbzDzq0Nwi4f9A=="
    },
    "balanced-match": {
      "version": "1.0.0",
@ -633,6 +654,11 @@
        "tweetnacl": "^0.14.3"
      }
    },
+    "big-time": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/big-time/-/big-time-2.0.1.tgz",
+      "integrity": "sha1-aMffjcMPl+lT8lpnp2rJcTwWyd4="
+    },
    "bignumber.js": {
      "version": "4.0.4",
      "resolved": "https://registry.npmjs.org/bignumber.js/-/bignumber.js-4.0.4.tgz",
@ -663,6 +689,30 @@
        "hoek": "4.x.x"
      }
    },
+    "bounce": {
+      "version": "1.2.0",
+      "resolved": "https://registry.npmjs.org/bounce/-/bounce-1.2.0.tgz",
+      "integrity": "sha512-8syCGe8B2/WC53118/F/tFy5aW00j+eaGPXmAUP7iBhxc+EBZZxS1vKelWyBCH6IqojgS2t1gF0glH30qAJKEw==",
+      "requires": {
+        "boom": "7.x.x",
+        "hoek": "5.x.x"
+      },
+      "dependencies": {
+        "boom": {
+          "version": "7.2.0",
+          "resolved": "https://registry.npmjs.org/boom/-/boom-7.2.0.tgz",
+          "integrity": "sha1-K/8kpVVldn/ehp7ICDF+sQxI6WY=",
+          "requires": {
+            "hoek": "5.x.x"
+          }
+        },
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        }
+      }
+    },
    "boxen": {
      "version": "1.3.0",
      "resolved": "https://registry.npmjs.org/boxen/-/boxen-1.3.0.tgz",
@ -818,12 +868,27 @@
      }
    },
    "call": {
-      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/call/-/call-4.0.2.tgz",
-      "integrity": "sha1-33b19R7o3Ui4VqyEAPfmnm1zmcQ=",
+      "version": "5.0.1",
+      "resolved": "https://registry.npmjs.org/call/-/call-5.0.1.tgz",
+      "integrity": "sha512-ollfFPSshiuYLp7AsrmpkQJ/PxCi6AzV81rCjBwWhyF2QGyUY/vPDMzoh4aUcWyucheRglG2LaS5qkIEfLRh6A==",
      "requires": {
-        "boom": "5.x.x",
-        "hoek": "4.x.x"
+        "boom": "7.x.x",
+        "hoek": "5.x.x"
+      },
+      "dependencies": {
+        "boom": {
+          "version": "7.2.0",
+          "resolved": "https://registry.npmjs.org/boom/-/boom-7.2.0.tgz",
+          "integrity": "sha1-K/8kpVVldn/ehp7ICDF+sQxI6WY=",
+          "requires": {
+            "hoek": "5.x.x"
+          }
+        },
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        }
      }
    },
    "caller-path": {
@ -876,21 +941,63 @@
      "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw="
    },
    "catbox": {
-      "version": "7.1.5",
-      "resolved": "https://registry.npmjs.org/catbox/-/catbox-7.1.5.tgz",
-      "integrity": "sha512-4fui5lELzqZ+9cnaAP/BcqXTH6LvWLBRtFhJ0I4FfgfXiSaZcf6k9m9dqOyChiTxNYtvLk7ZMYSf7ahMq3bf5A==",
+      "version": "10.0.3",
+      "resolved": "https://registry.npmjs.org/catbox/-/catbox-10.0.3.tgz",
+      "integrity": "sha512-qwus6RnVctHXYwfxvvDwvlMWHwCjQdIpQQbtyHnRF0JpwmxbQJ/UIZi9y8O6DpphKCdfO9gpxgb2ne9ZDx39BQ==",
      "requires": {
-        "boom": "5.x.x",
-        "hoek": "4.x.x",
-        "joi": "10.x.x"
+        "boom": "7.x.x",
+        "hoek": "5.x.x",
+        "joi": "13.x.x"
+      },
+      "dependencies": {
+        "boom": {
+          "version": "7.2.0",
+          "resolved": "https://registry.npmjs.org/boom/-/boom-7.2.0.tgz",
+          "integrity": "sha1-K/8kpVVldn/ehp7ICDF+sQxI6WY=",
+          "requires": {
+            "hoek": "5.x.x"
+          }
+        },
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        },
+        "joi": {
+          "version": "13.7.0",
+          "resolved": "https://registry.npmjs.org/joi/-/joi-13.7.0.tgz",
+          "integrity": "sha512-xuY5VkHfeOYK3Hdi91ulocfuFopwgbSORmIwzcwHKESQhC7w1kD5jaVSPnqDxS2I8t3RZ9omCKAxNwXN5zG1/Q==",
+          "requires": {
+            "hoek": "5.x.x",
+            "isemail": "3.x.x",
+            "topo": "3.x.x"
+          }
+        }
      }
    },
    "catbox-memory": {
-      "version": "2.0.4",
-      "resolved": "https://registry.npmjs.org/catbox-memory/-/catbox-memory-2.0.4.tgz",
-      "integrity": "sha1-Qz4lWQLK9UIz0ShkKcj03xToItU=",
+      "version": "3.1.2",
+      "resolved": "https://registry.npmjs.org/catbox-memory/-/catbox-memory-3.1.2.tgz",
+      "integrity": "sha512-lhWtutLVhsq3Mucxk2McxBPPibJ34WcHuWFz3xqub9u9Ve/IQYpZv3ijLhQXfQped9DXozURiaq9O3aZpP91eg==",
      "requires": {
-        "hoek": "4.x.x"
+        "big-time": "2.x.x",
