Refactor all auth adapters to reduce duplications (#4954)

* Refactor all auth adapters to reduce duplications

* Adds mocking and proper testing for all auth adapters

* Proper testing of the google auth adapter

* noit

spec/AuthenticationAdapters.spec.js

@@ -3,9 +3,19 @@ const Config = require("../lib/Config");
 const defaultColumns = require('../lib/Controllers/SchemaController').defaultColumns;
 const authenticationLoader = require('../lib/Adapters/Auth');
 const path = require('path');
+const responses = {
+  instagram: { data: { id: 'userId' } },
+  janrainengage: { stat: 'ok', profile: { identifier: 'userId' }},
+  janraincapture: { stat: 'ok', result: 'userId' },
+  vkontakte: { response: { user_id: 'userId'}},
+  google: { sub: 'userId' },
+  wechat: { errcode: 0 },
+  weibo: { uid: 'userId' },
+  qq: 'callback( {"openid":"userId"} );' // yes it's like that, run eval in the client :P
+}
 
 describe('AuthenticationProviders', function() {
-  ["facebook", "facebookaccountkit", "github", "instagram", "google", "linkedin", "meetup", "twitter", "janrainengage", "janraincapture", "vkontakte"].map(function(providerName){
+  ["facebook", "facebookaccountkit", "github", "instagram", "google", "linkedin", "meetup", "twitter", "janrainengage", "janraincapture", "vkontakte", "qq", "spotify", "wechat", "weibo"].map(function(providerName){
     it("Should validate structure of " + providerName, (done) => {
       const provider = require("../lib/Adapters/Auth/" + providerName);
       jequal(typeof provider.validateAuthData, "function");
@@ -18,6 +28,32 @@ describe('AuthenticationProviders', function() {
       validateAppIdPromise.then(()=>{}, ()=>{});
       done();
     });
+
+    it(`should provide the right responses for adapter ${providerName}`, async () => {
+      if (providerName === 'twitter') {
+        return;
+      }
+      spyOn(require('../lib/Adapters/Auth/httpsRequest'), 'get').and.callFake((options) => {
+        if (options === "https://oauth.vk.com/access_token?client_id=appId&client_secret=appSecret&v=5.59&grant_type=client_credentials") {
+          return {
+            access_token: 'access_token'
+          }
+        }
+        return Promise.resolve(responses[providerName] || { id: 'userId' });
+      });
+      spyOn(require('../lib/Adapters/Auth/httpsRequest'), 'request').and.callFake(() => {
+        return Promise.resolve(responses[providerName] || { id: 'userId' });
+      });
+      const provider = require("../lib/Adapters/Auth/" + providerName);
+      let params = {};
+      if (providerName === 'vkontakte') {
+        params = {
+          appIds: 'appId',
+          appSecret: 'appSecret'
+        }
+      }
+      await provider.validateAuthData({ id: 'userId' }, params);
+    });
   });
 
   const getMockMyOauthProvider = function() {
@@ -388,3 +424,60 @@ describe('AuthenticationProviders', function() {
       })
   });
 });
+
+describe('google auth adapter', () => {
+  const google = require('../lib/Adapters/Auth/google');
+  const httpsRequest = require('../lib/Adapters/Auth/httpsRequest');
+
+  it('should use id_token for validation is passed', async () => {
+    spyOn(httpsRequest, 'request').and.callFake(() => {
+      return Promise.resolve({ sub: 'userId' });
+    });
+    await google.validateAuthData({ id: 'userId', id_token: 'the_token' }, {});
+  });
+
+  it('should use id_token for validation is passed and responds with user_id', async () => {
+    spyOn(httpsRequest, 'request').and.callFake(() => {
+      return Promise.resolve({ user_id: 'userId' });
+    });
+    await google.validateAuthData({ id: 'userId', id_token: 'the_token' }, {});
+  });
+
+  it('should use access_token for validation is passed and responds with user_id', async () => {
+    spyOn(httpsRequest, 'request').and.callFake(() => {
+      return Promise.resolve({ user_id: 'userId' });
+    });
+    await google.validateAuthData({ id: 'userId', access_token: 'the_token' }, {});
+  });
+
+  it('should use access_token for validation is passed with sub', async () => {
+    spyOn(httpsRequest, 'request').and.callFake(() => {
+      return Promise.resolve({ sub: 'userId' });
+    });
+    await google.validateAuthData({ id: 'userId', id_token: 'the_token' }, {});
+  });
+
+  it('should fail when the id_token is invalid', async () => {
+    spyOn(httpsRequest, 'request').and.callFake(() => {
+      return Promise.resolve({ sub: 'badId' });
+    });
+    try {
+      await google.validateAuthData({ id: 'userId', id_token: 'the_token' }, {});
+      fail()
+    } catch(e) {
+      expect(e.message).toBe('Google auth is invalid for this user.');
+    }
+  });
+
+  it('should fail when the access_token is invalid', async () => {
+    spyOn(httpsRequest, 'request').and.callFake(() => {
+      return Promise.resolve({ sub: 'badId' });
+    });
+    try {
+      await google.validateAuthData({ id: 'userId', access_token: 'the_token' }, {});
+      fail()
+    } catch(e) {
+      expect(e.message).toBe('Google auth is invalid for this user.');
+    }
+  });
+});

