mirror of
https://github.com/CommunitySolidServer/CommunitySolidServer.git
synced 2024-10-03 14:55:10 +00:00
fix: Rename cookie field to authorization
This commit is contained in:
Joachim Van Herwegen
parent
cd07338ce7
commit
307dba3219
@ -7,7 +7,7 @@
|
||||
"@type": "AuthorizationParser",
|
||||
"authMap": [
|
||||
{
|
||||
"AuthorizationParser:_authMap_key": "CSS-Account-Cookie",
|
||||
"AuthorizationParser:_authMap_key": "CSS-Account-Token",
|
||||
"AuthorizationParser:_authMap_value": "urn:npm:solid:community-server:http:accountCookie"
|
||||
}
|
||||
]
|
||||
|
||||
@ -23,12 +23,13 @@ When doing a GET request on these APIs they will return an object describing wha
|
||||
|
||||
## Authorization
|
||||
|
||||
After logging in, the API will return a `set-cookie` header.
|
||||
After logging in, the API will return a `set-cookie` header of the format `css-account=$VALUE`
|
||||
This cookie is necessary to have access to many of the APIs.
|
||||
When including this cookie, the controls object will also be extended with new URLs that are now accessible.
|
||||
When logging in, the response body JSON body will also contain a `cookie` field containing the cookie value.
|
||||
When logging in, the response body JSON body will also contain an `authorization` field
|
||||
containing the `$VALUE` value mentioned above.
|
||||
Instead of using cookies,
|
||||
this value can also be used in an `Authorization` header with auth scheme `CSS-Account-Cookie`
|
||||
this value can be used in an `Authorization` header with value `CSS-Account-Token $VALUE`
|
||||
to achieve the same result.
|
||||
|
||||
The expiration time of this cookie will be refreshed
|
||||
|
||||
@ -55,8 +55,8 @@ export abstract class ResolveLoginHandler extends JsonInteractionHandler {
|
||||
// Putting it in the metadata, so it can be converted into an HTTP response header.
|
||||
// Putting it in the response JSON so users can also use it in an Authorization header.
|
||||
const metadata = result.metadata ?? new RepresentationMetadata(input.target);
|
||||
json.cookie = await this.cookieStore.generate(accountId);
|
||||
metadata.add(SOLID_HTTP.terms.accountCookie, json.cookie);
|
||||
json.authorization = await this.cookieStore.generate(accountId);
|
||||
metadata.add(SOLID_HTTP.terms.accountCookie, json.authorization);
|
||||
|
||||
// Delete the old cookie if there was one, to prevent unused cookies from being stored.
|
||||
// We are not reusing this cookie as it could be associated with a different account.
|
||||
|
||||
@ -31,7 +31,7 @@ const bob: User = {
|
||||
* Registers a user with the server and provides them with a pod.
|
||||
* @param user - The user settings necessary to register a user.
|
||||
*/
|
||||
async function register(user: User): Promise<{ webId: string; cookie: string }> {
|
||||
async function register(user: User): Promise<{ webId: string; authorization: string }> {
|
||||
// Get controls
|
||||
let res = await fetch(urljoin(baseUrl, '.account/'));
|
||||
let { controls } = await res.json();
|
||||
@ -41,8 +41,7 @@ async function register(user: User): Promise<{ webId: string; cookie: string }>
|
||||
if (res.status !== 200) {
|
||||
throw new Error(`Account creation failed: ${await res.text()}`);
|
||||
}
|
||||
const { cookie } = await res.json();
|
||||
const authorization = `CSS-Account-Cookie ${cookie}`;
|
||||
const authorization = `CSS-Account-Token ${(await res.json()).authorization}`;
|
||||
|
||||
// Get account controls
|
||||
res = await fetch(controls.main.index, {
|
||||
@ -74,18 +73,16 @@ async function register(user: User): Promise<{ webId: string; cookie: string }>
|
||||
}
|
||||
const { webId } = await res.json();
|
||||
|
||||
return { webId, cookie };
|
||||
return { webId, authorization };
|
||||
}
|
||||
|
||||
/**
|
||||
* Requests a client credentials API token.
|
||||
* @param webId - WebID to create credentials for.
|
||||
* @param cookie - Authoriziation cookie for the account that tries to create credentials.
|
||||
* @param authorization - Authorization header for the account that tries to create credentials.
|
||||
* @returns The id/secret for the client credentials request.
|
||||
*/
|
||||
async function createCredentials(webId: string, cookie: string): Promise<{ id: string; secret: string }> {
|
||||
// Get account controls
|
||||
const authorization = `CSS-Account-Cookie ${cookie}`;
|
||||
async function createCredentials(webId: string, authorization: string): Promise<{ id: string; secret: string }> {
|
||||
let res = await fetch(urljoin(baseUrl, '.account/'), {
|
||||
headers: { authorization },
|
||||
});
|
||||
@ -110,8 +107,8 @@ async function createCredentials(webId: string, cookie: string): Promise<{ id: s
|
||||
* @param user - User for which data needs to be generated.