+        "boom": "7.x.x",
+        "hoek": "5.x.x"
+      },
+      "dependencies": {
+        "boom": {
+          "version": "7.2.0",
+          "resolved": "https://registry.npmjs.org/boom/-/boom-7.2.0.tgz",
+          "integrity": "sha1-K/8kpVVldn/ehp7ICDF+sQxI6WY=",
+          "requires": {
+            "hoek": "5.x.x"
+          }
+        },
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        }
      }
    },
    "center-align": {
@ -1149,11 +1256,26 @@
      }
    },
    "content": {
-      "version": "3.0.7",
-      "resolved": "https://registry.npmjs.org/content/-/content-3.0.7.tgz",
-      "integrity": "sha512-LXtnSnvE+Z1Cjpa3P9gh9kb396qV4MqpfwKy777BOSF8n6nw2vAi03tHNl0/XRqZUyzVzY/+nMXOZVnEapWzdg==",
+      "version": "4.0.5",
+      "resolved": "https://registry.npmjs.org/content/-/content-4.0.5.tgz",
+      "integrity": "sha512-wDP6CTWDpwCf791fNxlCCkZGRkrNzSEU/8ju9Hnr3Uc5mF/gFR5W+fcoGm6zUSlVPdSXYn5pCbySADKj7YM4Cg==",
      "requires": {
-        "boom": "5.x.x"
+        "boom": "7.x.x"
+      },
+      "dependencies": {
+        "boom": {
+          "version": "7.2.0",
+          "resolved": "https://registry.npmjs.org/boom/-/boom-7.2.0.tgz",
+          "integrity": "sha1-K/8kpVVldn/ehp7ICDF+sQxI6WY=",
+          "requires": {
+            "hoek": "5.x.x"
+          }
+        },
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        }
      }
    },
    "conventional-changelog": {
@ -3843,68 +3965,75 @@
      }
    },
    "hapi": {
-      "version": "16.6.3",
-      "resolved": "https://registry.npmjs.org/hapi/-/hapi-16.6.3.tgz",
-      "integrity": "sha512-Fe1EtSlRWdez9c1sLDrHZYxpsp3IddwtUWp7y65TCBW5CMcBP98X4WnoBJZTGsDZnk/FDkRyEMhUVsC9qysDPg==",
+      "version": "17.6.0",
+      "resolved": "https://registry.npmjs.org/hapi/-/hapi-17.6.0.tgz",
+      "integrity": "sha512-GSHjE1hJExluAukrT/QuYSk96irmbYBDd3wOgywiHsPoR2QeKgDnIttD+dB6NbADEmSdb9MS5gTUIVq0uHTdkA==",
      "requires": {
-        "accept": "^2.1.4",
-        "ammo": "^2.0.4",
-        "boom": "^5.2.0",
-        "call": "^4.0.2",
-        "catbox": "^7.1.5",
-        "catbox-memory": "^2.0.4",
-        "cryptiles": "^3.1.2",
-        "heavy": "^4.0.4",
-        "hoek": "^4.2.0",
-        "iron": "^4.0.5",
-        "items": "^2.1.1",
-        "joi": "^11.1.0",
-        "mimos": "^3.0.3",
-        "podium": "^1.3.0",
-        "shot": "^3.4.2",
-        "statehood": "^5.0.3",
-        "subtext": "^5.0.0",
-        "topo": "^2.0.2"
+        "accept": "3.x.x",
+        "ammo": "3.x.x",
+        "boom": "7.x.x",
+        "bounce": "1.x.x",
+        "call": "5.x.x",
+        "catbox": "10.x.x",
+        "catbox-memory": "3.x.x",
+        "heavy": "6.x.x",
+        "hoek": "5.x.x",
+        "joi": "13.x.x",
+        "mimos": "4.x.x",
+        "podium": "3.x.x",
+        "shot": "4.x.x",
+        "statehood": "6.x.x",
+        "subtext": "6.x.x",
+        "teamwork": "3.x.x",
+        "topo": "3.x.x"
      },
      "dependencies": {
-        "isemail": {
-          "version": "3.1.3",
-          "resolved": "https://registry.npmjs.org/isemail/-/isemail-3.1.3.tgz",
-          "integrity": "sha512-5xbsG5wYADIcB+mfLsd+nst1V/D+I7EU7LEZPo2GOIMu4JzfcRs5yQoypP4avA7QtUqgxYLKBYNv4IdzBmbhdw==",
+        "boom": {
+          "version": "7.2.0",
+          "resolved": "https://registry.npmjs.org/boom/-/boom-7.2.0.tgz",
+          "integrity": "sha1-K/8kpVVldn/ehp7ICDF+sQxI6WY=",
          "requires": {
-            "punycode": "2.x.x"
+            "hoek": "5.x.x"
          }
        },
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        },
        "joi": {
-          "version": "11.4.0",
-          "resolved": "https://registry.npmjs.org/joi/-/joi-11.4.0.tgz",
-          "integrity": "sha512-O7Uw+w/zEWgbL6OcHbyACKSj0PkQeUgmehdoXVSxt92QFCq4+1390Rwh5moI2K/OgC7D8RHRZqHZxT2husMJHA==",
+          "version": "13.7.0",
+          "resolved": "https://registry.npmjs.org/joi/-/joi-13.7.0.tgz",
+          "integrity": "sha512-xuY5VkHfeOYK3Hdi91ulocfuFopwgbSORmIwzcwHKESQhC7w1kD5jaVSPnqDxS2I8t3RZ9omCKAxNwXN5zG1/Q==",
          "requires": {
-            "hoek": "4.x.x",
+            "hoek": "5.x.x",
            "isemail": "3.x.x",
-            "topo": "2.x.x"
+            "topo": "3.x.x"