src/Adapters/Auth/facebook.js

@@ -1,5 +1,5 @@
 // Helper functions for accessing the Facebook Graph API.
-var https = require('https');
+const httpsRequest = require('./httpsRequest');
 var Parse = require('parse/node').Parse;
 
 // Returns a promise that fulfills iff this user id is valid.
@@ -36,24 +36,7 @@ function validateAppId(appIds, authData) {
 
 // A promisey wrapper for FB graph requests.
 function graphRequest(path) {
-  return new Promise(function(resolve, reject) {
+  return httpsRequest.get('https://graph.facebook.com/' + path);
-    https.get('https://graph.facebook.com/' + path, function(res) {
-      var data = '';
-      res.on('data', function(chunk) {
-        data += chunk;
-      });
-      res.on('end', function() {
-        try {
-          data = JSON.parse(data);
-        } catch(e) {
-          return reject(e);
-        }
-        resolve(data);
-      });
-    }).on('error', function() {
-      reject('Failed to validate this access token with Facebook.');
-    });
-  });
 }
 
 module.exports = {

src/Adapters/Auth/facebookaccountkit.js

@@ -1,32 +1,9 @@
 const crypto = require('crypto');
-const https = require('https');
+const httpsRequest = require('./httpsRequest');
 const Parse  = require('parse/node').Parse;
 
 const graphRequest = (path) => {
-  return new Promise((resolve, reject) => {
+  return httpsRequest.get(`https://graph.accountkit.com/v1.1/${path}`);
-    https.get(`https://graph.accountkit.com/v1.1/${path}`, (res) => {
-      var data = '';
-      res.on('data', (chunk) => {
-        data += chunk;
-      });
-      res.on('end', () => {
-        try {
-          data = JSON.parse(data);
-          if (data.error) {
-            // when something wrong with fb graph request (token corrupted etc.)
-            // instead of network issue
-            reject(data.error);
-          } else {
-            resolve(data);
-          }
-        } catch (e) {
-          reject(e);
-        }
-      });
-    }).on('error', function () {
-      reject('Failed to validate this access token with Facebook Account Kit.');
-    });
-  });
 };
 
 function getRequestPath(authData, options) {
@@ -60,6 +37,9 @@ function validateAppId(appIds, authData, options) {
 function validateAuthData(authData, options) {
   return graphRequest(getRequestPath(authData, options))
     .then(data => {
+      if (data && data.error) {
+        throw data.error;
+      }
       if (data && data.id == authData.id) {
         return;
       }

src/Adapters/Auth/github.js

@@ -1,6 +1,6 @@
 // Helper functions for accessing the github API.
-var https = require('https');
 var Parse = require('parse/node').Parse;
+const httpsRequest = require('./httpsRequest');
 
 // Returns a promise that fulfills iff this user id is valid.
 function validateAuthData(authData) {
@@ -22,30 +22,13 @@ function validateAppId() {
 
