fix(serve): remove checking user credential logistic and only generate token

- change "/auth" to "/auth/token" and rename "authIdentity" method to "getTokenInfo".
- remove checking user credential logistic in "getTokenInfo" method.
- update all related test cases

Author: kokokuo

packages/integration-testing/src/example1/example1-2.spec.ts

@@ -31,15 +31,15 @@ afterEach(async () => {
   await server.close();
 });
 
-it('Example1-2: authenticate user identity by /auth API', async () => {
+it('Example1-2: authenticate user identity by /auth/token API', async () => {
   const builder = new VulcanBuilder(projectConfig);
   await builder.build();
   server = new VulcanServer(projectConfig);
   const httpServer = (await server.start())['http'];
 
   const agent = supertest(httpServer);
   const result = await agent.get(
-    '/auth?type=basic&username=user1&password=test1'
+    '/auth/token?type=basic&username=user1&password=test1'
   );
   expect(result.body).toEqual({
     token: 'dXNlcjE6dGVzdDE=',

packages/serve/src/lib/auth/httpBasicAuthenticator.ts

@@ -87,18 +87,12 @@ export class BasicAuthenticator extends BaseAuthenticator<BasicOptions> {
     }
   }
 
-  public async authIdentity(ctx: KoaContext) {
+  public async getTokenInfo(ctx: KoaContext) {
     const username = ctx.request.query['username'] as string;
     const password = ctx.request.query['password'] as string;
     if (!username || !password)
       throw new Error('please provide "username" and "password".');
 
-    if (
-      !(username in this.usersCredentials) ||
-      !(md5(password) === this.usersCredentials[username].md5Password)
-    )
-      throw new Error('authenticate user identity failed.');
-
     const token = Buffer.from(`${username}:${password}`).toString('base64');
 
     return {

packages/serve/src/lib/auth/passwordFileAuthenticator.ts

@@ -66,21 +66,12 @@ export class PasswordFileAuthenticator extends BaseAuthenticator<PasswordFileOpt
     }
   }
 
-  public async authIdentity(ctx: KoaContext) {
+  public async getTokenInfo(ctx: KoaContext) {
     const username = ctx.request.query['username'] as string;
     const password = ctx.request.query['password'] as string;
     if (!username || !password)
       throw new Error('please provide "username" and "password".');
 
-    if (
-      !(username in this.usersCredentials) ||
-      !bcrypt.compareSync(
-        password,
-        this.usersCredentials[username].bcryptPassword
-      )
-    )
-      throw new Error(`authenticate user identity failed.`);
-
     const token = Buffer.from(`${username}:${password}`).toString('base64');
 
     return {

packages/serve/src/lib/auth/simpleTokenAuthenticator.ts

@@ -43,13 +43,10 @@ export class SimpleTokenAuthenticator extends BaseAuthenticator<SimpleTokenOptio
     }
   }
 
-  public async authIdentity(ctx: KoaContext) {
+  public async getTokenInfo(ctx: KoaContext) {
     const token = ctx.request.query['token'] as string;
     if (!token) throw new Error('please provide "token".');
 
-    if (!(token in this.usersCredentials))
-      throw new Error(`authenticate user identity failed.`);
-
     return {
       token: token,
     };

packages/serve/src/lib/middleware/auth/authCredentialMiddleware.ts

@@ -58,7 +58,7 @@ export class AuthCredentialMiddleware extends BuiltInMiddleware<AuthOptions> {
     const options = this.getOptions() as AuthOptions;
 
     // The /auth endpoint not need contains "Authorization" in header and auth credentials
-    if (context.path === '/auth') return;
+    if (context.path === '/auth/token') return;
 
     // pass current context to auth token for users
     for (const name of Object.keys(this.authenticators)) {

packages/serve/src/lib/middleware/auth/authRouteMiddleware.ts

@@ -74,7 +74,7 @@ export class AuthRouteMiddleware extends BuiltInMiddleware<AuthOptions> {
   }
 
   private setAuthRoute() {
-    this.router.get(`/auth`, async (context: KoaContext, next) => {
+    this.router.get(`/auth/token`, async (context: KoaContext, next) => {
       await next();
       // not found type query string
       if (!('type' in context.request.query)) {
@@ -100,7 +100,7 @@ export class AuthRouteMiddleware extends BuiltInMiddleware<AuthOptions> {
       }
       // type does not support
       try {
-        const result = await this.authenticators[type].authIdentity(context);
+        const result = await this.authenticators[type].getTokenInfo(context);
         context.body = result;
       } catch (err) {
         context.status = 400;