          }
        }
      }
    },
    "hapi-hpkp": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/hapi-hpkp/-/hapi-hpkp-1.0.0.tgz",
-      "integrity": "sha1-txskDnOv/ZHFzT52cYr6DmlBwAM=",
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/hapi-hpkp/-/hapi-hpkp-2.0.0.tgz",
+      "integrity": "sha512-Kko4pgRWp3Q5VAZySU7IOYv1RJ3s8BXtmYtV44BaWINWQgt5vsDuKiKIZBzO2X8hphCkGw0tdkZFu1yrhIUscg==",
      "requires": {
-        "joi": "9.0.4"
+        "joi": "13.3.0"
      },
      "dependencies": {
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        },
        "joi": {
-          "version": "9.0.4",
-          "resolved": "https://registry.npmjs.org/joi/-/joi-9.0.4.tgz",
-          "integrity": "sha1-iNZIkJFavrEnzXVwJxFtUN8+aN8=",
+          "version": "13.3.0",
+          "resolved": "https://registry.npmjs.org/joi/-/joi-13.3.0.tgz",
+          "integrity": "sha512-iF6jEYVfBIoYXztYymia1JfuoVbxBNuOcwdbsdoGin9/jjhBLhonKmfTQOvePss8r8v4tU4JOcNmYPHZzKEFag==",
          "requires": {
-            "hoek": "4.x.x",
-            "isemail": "2.x.x",
-            "items": "2.x.x",
-            "moment": "2.x.x",
-            "topo": "2.x.x"
+            "hoek": "5.x.x",
+            "isemail": "3.x.x",
+            "topo": "3.x.x"
          }
        }
      }
@ -3997,13 +4126,38 @@
      "dev": true
    },
    "heavy": {
-      "version": "4.0.4",
-      "resolved": "https://registry.npmjs.org/heavy/-/heavy-4.0.4.tgz",
-      "integrity": "sha1-NskTNsAMz+hSyqTRUwhjNc0vAOk=",
+      "version": "6.1.0",
+      "resolved": "https://registry.npmjs.org/heavy/-/heavy-6.1.0.tgz",
+      "integrity": "sha512-TKS9DC9NOTGulHQI31Lx+bmeWmNOstbJbGMiN3pX6bF+Zc2GKSpbbym4oasNnB6yPGkqJ9TQXXYDGohqNSJRxA==",
      "requires": {
-        "boom": "5.x.x",
-        "hoek": "4.x.x",
-        "joi": "10.x.x"
+        "boom": "7.x.x",
+        "hoek": "5.x.x",
+        "joi": "13.x.x"
+      },
+      "dependencies": {
+        "boom": {
+          "version": "7.2.0",
+          "resolved": "https://registry.npmjs.org/boom/-/boom-7.2.0.tgz",
+          "integrity": "sha1-K/8kpVVldn/ehp7ICDF+sQxI6WY=",
+          "requires": {
+            "hoek": "5.x.x"
+          }
+        },
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        },
+        "joi": {
+          "version": "13.7.0",
+          "resolved": "https://registry.npmjs.org/joi/-/joi-13.7.0.tgz",
+          "integrity": "sha512-xuY5VkHfeOYK3Hdi91ulocfuFopwgbSORmIwzcwHKESQhC7w1kD5jaVSPnqDxS2I8t3RZ9omCKAxNwXN5zG1/Q==",
+          "requires": {
+            "hoek": "5.x.x",
+            "isemail": "3.x.x",
+            "topo": "3.x.x"
+          }
+        }
      }
    },
    "hoek": {
@ -4157,13 +4311,36 @@
      }
    },
    "iron": {
-      "version": "4.0.5",
-      "resolved": "https://registry.npmjs.org/iron/-/iron-4.0.5.tgz",
-      "integrity": "sha1-TwQszri5c480a1mqc0yDqJvDFCg=",
+      "version": "5.0.4",
+      "resolved": "https://registry.npmjs.org/iron/-/iron-5.0.4.tgz",
+      "integrity": "sha512-7iQ5/xFMIYaNt9g2oiNiWdhrOTdRUMFaWENUd0KghxwPUhrIH8DUY8FEyLNTTzf75jaII+jMexLdY/2HfV61RQ==",
      "requires": {
-        "boom": "5.x.x",
-        "cryptiles": "3.x.x",
-        "hoek": "4.x.x"
+        "boom": "7.x.x",
+        "cryptiles": "4.x.x",
+        "hoek": "5.x.x"
+      },
+      "dependencies": {
+        "boom": {
+          "version": "7.2.0",
+          "resolved": "https://registry.npmjs.org/boom/-/boom-7.2.0.tgz",
+          "integrity": "sha1-K/8kpVVldn/ehp7ICDF+sQxI6WY=",
+          "requires": {
+            "hoek": "5.x.x"
+          }
+        },
+        "cryptiles": {
+          "version": "4.1.2",
+          "resolved": "https://registry.npmjs.org/cryptiles/-/cryptiles-4.1.2.tgz",
+          "integrity": "sha512-U2ALcoAHvA1oO2xOreyHvtkQ+IELqDG2WVWRI1GH/XEmmfGIOalnM5MU5Dd2ITyWfr3m6kNqXiy8XuYyd4wKJw==",
+          "requires": {
+            "boom": "7.x.x"
+          }
+        },
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        }
      }
    },
    "irregular-plurals": {
@ -4450,9 +4627,12 @@
      "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE="
    },
    "isemail": {
-      "version": "2.2.1",
-      "resolved": "https://registry.npmjs.org/isemail/-/isemail-2.2.1.tgz",