 // A promisey wrapper for api requests
 function request(path, access_token) {
-  return new Promise(function(resolve, reject) {
+  return httpsRequest.get({
-    https.get({
+    host: 'api.github.com',
-      host: 'api.github.com',
+    path: '/' + path,
-      path: '/' + path,
+    headers: {
-      headers: {
+      'Authorization': 'bearer ' + access_token,
-        'Authorization': 'bearer ' + access_token,
+      'User-Agent': 'parse-server'
-        'User-Agent': 'parse-server'
+    }
-      }
-    }, function(res) {
-      var data = '';
-      res.on('data', function(chunk) {
-        data += chunk;
-      });
-      res.on('end', function() {
-        try {
-          data = JSON.parse(data);
-        } catch(e) {
-          return reject(e);
-        }
-        resolve(data);
-      });
-    }).on('error', function() {
-      reject('Failed to validate this access token with Github.');
-    });
   });
 }
 

src/Adapters/Auth/google.js

@@ -1,9 +1,9 @@
 // Helper functions for accessing the google API.
-var https = require('https');
 var Parse = require('parse/node').Parse;
+const httpsRequest = require('./httpsRequest');
 
 function validateIdToken(id, token) {
-  return request("tokeninfo?id_token=" + token)
+  return googleRequest("tokeninfo?id_token=" + token)
     .then((response) => {
       if (response && (response.sub == id || response.user_id == id)) {
         return;
@@ -15,7 +15,7 @@ function validateIdToken(id, token) {
 }
 
 function validateAuthToken(id, token) {
-  return request("tokeninfo?access_token=" + token)
+  return googleRequest("tokeninfo?access_token=" + token)
     .then((response) => {
       if (response &&  (response.sub == id || response.user_id == id)) {
         return;
@@ -47,25 +47,8 @@ function validateAppId() {
 }
 
 // A promisey wrapper for api requests
-function request(path) {
+function googleRequest(path) {
-  return new Promise(function(resolve, reject) {
+  return httpsRequest.request("https://www.googleapis.com/oauth2/v3/" + path);
-    https.get("https://www.googleapis.com/oauth2/v3/" + path, function(res) {
-      var data = '';
-      res.on('data', function(chunk) {
-        data += chunk;
-      });
-      res.on('end', function() {
-        try {
-          data = JSON.parse(data);
-        } catch(e) {
-          return reject(e);
-        }
-        resolve(data);
-      });
-    }).on('error', function() {
-      reject('Failed to validate this access token with Google.');
-    });
-  });
 }
 
 module.exports = {

src/Adapters/Auth/httpsRequest.js

@@ -0,0 +1,41 @@
+const https = require('https');
+
+function makeCallback(resolve, reject, noJSON) {
+  return function(res) {
+    let data = '';
+    res.on('data', (chunk) => {
+      data += chunk;
+    });
+    res.on('end', () => {
+      if (noJSON) {
+        return resolve(data);
+      }
+      try {
+        data = JSON.parse(data);
+      } catch(e) {
+        return reject(e);
+      }
+      resolve(data);
+    });
+    res.on('error', reject);
+  };
+}
+
+function get(options, noJSON = false) {
+  return new Promise((resolve, reject) => {
+    https
+      .get(options, makeCallback(resolve, reject, noJSON))
+      .on('error', reject);
+  });
+}
+
+function request(options, postData) {
+  return new Promise((resolve, reject) => {
+    const req = https.request(options, makeCallback(resolve, reject));
+    req.on('error', reject);
+    req.write(postData);
+    req.end();
+  });
+}
+
+module.exports = { get, request };

src/Adapters/Auth/instagram.js

@@ -1,6 +1,6 @@
 // Helper functions for accessing the instagram API.
-var https = require('https');
 var Parse = require('parse/node').Parse;
+const httpsRequest = require('./httpsRequest');
 
 // Returns a promise that fulfills iff this user id is valid.
 function validateAuthData(authData) {
@@ -22,20 +22,7 @@ function validateAppId() {
 
