Refactor all auth adapters to reduce duplications (#4954)

* Refactor all auth adapters to reduce duplications

* Adds mocking and proper testing for all auth adapters

* Proper testing of the google auth adapter

* noit

Author: flovilmart

spec/AuthenticationAdapters.spec.js

@@ -3,9 +3,19 @@ const Config = require("../lib/Config");
 const defaultColumns = require('../lib/Controllers/SchemaController').defaultColumns;
 const authenticationLoader = require('../lib/Adapters/Auth');
 const path = require('path');
+const responses = {
+  instagram: { data: { id: 'userId' } },
+  janrainengage: { stat: 'ok', profile: { identifier: 'userId' }},
+  janraincapture: { stat: 'ok', result: 'userId' },
+  vkontakte: { response: { user_id: 'userId'}},
+  google: { sub: 'userId' },
+  wechat: { errcode: 0 },
+  weibo: { uid: 'userId' },
+  qq: 'callback( {"openid":"userId"} );' // yes it's like that, run eval in the client :P
+}
 
 describe('AuthenticationProviders', function() {
-  ["facebook", "facebookaccountkit", "github", "instagram", "google", "linkedin", "meetup", "twitter", "janrainengage", "janraincapture", "vkontakte"].map(function(providerName){
+  ["facebook", "facebookaccountkit", "github", "instagram", "google", "linkedin", "meetup", "twitter", "janrainengage", "janraincapture", "vkontakte", "qq", "spotify", "wechat", "weibo"].map(function(providerName){
     it("Should validate structure of " + providerName, (done) => {
       const provider = require("../lib/Adapters/Auth/" + providerName);
       jequal(typeof provider.validateAuthData, "function");
@@ -18,6 +28,32 @@ describe('AuthenticationProviders', function() {
       validateAppIdPromise.then(()=>{}, ()=>{});
       done();
     });
+
+    it(`should provide the right responses for adapter ${providerName}`, async () => {
+      if (providerName === 'twitter') {
+        return;
+      }
+      spyOn(require('../lib/Adapters/Auth/httpsRequest'), 'get').and.callFake((options) => {
+        if (options === "https://oauth.vk.com/access_token?client_id=appId&client_secret=appSecret&v=5.59&grant_type=client_credentials") {
+          return {
+            access_token: 'access_token'
+          }
+        }
+        return Promise.resolve(responses[providerName] || { id: 'userId' });
+      });
+      spyOn(require('../lib/Adapters/Auth/httpsRequest'), 'request').and.callFake(() => {
+        return Promise.resolve(responses[providerName] || { id: 'userId' });
+      });
+      const provider = require("../lib/Adapters/Auth/" + providerName);
+      let params = {};
+      if (providerName === 'vkontakte') {
+        params = {
+          appIds: 'appId',
+          appSecret: 'appSecret'
+        }
+      }
+      await provider.validateAuthData({ id: 'userId' }, params);
+    });
   });
 
   const getMockMyOauthProvider = function() {
@@ -388,3 +424,60 @@ describe('AuthenticationProviders', function() {
       })
   });
 });
+
+describe('google auth adapter', () => {
+  const google = require('../lib/Adapters/Auth/google');
+  const httpsRequest = require('../lib/Adapters/Auth/httpsRequest');
+
+  it('should use id_token for validation is passed', async () => {
+    spyOn(httpsRequest, 'request').and.callFake(() => {
+      return Promise.resolve({ sub: 'userId' });
+    });
+    await google.validateAuthData({ id: 'userId', id_token: 'the_token' }, {});
+  });
+
+  it('should use id_token for validation is passed and responds with user_id', async () => {
+    spyOn(httpsRequest, 'request').and.callFake(() => {
+      return Promise.resolve({ user_id: 'userId' });
+    });
+    await google.validateAuthData({ id: 'userId', id_token: 'the_token' }, {});
+  });
+
+  it('should use access_token for validation is passed and responds with user_id', async () => {
+    spyOn(httpsRequest, 'request').and.callFake(() => {
+      return Promise.resolve({ user_id: 'userId' });
+    });
+    await google.validateAuthData({ id: 'userId', access_token: 'the_token' }, {});
+  });
+
+  it('should use access_token for validation is passed with sub', async () => {
+    spyOn(httpsRequest, 'request').and.callFake(() => {
+      return Promise.resolve({ sub: 'userId' });
+    });
+    await google.validateAuthData({ id: 'userId', id_token: 'the_token' }, {});
+  });
+
+  it('should fail when the id_token is invalid', async () => {
+    spyOn(httpsRequest, 'request').and.callFake(() => {
+      return Promise.resolve({ sub: 'badId' });
+    });
+    try {
+      await google.validateAuthData({ id: 'userId', id_token: 'the_token' }, {});
+      fail()
+    } catch(e) {
+      expect(e.message).toBe('Google auth is invalid for this user.');
+    }
+  });
+
+  it('should fail when the access_token is invalid', async () => {
+    spyOn(httpsRequest, 'request').and.callFake(() => {
+      return Promise.resolve({ sub: 'badId' });
+    });
+    try {
+      await google.validateAuthData({ id: 'userId', access_token: 'the_token' }, {});
+      fail()
+    } catch(e) {
+      expect(e.message).toBe('Google auth is invalid for this user.');
+    }
+  });
+});