-      "integrity": "sha1-A1PT2aYpUQgMJiwqoKQrjqjp4qY="
+      "version": "3.1.4",
+      "resolved": "https://registry.npmjs.org/isemail/-/isemail-3.1.4.tgz",
+      "integrity": "sha512-yE/W5osEWuAGSLVixV9pAexhkbZzglmuhO2CxdHu7IBh7uzuZogQ4bk0lE26HoZ6HD4ZYfKRKilkNuCnuJIBJw==",
+      "requires": {
+        "punycode": "2.x.x"
+      }
    },
    "isexe": {
      "version": "2.0.0",
@ -4492,20 +4672,21 @@
        "semver": "^5.5.0"
      }
    },
-    "items": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/items/-/items-2.1.1.tgz",
-      "integrity": "sha1-i9FtnIOxlSneWuoyGsqtp4NkoZg="
-    },
    "joi": {
-      "version": "10.6.0",
-      "resolved": "https://registry.npmjs.org/joi/-/joi-10.6.0.tgz",
-      "integrity": "sha512-hBF3LcqyAid+9X/pwg+eXjD2QBZI5eXnBFJYaAkH4SK3mp9QSRiiQnDYlmlz5pccMvnLcJRS4whhDOTCkmsAdQ==",
+      "version": "14.0.0",
+      "resolved": "https://registry.npmjs.org/joi/-/joi-14.0.0.tgz",
+      "integrity": "sha512-jEu+bPFcsgdPr85hVyjb5D5grxLEZniT6AB1vjewrRDbuYxe2r5quyxs3E32dF8fCXcaJnlRSy4jehSpDuNMNg==",
      "requires": {
-        "hoek": "4.x.x",
-        "isemail": "2.x.x",
-        "items": "2.x.x",
-        "topo": "2.x.x"
+        "hoek": "5.x.x",
+        "isemail": "3.x.x",
+        "topo": "3.x.x"
+      },
+      "dependencies": {
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        }
      }
    },
    "js-tokens": {
@ -5005,12 +5186,19 @@
      }
    },
    "mimos": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/mimos/-/mimos-3.0.3.tgz",
-      "integrity": "sha1-uRCQcq03jCty9qAQHEPd+ys2ZB8=",
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/mimos/-/mimos-4.0.0.tgz",
+      "integrity": "sha512-JvlvRLqGIlk+AYypWrbrDmhsM+6JVx/xBM5S3AMwTBz1trPCEoPN/swO2L4Wu653fL7oJdgk8DMQyG/Gq3JkZg==",
      "requires": {
-        "hoek": "4.x.x",
+        "hoek": "5.x.x",
        "mime-db": "1.x.x"
+      },
+      "dependencies": {
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        }
      }
    },
    "minimalistic-assert": {
@ -5265,12 +5453,19 @@
      "dev": true
    },
    "nigel": {
-      "version": "2.0.2",
-      "resolved": "https://registry.npmjs.org/nigel/-/nigel-2.0.2.tgz",
-      "integrity": "sha1-k6GGb7DFLYc5CqdeKxYfS1x15bE=",
+      "version": "3.0.1",
+      "resolved": "https://registry.npmjs.org/nigel/-/nigel-3.0.1.tgz",
+      "integrity": "sha512-kCVtUG9JyD//tsYrZY+/Y+2gUrANVSba8y23QkM5Znx0FOxlnl9Z4OVPBODmstKWTOvigfTO+Va1VPOu3eWSOQ==",
      "requires": {
-        "hoek": "4.x.x",
-        "vise": "2.x.x"
+        "hoek": "5.x.x",
+        "vise": "3.x.x"
+      },
+      "dependencies": {
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        }
      }
    },
    "nise": {
@ -6809,15 +7004,30 @@
      "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns="
    },
    "pez": {
-      "version": "2.1.5",
-      "resolved": "https://registry.npmjs.org/pez/-/pez-2.1.5.tgz",
-      "integrity": "sha1-XsLMYlAMw+tCNtSkFM9aF7XrUAc=",
+      "version": "4.0.2",
+      "resolved": "https://registry.npmjs.org/pez/-/pez-4.0.2.tgz",
+      "integrity": "sha512-HuPxmGxHsEFPWhdkwBs2gIrHhFqktIxMtudISTFN95RQ85ZZAOl8Ki6u3nnN/X8OUaGlIGldk/l8p2IR4/i76w==",
      "requires": {
-        "b64": "3.x.x",
-        "boom": "5.x.x",
-        "content": "3.x.x",
-        "hoek": "4.x.x",
-        "nigel": "2.x.x"
+        "b64": "4.x.x",
+        "boom": "7.x.x",
+        "content": "4.x.x",
+        "hoek": "5.x.x",
+        "nigel": "3.x.x"
+      },
+      "dependencies": {
+        "boom": {
+          "version": "7.2.0",
+          "resolved": "https://registry.npmjs.org/boom/-/boom-7.2.0.tgz",
+          "integrity": "sha1-K/8kpVVldn/ehp7ICDF+sQxI6WY=",
+          "requires": {
+            "hoek": "5.x.x"
+          }
+        },
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        }
      }
    },
    "pify": {
@ -6866,13 +7076,29 @@
      "dev": true
    },
    "podium": {
-      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/podium/-/podium-1.3.0.tgz",
-      "integrity": "sha512-ZIujqk1pv8bRZNVxwwwq0BhXilZ2udycQT3Kp8ah3f3TcTmVg7ILJsv/oLf47gRa2qeiP584lNq+pfvS9U3aow==",
+      "version": "3.1.2",