 // A promisey wrapper for api requests
 function request(path) {
-  return new Promise(function(resolve, reject) {
+  return httpsRequest.get("https://api.instagram.com/v1/" + path);
-    https.get("https://api.instagram.com/v1/" + path, function(res) {
-      var data = '';
-      res.on('data', function(chunk) {
-        data += chunk;
-      });
-      res.on('end', function() {
-        data = JSON.parse(data);
-        resolve(data);
-      });
-    }).on('error', function() {
-      reject('Failed to validate this access token with Instagram.');
-    });
-  });
 }
 
 module.exports = {

src/Adapters/Auth/janraincapture.js

@@ -1,7 +1,7 @@
 // Helper functions for accessing the Janrain Capture API.
-var https = require('https');
 var Parse = require('parse/node').Parse;
 var querystring = require('querystring');
+const httpsRequest = require('./httpsRequest');
 
 // Returns a promise that fulfills iff this user id is valid.
 function validateAuthData(authData, options) {
@@ -30,22 +30,7 @@ function request(host, access_token) {
     'attribute_name': 'uuid' // we only need to pull the uuid for this access token to make sure it matches
   });
 
-  return new Promise(function(resolve, reject) {
+  return httpsRequest.get({ host: host, path: '/entity?' + query_string_data });
-    https.get({
-      host: host,
-      path: '/entity?' + query_string_data
-    }, function(res) {
-      var data = '';
-      res.on('data', function(chunk) {
-        data += chunk;
-      });
-      res.on('end', function () {
-        resolve(JSON.parse(data));
-      });
-    }).on('error', function() {
-      reject('Failed to validate this access token with Janrain capture.');
-    });
-  });
 }
 
 module.exports = {

src/Adapters/Auth/janrainengage.js

@@ -1,11 +1,11 @@
 // Helper functions for accessing the Janrain Engage API.
-var https = require('https');
+var httpsRequest = require('./httpsRequest');
 var Parse = require('parse/node').Parse;
 var querystring = require('querystring');
 
 // Returns a promise that fulfills iff this user id is valid.
 function validateAuthData(authData, options) {
-  return request(options.api_key, authData.auth_token)
+  return apiRequest(options.api_key, authData.auth_token)
     .then((data) => {
       //successful response will have a "stat" (status) of 'ok' and a profile node with an identifier
       //see: http://developers.janrain.com/overview/social-login/identity-providers/user-profile-data/#normalized-user-profile-data
@@ -23,7 +23,7 @@ function validateAppId() {
 }
 
 // A promisey wrapper for api requests
-function request(api_key, auth_token) {
+function apiRequest(api_key, auth_token) {
 
   var post_data = querystring.stringify({
     'token': auth_token,
@@ -41,29 +41,7 @@ function request(api_key, auth_token) {
     }
   };
 
-  return new Promise(function (resolve, reject) {
+  return httpsRequest.request(post_options, post_data);
-    // Create the post request.
-    var post_req = https.request(post_options, function (res) {
-      var data = '';
-      res.setEncoding('utf8');
-      // Append data as we receive it from the Janrain engage server.
-      res.on('data', function (d) {
-        data += d;
-      });
-      // Once we have all the data, we can parse it and return the data we want.
-      res.on('end', function () {
-        try {
-          data = JSON.parse(data);
-        } catch(e) {
-          return reject(e);
-        }
-        resolve(data);
-      });
-    });
-
-    post_req.write(post_data);
-    post_req.end();
-  });
 }
 
 module.exports = {

src/Adapters/Auth/linkedin.js

@@ -1,6 +1,6 @@
 // Helper functions for accessing the linkedin API.
-var https = require('https');
 var Parse = require('parse/node').Parse;
+const httpsRequest = require('./httpsRequest');
 
 // Returns a promise that fulfills iff this user id is valid.
 function validateAuthData(authData) {
@@ -30,28 +30,10 @@ function request(path, access_token, is_mobile_sdk) {
   if(is_mobile_sdk) {
     headers['x-li-src'] = 'msdk';
   }
-
+  return httpsRequest.get({
-  return new Promise(function(resolve, reject) {
+    host: 'api.linkedin.com',
-    https.get({
+    path: '/v1/' + path,
-      host: 'api.linkedin.com',
+    headers: headers
-      path: '/v1/' + path,
-      headers: headers
-    }, function(res) {
-      var data = '';
-      res.on('data', function(chunk) {
-        data += chunk;
-      });
-      res.on('end', function() {
-        try {
-          data = JSON.parse(data);
-        } catch(e) {
-          return reject(e);
-        }
-        resolve(data);
-      });
-    }).on('error', function() {
-      reject('Failed to validate this access token with Linkedin.');
-    });
   });
 }
 

src/Adapters/Auth/meetup.js

@@ -1,6 +1,6 @@
 // Helper functions for accessing the meetup API.
-var https = require('https');
 var Parse = require('parse/node').Parse;
+const httpsRequest = require('./httpsRequest');
 