packages/serve/src/models/extensions/authenticator.ts

@@ -30,8 +30,8 @@ export interface AuthResult {
 }
 
 export interface IAuthenticator {
-  /** authenticate identity for getting token or redirect url according to auth type */
-  authIdentity(context: KoaContext): Promise<any>;
+  /** get token related information */
+  getTokenInfo(context: KoaContext): Promise<any>;
   /** auth credential (e.g: token) to get user info  */
   authCredential(context: KoaContext): Promise<AuthResult>;
 }
@@ -41,7 +41,7 @@ export abstract class BaseAuthenticator<AuthTypeOption>
   extends ExtensionBase
   implements IAuthenticator
 {
-  public abstract authIdentity(
+  public abstract getTokenInfo(
     context: KoaContext
   ): Promise<Record<string, any>>;
   public abstract authCredential(context: KoaContext): Promise<AuthResult>;

packages/serve/test/auth/basicAuthenticator.spec.ts

@@ -21,13 +21,13 @@ const authCredential = async (
   return await authenticator.authCredential(ctx);
 };
 
-const authIdentity = async (
+const getTokenInfo = async (
   ctx: KoaContext,
   options: any
 ): Promise<Record<string, any>> => {
   const authenticator = new BasicAuthenticator({ options }, '');
   await authenticator.activate();
-  return await authenticator.authIdentity(ctx);
+  return await authenticator.getTokenInfo(ctx);
 };
 
 describe('Test http basic authenticator', () => {
@@ -310,35 +310,13 @@ describe('Test http basic authenticator', () => {
     };
     const expected = Buffer.from('user1:test1').toString('base64');
     // Act
-    const result = await authIdentity(ctx, {
+    const result = await getTokenInfo(ctx, {
       basic: { 'users-list': userLists },
     });
     // Assert
     expect(result['token']).toEqual(expected);
   });
 
-  it('Should auth identity failed when request not matched in empty "users-list" options', async () => {
-    // Arrange
-    const expected = new Error('authenticate user identity failed.');
-    const ctx = {
-      ...sinon.stubInterface<KoaContext>(),
-      request: {
-        ...sinon.stubInterface<Request>(),
-        query: {
-          ...sinon.stubInterface<ParsedUrlQuery>(),
-          username: 'user1',
-          password: 'test1',
-        },
-      },
-    };
-    // Act
-    const action = authIdentity(ctx, {
-      basic: { 'users-list': [] },
-    });
-    // Assert
-    expect(action).rejects.toThrow(expected);
-  });
-
   it('Should auth identity successfully when request match in "htpasswd-file" path of options', async () => {
     // Arrange
     const expected = Buffer.from('user3:test3').toString('base64');
@@ -357,7 +335,7 @@ describe('Test http basic authenticator', () => {
     };
 
     // Act
-    const result = await authIdentity(ctx, {
+    const result = await getTokenInfo(ctx, {
       basic: {
         'htpasswd-file': {
           path: path.resolve(__dirname, './test-files/basic.htpasswd'),
@@ -369,32 +347,6 @@ describe('Test http basic authenticator', () => {
     expect(result['token']).toEqual(expected);
   });
 
-  it('Should auth identity failed when request not match in "htpasswd-file" path of options', async () => {
-    // Arrange
-    const expected = new Error('authenticate user identity failed.');
-    const ctx = {
-      ...sinon.stubInterface<KoaContext>(),
-      request: {
-        ...sinon.stubInterface<Request>(),
-        query: {
-          ...sinon.stubInterface<ParsedUrlQuery>(),
-          username: 'user1',
-          password: 'test1',
-        },
-      },
-    };
-    // Act
-    const action = authIdentity(ctx, {
-      basic: {
-        'htpasswd-file': {
-          path: path.resolve(__dirname, './test-files/basic.htpasswd'),
-        },
-      },
-    });
-    // Assert
-    expect(action).rejects.toThrow(expected);
-  });
-
   it.each([
     ['username', { 'users-list': userLists }],
     ['password', { 'users-list': userLists }],
@@ -430,7 +382,7 @@ describe('Test http basic authenticator', () => {
         },
       };
       // Act
-      const action = authIdentity(ctx, {
+      const action = getTokenInfo(ctx, {
         basic: options,
       });
       // Assert

packages/serve/test/auth/passwordFileAuthenticator.spec.ts

@@ -16,13 +16,13 @@ const authCredential = async (
   return await authenticator.authCredential(ctx);
 };
 