+      "resolved": "https://registry.npmjs.org/podium/-/podium-3.1.2.tgz",
+      "integrity": "sha512-18VrjJAduIdPv7d9zWsfmKxTj3cQTYC5Pv5gtKxcWujYBpGbV+mhNSPYhlHW5xeWoazYyKfB9FEsPT12r5rY1A==",
      "requires": {
-        "hoek": "4.x.x",
-        "items": "2.x.x",
-        "joi": "10.x.x"
+        "hoek": "5.x.x",
+        "joi": "13.x.x"
+      },
+      "dependencies": {
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        },
+        "joi": {
+          "version": "13.7.0",
+          "resolved": "https://registry.npmjs.org/joi/-/joi-13.7.0.tgz",
+          "integrity": "sha512-xuY5VkHfeOYK3Hdi91ulocfuFopwgbSORmIwzcwHKESQhC7w1kD5jaVSPnqDxS2I8t3RZ9omCKAxNwXN5zG1/Q==",
+          "requires": {
+            "hoek": "5.x.x",
+            "isemail": "3.x.x",
+            "topo": "3.x.x"
+          }
+        }
      }
    },
    "posix-character-classes": {
@ -7384,12 +7610,29 @@
      "dev": true
    },
    "shot": {
-      "version": "3.4.2",
-      "resolved": "https://registry.npmjs.org/shot/-/shot-3.4.2.tgz",
-      "integrity": "sha1-Hlw/bysmZJrcQvfrNQIUpaApHWc=",
+      "version": "4.0.5",
+      "resolved": "https://registry.npmjs.org/shot/-/shot-4.0.5.tgz",
+      "integrity": "sha1-x+dFXRHWD2ts08Q+FaO0McF+VWY=",
      "requires": {
-        "hoek": "4.x.x",
-        "joi": "10.x.x"
+        "hoek": "5.x.x",
+        "joi": "13.x.x"
+      },
+      "dependencies": {
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        },
+        "joi": {
+          "version": "13.7.0",
+          "resolved": "https://registry.npmjs.org/joi/-/joi-13.7.0.tgz",
+          "integrity": "sha512-xuY5VkHfeOYK3Hdi91ulocfuFopwgbSORmIwzcwHKESQhC7w1kD5jaVSPnqDxS2I8t3RZ9omCKAxNwXN5zG1/Q==",
+          "requires": {
+            "hoek": "5.x.x",
+            "isemail": "3.x.x",
+            "topo": "3.x.x"
+          }
+        }
      }
    },
    "signal-exit": {
@ -7674,16 +7917,49 @@
      "integrity": "sha1-VHxws0fo0ytOEI6hoqFZ5f3eGcA="
    },
    "statehood": {
-      "version": "5.0.3",
-      "resolved": "https://registry.npmjs.org/statehood/-/statehood-5.0.3.tgz",
-      "integrity": "sha512-YrPrCt10t3ImH/JMO5szSwX7sCm8HoqVl3VFLOa9EZ1g/qJx/ZmMhN+2uzPPB/vaU6hpkJpXxcBWsgIkkG+MXA==",
+      "version": "6.0.6",
+      "resolved": "https://registry.npmjs.org/statehood/-/statehood-6.0.6.tgz",
+      "integrity": "sha512-jR45n5ZMAkasw0xoE9j9TuLmJv4Sa3AkXe+6yIFT6a07kXYHgSbuD2OVGECdZGFxTmvNqLwL1iRIgvq6O6rq+A==",
      "requires": {
-        "boom": "5.x.x",
-        "cryptiles": "3.x.x",
-        "hoek": "4.x.x",
-        "iron": "4.x.x",
-        "items": "2.x.x",
-        "joi": "10.x.x"
+        "boom": "7.x.x",
+        "bounce": "1.x.x",
+        "cryptiles": "4.x.x",
+        "hoek": "5.x.x",
+        "iron": "5.x.x",
+        "joi": "13.x.x"
+      },
+      "dependencies": {
+        "boom": {
+          "version": "7.2.0",
+          "resolved": "https://registry.npmjs.org/boom/-/boom-7.2.0.tgz",
+          "integrity": "sha1-K/8kpVVldn/ehp7ICDF+sQxI6WY=",
+          "requires": {
+            "hoek": "5.x.x"
+          }
+        },
+        "cryptiles": {
+          "version": "4.1.2",
+          "resolved": "https://registry.npmjs.org/cryptiles/-/cryptiles-4.1.2.tgz",
+          "integrity": "sha512-U2ALcoAHvA1oO2xOreyHvtkQ+IELqDG2WVWRI1GH/XEmmfGIOalnM5MU5Dd2ITyWfr3m6kNqXiy8XuYyd4wKJw==",
+          "requires": {
+            "boom": "7.x.x"
+          }
+        },
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        },
+        "joi": {
+          "version": "13.7.0",
+          "resolved": "https://registry.npmjs.org/joi/-/joi-13.7.0.tgz",
+          "integrity": "sha512-xuY5VkHfeOYK3Hdi91ulocfuFopwgbSORmIwzcwHKESQhC7w1kD5jaVSPnqDxS2I8t3RZ9omCKAxNwXN5zG1/Q==",
+          "requires": {
+            "hoek": "5.x.x",
+            "isemail": "3.x.x",
+            "topo": "3.x.x"
+          }
+        }
      }
    },
    "static-extend": {
@ -7784,15 +8060,30 @@
      "dev": true
    },
    "subtext": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/subtext/-/subtext-5.0.0.tgz",
-      "integrity": "sha512-2nXG1G1V+K64Z20cQII7k0s38J2DSycMXBLMAk9RXUFG0uAkAbLSVoa88croX9VhTdBCJbLAe9g6LmzKwpJhhQ==",
+      "version": "6.0.7",