src/Adapters/Auth/facebook.js

@@ -1,5 +1,5 @@
 // Helper functions for accessing the Facebook Graph API.
-var https = require('https');
+const httpsRequest = require('./httpsRequest');
 var Parse = require('parse/node').Parse;
 
 // Returns a promise that fulfills iff this user id is valid.
@@ -36,24 +36,7 @@ function validateAppId(appIds, authData) {
 
 // A promisey wrapper for FB graph requests.
 function graphRequest(path) {
-  return new Promise(function(resolve, reject) {
-    https.get('https://graph.facebook.com/' + path, function(res) {
-      var data = '';
-      res.on('data', function(chunk) {
-        data += chunk;
-      });
-      res.on('end', function() {
-        try {
-          data = JSON.parse(data);
-        } catch(e) {
-          return reject(e);
-        }
-        resolve(data);
-      });
-    }).on('error', function() {
-      reject('Failed to validate this access token with Facebook.');
-    });
-  });
+  return httpsRequest.get('https://graph.facebook.com/' + path);
 }
 
 module.exports = {

src/Adapters/Auth/facebookaccountkit.js

@@ -1,32 +1,9 @@
 const crypto = require('crypto');
-const https = require('https');
+const httpsRequest = require('./httpsRequest');
 const Parse  = require('parse/node').Parse;
 
 const graphRequest = (path) => {
-  return new Promise((resolve, reject) => {
-    https.get(`https://graph.accountkit.com/v1.1/${path}`, (res) => {
-      var data = '';
-      res.on('data', (chunk) => {
-        data += chunk;
-      });
-      res.on('end', () => {
-        try {
-          data = JSON.parse(data);
-          if (data.error) {
-            // when something wrong with fb graph request (token corrupted etc.)
-            // instead of network issue
-            reject(data.error);
-          } else {
-            resolve(data);
-          }
-        } catch (e) {
-          reject(e);
-        }
-      });
-    }).on('error', function () {
-      reject('Failed to validate this access token with Facebook Account Kit.');
-    });
-  });
+  return httpsRequest.get(`https://graph.accountkit.com/v1.1/${path}`);
 };
 
 function getRequestPath(authData, options) {
@@ -60,6 +37,9 @@ function validateAppId(appIds, authData, options) {
 function validateAuthData(authData, options) {
   return graphRequest(getRequestPath(authData, options))
     .then(data => {
+      if (data && data.error) {
+        throw data.error;
+      }
       if (data && data.id == authData.id) {
         return;
       }

src/Adapters/Auth/github.js

@@ -1,6 +1,6 @@
 // Helper functions for accessing the github API.
-var https = require('https');
 var Parse = require('parse/node').Parse;
+const httpsRequest = require('./httpsRequest');
 
 // Returns a promise that fulfills iff this user id is valid.
 function validateAuthData(authData) {
@@ -22,30 +22,13 @@ function validateAppId() {
 
 // A promisey wrapper for api requests
 function request(path, access_token) {
-  return new Promise(function(resolve, reject) {
-    https.get({
-      host: 'api.github.com',
-      path: '/' + path,
-      headers: {
-        'Authorization': 'bearer ' + access_token,
-        'User-Agent': 'parse-server'
-      }
-    }, function(res) {
-      var data = '';
-      res.on('data', function(chunk) {
-        data += chunk;
-      });
-      res.on('end', function() {
-        try {
-          data = JSON.parse(data);
-        } catch(e) {
-          return reject(e);
-        }
-        resolve(data);
-      });
-    }).on('error', function() {
-      reject('Failed to validate this access token with Github.');
-    });
+  return httpsRequest.get({
+    host: 'api.github.com',
+    path: '/' + path,
+    headers: {
+      'Authorization': 'bearer ' + access_token,
+      'User-Agent': 'parse-server'
+    }
   });
 }
 

src/Adapters/Auth/google.js

@@ -1,9 +1,9 @@
 // Helper functions for accessing the google API.
-var https = require('https');
 var Parse = require('parse/node').Parse;
+const httpsRequest = require('./httpsRequest');
 