-const authIdentity = async (
+const getTokenInfo = async (
   ctx: KoaContext,
   options: any
 ): Promise<Record<string, any>> => {
   const authenticator = new PasswordFileAuthenticator({ options }, '');
   await authenticator.activate();
-  return await authenticator.authIdentity(ctx);
+  return await authenticator.getTokenInfo(ctx);
 };
 
 describe('Test password-file authenticator', () => {
@@ -242,7 +242,7 @@ describe('Test password-file authenticator', () => {
     };
 
     // Act
-    const result = await authIdentity(ctx, {
+    const result = await getTokenInfo(ctx, {
       'password-file': {
         path: path.resolve(__dirname, './test-files/password-file'),
       },
@@ -252,32 +252,6 @@ describe('Test password-file authenticator', () => {
     expect(result['token']).toEqual(expected);
   });
 
-  it('Should auth identity failed when request not match in "password-file" path of options', async () => {
-    // Arrange
-    const expected = new Error('authenticate user identity failed.');
-    const ctx = {
-      ...sinon.stubInterface<KoaContext>(),
-      request: {
-        ...sinon.stubInterface<Request>(),
-        query: {
-          ...sinon.stubInterface<ParsedUrlQuery>(),
-          username: 'user1',
-          password: 'test1',
-        },
-      },
-    };
-
-    // Act
-    const action = authIdentity(ctx, {
-      'password-file': {
-        path: path.resolve(__dirname, './test-files/password-file'),
-      },
-    });
-
-    // Assert
-    expect(action).rejects.toThrow(expected);
-  });
-
   it.each([['username'], ['password']])(
     'Should auth identity failed when miss some of request fields',
     async (field: string) => {
@@ -294,7 +268,7 @@ describe('Test password-file authenticator', () => {
         },
       };
       // Act
-      const action = authIdentity(ctx, {
+      const action = getTokenInfo(ctx, {
         'password-file': {
           path: path.resolve(__dirname, './test-files/password-file'),
         },

packages/serve/test/auth/simpleTokenAuthenticator.spec.ts

@@ -18,13 +18,13 @@ const authCredential = async (
   return await authenticator.authCredential(ctx);
 };
 
-const authIdentity = async (
+const getTokenInfo = async (
   ctx: KoaContext,
   options: any
 ): Promise<Record<string, any>> => {
   const authenticator = new SimpleTokenAuthenticator({ options }, '');
   await authenticator.activate();
-  return await authenticator.authIdentity(ctx);
+  return await authenticator.getTokenInfo(ctx);
 };
 
 describe('Test simple-token authenticator', () => {
@@ -186,38 +186,14 @@ describe('Test simple-token authenticator', () => {
     } as KoaContext;
 
     // Act
-    const result = await authIdentity(ctx, {
+    const result = await getTokenInfo(ctx, {
       'simple-token': userLists,
     });
 
     // Assert
     expect(result['token']).toEqual(token);
   });
 
-  it('Should auth identity failed when request not matched in "simple-token" options', async () => {
-    // Arrange
-    const expected = new Error('authenticate user identity failed.');
-    const token = Buffer.from('user3:test3').toString('base64');
-    const ctx = {
-      ...sinon.stubInterface<KoaContext>(),
-      request: {
-        ...sinon.stubInterface<Request>(),
-        query: {
-          ...sinon.stubInterface<ParsedUrlQuery>(),
-          token: token,
-        },
-      },
-    } as KoaContext;
-
-    // Act
-    const action = authIdentity(ctx, {
-      'simple-token': userLists,
-    });
-
-    // Assert
-    expect(action).rejects.toThrow(expected);
-  });
-
   it('Should auth identity failed when miss request field', async () => {
     // Arrange
     const expected = new Error('please provide "token".');
@@ -231,7 +207,7 @@ describe('Test simple-token authenticator', () => {
       },
     };
     // Act
-    const action = authIdentity(ctx, {
+    const action = getTokenInfo(ctx, {
       'simple-token': userLists,
     });
     // Assert