+      "resolved": "https://registry.npmjs.org/subtext/-/subtext-6.0.7.tgz",
+      "integrity": "sha512-IcJUvRjeR+NB437Iq+LORFNJW4L6Knqkj3oQrBrkdhIaS2VKJvx/9aYEq7vi+PEx5/OuehOL/40SkSZotLi/MA==",
      "requires": {
-        "boom": "5.x.x",
-        "content": "3.x.x",
-        "hoek": "4.x.x",
-        "pez": "2.x.x",
-        "wreck": "12.x.x"
+        "boom": "7.x.x",
+        "content": "4.x.x",
+        "hoek": "5.x.x",
+        "pez": "4.x.x",
+        "wreck": "14.x.x"
+      },
+      "dependencies": {
+        "boom": {
+          "version": "7.2.0",
+          "resolved": "https://registry.npmjs.org/boom/-/boom-7.2.0.tgz",
+          "integrity": "sha1-K/8kpVVldn/ehp7ICDF+sQxI6WY=",
+          "requires": {
+            "hoek": "5.x.x"
+          }
+        },
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        }
      }
    },
    "supports-color": {
@ -7862,6 +8153,11 @@
        }
      }
    },
+    "teamwork": {
+      "version": "3.0.1",
+      "resolved": "https://registry.npmjs.org/teamwork/-/teamwork-3.0.1.tgz",
+      "integrity": "sha512-hEkJIpDOfOYe9NYaLFk00zQbzZeKNCY8T2pRH3I13Y1mJwxaSQ6NEsjY5rCp+11ezCiZpWGoGFTbOuhg4qKevQ=="
+    },
    "term-size": {
      "version": "1.2.0",
      "resolved": "https://registry.npmjs.org/term-size/-/term-size-1.2.0.tgz",
@ -7968,11 +8264,18 @@
      }
    },
    "topo": {
-      "version": "2.0.2",
-      "resolved": "https://registry.npmjs.org/topo/-/topo-2.0.2.tgz",
-      "integrity": "sha1-zVYVdSU5BXwNwEkaYhw7xvvh0YI=",
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/topo/-/topo-3.0.0.tgz",
+      "integrity": "sha512-Tlu1fGlR90iCdIPURqPiufqAlCZYzLjHYVVbcFWDMcX7+tK8hdZWAfsMrD/pBul9jqHHwFjNdf1WaxA9vTRRhw==",
      "requires": {
-        "hoek": "4.x.x"
+        "hoek": "5.x.x"
+      },
+      "dependencies": {
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        }
      }
    },
    "touch": {
@ -8340,11 +8643,18 @@
      }
    },
    "vise": {
-      "version": "2.0.2",
-      "resolved": "https://registry.npmjs.org/vise/-/vise-2.0.2.tgz",
-      "integrity": "sha1-awjo+0y3bjpQzW3Q7DczjoEaDTk=",
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/vise/-/vise-3.0.0.tgz",
+      "integrity": "sha512-kBFZLmiL1Vm3rHXphkhvvAcsjgeQXRrOFCbJb0I50YZZP4HGRNH+xGzK3matIMcpbsfr3I02u9odj4oCD0TWgA==",
      "requires": {
-        "hoek": "4.x.x"
+        "hoek": "5.x.x"
+      },
+      "dependencies": {
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        }
      }
    },
    "which": {
@ -8417,12 +8727,27 @@
      "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8="
    },
    "wreck": {
-      "version": "12.5.1",
-      "resolved": "https://registry.npmjs.org/wreck/-/wreck-12.5.1.tgz",
-      "integrity": "sha512-l5DUGrc+yDyIflpty1x9XuMj1ehVjC/dTbF3/BasOO77xk0EdEa4M/DuOY8W88MQDAD0fEDqyjc8bkIMHd2E9A==",
+      "version": "14.1.0",
+      "resolved": "https://registry.npmjs.org/wreck/-/wreck-14.1.0.tgz",
+      "integrity": "sha512-y/iwFhwdGoM8Hk1t1I4LbuLhM3curVD8STd5NcFI0c/4b4cQAMLcnCRxXX9sLQAggDC8dXYSaQNsT64hga6lvA==",
      "requires": {
-        "boom": "5.x.x",
-        "hoek": "4.x.x"
+        "boom": "7.x.x",
+        "hoek": "5.x.x"
+      },
+      "dependencies": {
+        "boom": {
+          "version": "7.2.0",
+          "resolved": "https://registry.npmjs.org/boom/-/boom-7.2.0.tgz",
+          "integrity": "sha1-K/8kpVVldn/ehp7ICDF+sQxI6WY=",
+          "requires": {
+            "hoek": "5.x.x"
+          }
+        },
+        "hoek": {
+          "version": "5.0.4",
+          "resolved": "https://registry.npmjs.org/hoek/-/hoek-5.0.4.tgz",
+          "integrity": "sha512-Alr4ZQgoMlnere5FZJsIyfIjORBqZll5POhDsF4q64dPuJR6rNxXdDxtHSQq8OXRurhmx+PWYEE8bXRROY8h0w=="
+        }
      }
    },
    "write": {
--- a/package.json
+++ b/package.json
@ -31,9 +31,9 @@
    "fxa-jwtool": "0.7.2",
    "fxa-notifier-aws": "1.0.0",
    "fxa-shared": "1.0.13",
-    "hapi": "16.6.3",
-    "hapi-hpkp": "1.0.0",
-    "joi": "10.6.0",
+    "hapi": "17.6.0",
+    "hapi-hpkp": "2.0.0",
+    "joi": "14.0.0",
    "keypair": "1.0.1",
    "mozlog": "2.2.0",
    "mysql": "2.15.0",
--- a/test/auth_bearer.js
+++ b/test/auth_bearer.js
@ -57,7 +57,7 @@ describe('authBearer', function() {
        throw err;
      };