 // Returns a promise that fulfills iff this user id is valid.
 function validateAuthData(authData) {
@@ -22,29 +22,12 @@ function validateAppId() {
 
 // A promisey wrapper for api requests
 function request(path, access_token) {
-  return new Promise(function(resolve, reject) {
+  return httpsRequest.get({
-    https.get({
+    host: 'api.meetup.com',
-      host: 'api.meetup.com',
+    path: '/2/' + path,
-      path: '/2/' + path,
+    headers: {
-      headers: {
+      'Authorization': 'bearer ' + access_token
-        'Authorization': 'bearer ' + access_token
+    }
-      }
-    }, function(res) {
-      var data = '';
-      res.on('data', function(chunk) {
-        data += chunk;
-      });
-      res.on('end', function() {
-        try {
-          data = JSON.parse(data);
-        } catch(e) {
-          return reject(e);
-        }
-        resolve(data);
-      });
-    }).on('error', function() {
-      reject('Failed to validate this access token with Meetup.');
-    });
   });
 }
 

src/Adapters/Auth/qq.js

@@ -1,5 +1,5 @@
 // Helper functions for accessing the qq Graph API.
-var https = require('https');
+const httpsRequest = require('./httpsRequest');
 var Parse = require('parse/node').Parse;
 
 // Returns a promise that fulfills iff this user id is valid.
@@ -19,33 +19,23 @@ function validateAppId() {
 
 // A promisey wrapper for qq graph requests.
 function graphRequest(path) {
-  return new Promise(function (resolve, reject) {
+  return httpsRequest.get('https://graph.qq.com/oauth2.0/' + path, true).then((data) => {
-    https.get('https://graph.qq.com/oauth2.0/' + path, function (res) {
+    return parseResponseData(data);
-      var data = '';
-      res.on('data', function (chunk) {
-        data += chunk;
-      });
-      res.on('end', function () {
-        var starPos = data.indexOf("(");
-        var endPos = data.indexOf(")");
-        if(starPos == -1 || endPos == -1){
-          throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'qq auth is invalid for this user.');
-        }
-        data = data.substring(starPos + 1,endPos - 1);
-        try {
-          data = JSON.parse(data);
-        } catch(e) {
-          return reject(e);
-        }
-        resolve(data);
-      });
-    }).on('error', function () {
-      reject('Failed to validate this access token with qq.');
-    });
   });
 }
 
+function parseResponseData(data) {
+  const starPos = data.indexOf("(");
+  const endPos = data.indexOf(")");
+  if(starPos == -1 || endPos == -1){
+    throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'qq auth is invalid for this user.');
+  }
+  data = data.substring(starPos + 1,endPos - 1);
+  return JSON.parse(data);
+}
+
 module.exports = {
   validateAppId,
-  validateAuthData
+  validateAuthData,
+  parseResponseData,
 };

src/Adapters/Auth/spotify.js

@@ -1,5 +1,5 @@
 // Helper functions for accessing the Spotify API.
-var https = require('https');
+const httpsRequest = require('./httpsRequest');
 var Parse = require('parse/node').Parse;
 
 // Returns a promise that fulfills iff this user id is valid.
@@ -36,29 +36,12 @@ function validateAppId(appIds, authData) {
 
 // A promisey wrapper for Spotify API requests.
 function request(path, access_token) {
-  return new Promise(function(resolve, reject) {
+  return httpsRequest.get({
-    https.get({
+    host: 'api.spotify.com',
-      host: 'api.spotify.com',
+    path: '/v1/' + path,
-      path: '/v1/' + path,
+    headers: {
-      headers: {
+      'Authorization': 'Bearer ' + access_token
-        'Authorization': 'Bearer ' + access_token
+    }
-      }
-    }, function(res) {
-      var data = '';
-      res.on('data', function(chunk) {
-        data += chunk;
-      });
-      res.on('end', function() {
-        try {
-          data = JSON.parse(data);
-        } catch(e) {
-          return reject(e);
-        }
-        resolve(data);
-      });
-    }).on('error', function() {
-      reject('Failed to validate this access token with Spotify.');
-    });
   });
 }
 

src/Adapters/Auth/vkontakte.js

@@ -2,7 +2,7 @@
 
 // Helper functions for accessing the vkontakte API.
 