 function validateIdToken(id, token) {
-  return request("tokeninfo?id_token=" + token)
+  return googleRequest("tokeninfo?id_token=" + token)
     .then((response) => {
       if (response && (response.sub == id || response.user_id == id)) {
         return;
@@ -15,7 +15,7 @@ function validateIdToken(id, token) {
 }
 
 function validateAuthToken(id, token) {
-  return request("tokeninfo?access_token=" + token)
+  return googleRequest("tokeninfo?access_token=" + token)
     .then((response) => {
       if (response &&  (response.sub == id || response.user_id == id)) {
         return;
@@ -47,25 +47,8 @@ function validateAppId() {
 }
 
 // A promisey wrapper for api requests
-function request(path) {
-  return new Promise(function(resolve, reject) {
-    https.get("https://www.googleapis.com/oauth2/v3/" + path, function(res) {
-      var data = '';
-      res.on('data', function(chunk) {
-        data += chunk;
-      });
-      res.on('end', function() {
-        try {
-          data = JSON.parse(data);
-        } catch(e) {
-          return reject(e);
-        }
-        resolve(data);
-      });
-    }).on('error', function() {
-      reject('Failed to validate this access token with Google.');
-    });
-  });
+function googleRequest(path) {
+  return httpsRequest.request("https://www.googleapis.com/oauth2/v3/" + path);
 }
 
 module.exports = {

src/Adapters/Auth/httpsRequest.js

@@ -0,0 +1,41 @@
+const https = require('https');
+
+function makeCallback(resolve, reject, noJSON) {
+  return function(res) {
+    let data = '';
+    res.on('data', (chunk) => {
+      data += chunk;
+    });
+    res.on('end', () => {
+      if (noJSON) {
+        return resolve(data);
+      }
+      try {
+        data = JSON.parse(data);
+      } catch(e) {
+        return reject(e);
+      }
+      resolve(data);
+    });
+    res.on('error', reject);
+  };
+}
+
+function get(options, noJSON = false) {
+  return new Promise((resolve, reject) => {
+    https
+      .get(options, makeCallback(resolve, reject, noJSON))
+      .on('error', reject);
+  });
+}
+
+function request(options, postData) {
+  return new Promise((resolve, reject) => {
+    const req = https.request(options, makeCallback(resolve, reject));
+    req.on('error', reject);
+    req.write(postData);
+    req.end();
+  });
+}
+
+module.exports = { get, request };

src/Adapters/Auth/instagram.js

@@ -1,6 +1,6 @@
 // Helper functions for accessing the instagram API.
-var https = require('https');
 var Parse = require('parse/node').Parse;
+const httpsRequest = require('./httpsRequest');
 
 // Returns a promise that fulfills iff this user id is valid.
 function validateAuthData(authData) {
@@ -22,20 +22,7 @@ function validateAppId() {
 
 // A promisey wrapper for api requests
 function request(path) {
-  return new Promise(function(resolve, reject) {
-    https.get("https://api.instagram.com/v1/" + path, function(res) {
-      var data = '';
-      res.on('data', function(chunk) {
-        data += chunk;
-      });
-      res.on('end', function() {
-        data = JSON.parse(data);
-        resolve(data);
-      });
-    }).on('error', function() {
-      reject('Failed to validate this access token with Instagram.');
-    });
-  });
+  return httpsRequest.get("https://api.instagram.com/v1/" + path);
 }
 
 module.exports = {

src/Adapters/Auth/janraincapture.js

@@ -1,7 +1,7 @@
 // Helper functions for accessing the Janrain Capture API.
-var https = require('https');
 var Parse = require('parse/node').Parse;
 var querystring = require('querystring');
+const httpsRequest = require('./httpsRequest');
 
 // Returns a promise that fulfills iff this user id is valid.
 function validateAuthData(authData, options) {
@@ -30,22 +30,7 @@ function request(host, access_token) {
     'attribute_name': 'uuid' // we only need to pull the uuid for this access token to make sure it matches
   });
 
-  return new Promise(function(resolve, reject) {
-    https.get({
-      host: host,
-      path: '/entity?' + query_string_data
-    }, function(res) {
-      var data = '';
-      res.on('data', function(chunk) {
-        data += chunk;
-      });
-      res.on('end', function () {
-        resolve(JSON.parse(data));
-      });
-    }).on('error', function() {
-      reject('Failed to validate this access token with Janrain capture.');
-    });
-  });
+  return httpsRequest.get({ host: host, path: '/entity?' + query_string_data });
 }
 
 module.exports = {