-      mockReply.continue = function (result) {
+      mockReply.authenticated = function (result) {
        assert.equal(result.credentials.user, 'bar');
        done();
      };
@ -65,17 +65,15 @@ describe('authBearer', function() {
      authBearer.strategy().authenticate(mockRequest, mockReply);
    });

-    it('errors if no Bearer in request', function(done) {
-      authBearer.strategy().authenticate({
+    it('errors if no Bearer in request', function() {
+      return authBearer.strategy().authenticate({
        headers: {}
-      }, function (err, result) {
-        assert.equal(result, null);
+      }).then(assert.fail, (err) => {
        assert.equal(err.output.payload.detail, 'Bearer token not provided');
-        done();
      });
    });

-    it('errors if invalid token', function(done) {
+    it('errors if invalid token', function() {
      sandbox.restore();
      sandbox = sinon.sandbox.create();

@ -84,23 +82,19 @@ describe('authBearer', function() {
      });

      authBearer = proxyquire(modulePath, dependencies);
-      authBearer.strategy().authenticate(mockRequest, function (err, result) {
+      return authBearer.strategy().authenticate(mockRequest).then(assert.fail, (err) => {
        assert.equal(err.output.payload.detail, 'Bearer token invalid');
-        assert.equal(result, null);
-        done();
      });
    });