|
||||
*/
|
||||
async function outputCredentials(user: User): Promise<void> {
|
||||
const { webId, cookie } = await register(user);
|
||||
const { id, secret } = await createCredentials(webId, cookie);
|
||||
const { webId, authorization } = await register(user);
|
||||
const { id, secret } = await createCredentials(webId, authorization);
|
||||
|
||||
const name = user.podName.toUpperCase();
|
||||
console.log(`USERS_${name}_CLIENTID=${id}`);
|
||||
|
||||
@ -100,7 +100,7 @@ describe('A server with account management', (): void => {
|
||||
expect(cookies).toHaveLength(1);
|
||||
|
||||
cookie = `${cookies[0].name}=${cookies[0].value}`;
|
||||
expect(json.cookie).toBe(cookies[0].value);
|
||||
expect(json.authorization).toBe(cookies[0].value);
|
||||
});
|
||||
|
||||
it('can only access the account controls the cookie.', async(): Promise<void> => {
|
||||
@ -124,7 +124,7 @@ describe('A server with account management', (): void => {
|
||||
|
||||
it('can also access the account controls using the custom authorization header.', async(): Promise<void> => {
|
||||
const res = await fetch(indexUrl, { headers:
|
||||
{ authorization: `CSS-Account-Cookie ${cookie.split('=')[1]}` }});
|
||||
{ authorization: `CSS-Account-Token ${cookie.split('=')[1]}` }});
|
||||
expect(res.status).toBe(200);
|
||||
const json = await res.json();
|
||||
expect(json.controls.account.pod).toEqual(controls.account.pod);
|
||||
|
||||
@ -23,7 +23,7 @@ class DummyLoginHandler extends ResolveLoginHandler {
|
||||
}
|
||||
|
||||
describe('A ResolveLoginHandler', (): void => {
|
||||
const cookie = 'cookie';
|
||||
const authorization = 'cookie';
|
||||
let metadata: RepresentationMetadata;
|
||||
let input: JsonInteractionHandlerInput;
|
||||
let accountStore: jest.Mocked<AccountStore>;
|
||||
@ -49,7 +49,7 @@ describe('A ResolveLoginHandler', (): void => {
|
||||
} satisfies Partial<AccountStore> as any;
|
||||
|
||||
cookieStore = {
|
||||
generate: jest.fn().mockResolvedValue(cookie),
|
||||
generate: jest.fn().mockResolvedValue(authorization),
|
||||
delete: jest.fn(),
|
||||
} satisfies Partial<CookieStore> as any;
|
||||
|
||||
@ -59,10 +59,10 @@ describe('A ResolveLoginHandler', (): void => {
|
||||
it('removes the ID from the output and adds a cookie.', async(): Promise<void> => {
|
||||
await expect(handler.handle(input)).resolves.toEqual({ json: {
|
||||
data: 'data',
|
||||
cookie,
|
||||
authorization,
|
||||
},
|
||||
metadata });
|
||||
expect(metadata.get(SOLID_HTTP.terms.accountCookie)?.value).toBe(cookie);
|
||||
expect(metadata.get(SOLID_HTTP.terms.accountCookie)?.value).toBe(authorization);
|
||||
|
||||
expect(cookieStore.generate).toHaveBeenCalledTimes(1);
|
||||
expect(cookieStore.generate).toHaveBeenLastCalledWith(accountId);
|
||||
@ -75,7 +75,7 @@ describe('A ResolveLoginHandler', (): void => {
|
||||
const result = await handler.handle(input);
|
||||
expect(result).toEqual({ json: {
|
||||
data: 'data',
|
||||
cookie,
|
||||
authorization,
|
||||
},
|
||||
metadata: expect.any(RepresentationMetadata) });
|
||||
expect(result.metadata).not.toBe(metadata);
|
||||
@ -91,7 +91,7 @@ describe('A ResolveLoginHandler', (): void => {
|
||||
} as any;
|
||||
await expect(handler.handle(input)).resolves.toEqual({ json: {
|
||||
data: 'data',
|
||||
cookie,
|
||||
authorization,
|
||||
location: 'returnTo',
|
||||
},
|
||||
metadata });
|
||||
@ -110,7 +110,7 @@ describe('A ResolveLoginHandler', (): void => {
|
||||
};
|
||||
await expect(handler.handle(input)).resolves.toEqual({ json: {
|
||||
data: 'data',
|
||||
cookie,
|
||||
authorization,
|
||||
},
|
||||
metadata });
|
||||
|
||||
@ -124,10 +124,10 @@ describe('A ResolveLoginHandler', (): void => {
|
||||
input.metadata.set(SOLID_HTTP.terms.accountCookie, 'old-cookie-value');
|
||||
await expect(handler.handle(input)).resolves.toEqual({ json: {
|
||||
data: 'data',
|
||||
cookie,
|
||||
authorization,
|
||||
},
|
||||
metadata });
|
||||
expect(metadata.get(SOLID_HTTP.terms.accountCookie)?.value).toBe(cookie);
|
||||
expect(metadata.get(SOLID_HTTP.terms.accountCookie)?.value).toBe(authorization);
|
||||
|
||||
expect(cookieStore.generate).toHaveBeenCalledTimes(1);
|
||||
expect(cookieStore.generate).toHaveBeenLastCalledWith(accountId);
|
||||
|
||||
@ -22,8 +22,7 @@ Promise<{ pod: string; webId: string; authorization: string; controls: any }> {
|
||||
// Create account
|
||||
res = await fetch(controls.account.create, { method: 'POST' });
|
||||
expect(res.status).toBe(200);
|
||||
const { cookie } = await res.json();
|
||||
const authorization = `CSS-Account-Cookie ${cookie}`;
|
||||
const authorization = `CSS-Account-Token ${(await res.json()).authorization}`;
|
||||
|
||||
// Get account controls
|
||||
res = await fetch(controls.account.create, {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user