-var https = require('https');
+const httpsRequest = require('./httpsRequest');
 var Parse = require('parse/node').Parse;
 var logger = require('../../logger').default;
 
@@ -41,24 +41,7 @@ function validateAppId() {
 
 // A promisey wrapper for api requests
 function request(host, path) {
-  return new Promise(function (resolve, reject) {
+  return httpsRequest.get("https://" + host + "/" + path);
-    https.get("https://" + host + "/" + path, function (res) {
-      var data = '';
-      res.on('data', function (chunk) {
-        data += chunk;
-      });
-      res.on('end', function () {
-        try {
-          data = JSON.parse(data);
-        } catch(e) {
-          return reject(e);
-        }
-        resolve(data);
-      });
-    }).on('error', function () {
-      reject('Failed to validate this access token with Vk.');
-    });
-  });
 }
 
 module.exports = {

src/Adapters/Auth/wechat.js

@@ -1,5 +1,5 @@
 // Helper functions for accessing the WeChat Graph API.
-var https = require('https');
+const httpsRequest = require('./httpsRequest');
 var Parse = require('parse/node').Parse;
 
 // Returns a promise that fulfills iff this user id is valid.
@@ -19,24 +19,7 @@ function validateAppId() {
 
 // A promisey wrapper for WeChat graph requests.
 function graphRequest(path) {
-  return new Promise(function (resolve, reject) {
+  return httpsRequest.get('https://api.weixin.qq.com/sns/' + path);
-    https.get('https://api.weixin.qq.com/sns/' + path, function (res) {
-      var data = '';
-      res.on('data', function (chunk) {
-        data += chunk;
-      });
-      res.on('end', function () {
-        try {
-          data = JSON.parse(data);
-        } catch(e) {
-          return reject(e);
-        }
-        resolve(data);
-      });
-    }).on('error', function () {
-      reject('Failed to validate this access token with wechat.');
-    });
-  });
 }
 
 module.exports = {

src/Adapters/Auth/weibo.js

@@ -1,5 +1,5 @@
 // Helper functions for accessing the weibo Graph API.
-var https = require('https');
+var httpsRequest = require('./httpsRequest');
 var Parse = require('parse/node').Parse;
 var querystring = require('querystring');
 
@@ -20,42 +20,19 @@ function validateAppId() {
 
 // A promisey wrapper for weibo graph requests.
 function graphRequest(access_token) {
-  return new Promise(function (resolve, reject) {
+  var postData = querystring.stringify({
-    var postData = querystring.stringify({
+    "access_token": access_token
-      "access_token":access_token
-    });
-    var options = {
-      hostname: 'api.weibo.com',
-      path: '/oauth2/get_token_info',
-      method: 'POST',
-      headers: {
-        'Content-Type': 'application/x-www-form-urlencoded',
-        'Content-Length': Buffer.byteLength(postData)
-      }
-    };
-    var req = https.request(options, function(res){
-      var data = '';
-      res.on('data', function (chunk) {
-        data += chunk;
-      });
-      res.on('end', function () {
-        try {
-          data = JSON.parse(data);
-        } catch(e) {
-          return reject(e);
-        }
-        resolve(data);
-      });
-      res.on('error', function () {
-        reject('Failed to validate this access token with weibo.');
-      });
-    });
-    req.on('error', function () {
-      reject('Failed to validate this access token with weibo.');
-    });
-    req.write(postData);
-    req.end();
   });
+  var options = {
+    hostname: 'api.weibo.com',
+    path: '/oauth2/get_token_info',
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/x-www-form-urlencoded',
+      'Content-Length': Buffer.byteLength(postData)
+    }
+  };
+  return httpsRequest.request(options, postData);
 }
 
 module.exports = {