-    it('errors if illegal token', function(done) {
+    it('errors if illegal token', function() {
      authBearer = proxyquire(modulePath, dependencies);
      authBearer.strategy().authenticate({
        headers: {
          authorization: 'Bearer foo'
        }
-      }, function (err, result) {
+      }).then(assert.fail, (err) => {
        assert.equal(err.output.payload.detail, 'Illegal Bearer token');
-        assert.equal(result, null);
-        done();
      });
    });

--- a/test/db/mysql.js
+++ b/test/db/mysql.js
@ -34,7 +34,7 @@ describe('db/mysql:', function() {
  var sandbox, mysql;

  beforeEach(function() {
-    sandbox = sinon.sandbox.create();
+    sandbox = sinon.createSandbox();

    sandbox.stub(dependencies['../../config'], 'get').callsFake(function() {
      return 'mock config.get result';
--- a/test/hpkp.js
+++ b/test/hpkp.js
@ -18,7 +18,6 @@ describe('HPKP', function () {
  // the timeout needs to be upped
  this.timeout(5000);

-  var Server;
  var requestOptions = {
    method: 'GET',
    url: '/'
@ -35,8 +34,9 @@ describe('HPKP', function () {

    it('should set report header', function (done) {
      process.env.HPKP_REPORT_ONLY = false;
-      Server = require('../lib/server').create();
-      Server.inject(requestOptions).then(function (res) {
+      require('../lib/server').create().then((Server) => {
+        return Server.inject(requestOptions);
+      }).then(function (res) {
        assert.equal(res.statusCode, 200);
        assert.equal(res.headers['public-key-pins'], 'pin-sha256="orlando="; pin-sha256="magic="; max-age=1; includeSubdomains');
        done();
@ -45,8 +45,9 @@ describe('HPKP', function () {

    it('should set report-only header', function (done) {
      process.env.HPKP_REPORT_ONLY = true;
-      Server = require('../lib/server').create();
-      Server.inject(requestOptions).then(function (res) {
+      require('../lib/server').create().then((Server) => {
+        return Server.inject(requestOptions);
+      }).then(function (res) {
        assert.equal(res.statusCode, 200);
        assert.equal(res.headers['public-key-pins-report-only'], 'pin-sha256="orlando="; pin-sha256="magic="; max-age=1; includeSubdomains');
        done();
@ -59,8 +60,9 @@ describe('HPKP', function () {
      process.env.HPKP_ENABLE = false;

      clearRequireCache();
-      Server = require('../lib/server').create();
-      Server.inject(requestOptions).then(function (res) {
+      require('../lib/server').create().then((Server) => {
+        return Server.inject(requestOptions);
+      }).then(function (res) {
        assert.equal(res.statusCode, 200);
        assert.equal(res.headers['public-key-pins'], undefined);
        assert.equal(res.headers['public-key-pins-report-only'], undefined);
--- a/test/lib/server.js
+++ b/test/lib/server.js
@ -7,12 +7,14 @@ const Server = require('../../lib/server');
 const Internal = require('../../lib/server/internal');
 const version = require('../../lib/config').get('api.version');

-function wrapServer(server) {
+function wrapServer(serverPromise) {
  var wrap = {};
  function request(options) {
-    var deferred = P.defer();
-    server.inject(options, deferred.resolve.bind(deferred));
-    return deferred.promise;
+    return new P(resolve => {
+      return serverPromise.then((s) => {
+        return s.inject(options);
+      }).then(resolve);
+    });
  }

  function opts(options) {