removes key transformation for authData from restWrite, ensures authData is set in hooks

src/RestWrite.js

@@ -212,10 +212,12 @@ RestWrite.prototype.validateAuthData = function() {
   var authData = this.data.authData;
   var providers = Object.keys(authData);
   if (providers.length > 0) {
-    var provider = providers[providers.length-1];    
-    var providerAuthData = authData[provider];
-    var hasToken = (providerAuthData && providerAuthData.id);
-    if (providerAuthData === null || hasToken) {
+    let canHandleAuthData = providers.reduce((canHandle, provider) => {
+      var providerAuthData = authData[provider];
+      var hasToken = (providerAuthData && providerAuthData.id);
+      return canHandle && (hasToken || providerAuthData == null);
+    }, true);
+    if (canHandleAuthData) {
       return this.handleAuthData(authData);
     }
   }
@@ -274,11 +276,9 @@ RestWrite.prototype.handleAuthData = function(authData) {
       throw new Parse.Error(Parse.Error.ACCOUNT_ALREADY_LINKED,
                               'this auth is already used');
     }
-    // set the proper keys
-    Object.keys(authData).forEach((provider) => {
-      this.data[`_auth_data_${provider}`] = authData[provider];
-    });
-
+    
+    this.storage['authProvider'] = Object.keys(authData).join(',');
+    
     if (results.length == 0) {
       this.data.username = cryptoUtils.newToken();
     } else if (!this.query) {
@@ -294,9 +294,6 @@ RestWrite.prototype.handleAuthData = function(authData) {
       // Trying to update auth data but users
       // are different
       if (results[0].objectId !== this.query.objectId) {
-        Object.keys(authData).forEach((provider) => {
-          delete this.data[`_auth_data_${provider}`];
-        });
         throw new Parse.Error(Parse.Error.ACCOUNT_ALREADY_LINKED,
                             'this auth is already used');
       }
@@ -708,10 +705,6 @@ RestWrite.prototype.runDatabaseOperation = function() {
   if (this.data.ACL && this.data.ACL['*unresolved']) {
     throw new Parse.Error(Parse.Error.INVALID_ACL, 'Invalid ACL.');
   }
-  
-  if (this.className === '_User') {
-    delete this.data.authData;
-  }
 
   if (this.query) {
     // Run an update

src/authDataManager/index.js

@@ -91,4 +91,4 @@ module.exports = function(oauthOptions = {}, enableAnonymousUsers = true) {
     getValidatorForProvider,
     setEnableAnonymousUsers, 
   })
-}
+}

src/transform.js

@@ -87,7 +87,7 @@ export function transformKeyValue(schema, className, restKey, restValue, options
       return transformWhere(schema, className, s);
     });
     return {key: '$and', value: mongoSubqueries};
-  default:
+  default:  
     // Other auth data
     var authDataMatch = key.match(/^authData\.([a-zA-Z0-9_]+)\.id$/);
     if (authDataMatch) {
@@ -203,6 +203,9 @@ function transformWhere(schema, className, restWhere) {
 // restCreate is the "create" clause in REST API form.
 // Returns the mongo form of the object.
 function transformCreate(schema, className, restCreate) {
+  if (className == '_User') {
+     restCreate = transformAuthData(restCreate);
+  }
   var mongoCreate = transformACL(restCreate);
   for (var restKey in restCreate) {
     var out = transformKeyValue(schema, className, restKey, restCreate[restKey]);
@@ -218,6 +221,10 @@ function transformUpdate(schema, className, restUpdate) {
   if (!restUpdate) {
     throw 'got empty restUpdate';
   }
+  if (className == '_User') {
+    restUpdate = transformAuthData(restUpdate);
+  }
+  
   var mongoUpdate = {};
   var acl = transformACL(restUpdate);
   if (acl._rperm || acl._wperm) {
@@ -250,6 +257,16 @@ function transformUpdate(schema, className, restUpdate) {
   return mongoUpdate;
 }
 
+function transformAuthData(restObject) {
+  if (restObject.authData) {
+    Object.keys(restObject.authData).forEach((provider) => {
+      restObject[`_auth_data_${provider}`] = restObject.authData[provider];
+    });
+    delete restObject.authData;
+  }
+  return restObject;
+}
+
 // Transforms a REST API formatted ACL object to our two-field mongo format.
 // This mutates the restObject passed in to remove the ACL key.
 function transformACL(restObject) {