fix: Rename cookie field to authorization

CommunitySolidServer · Oct 6, 2023 · 307dba3 · 307dba3
1 parent cd07338
commit 307dba3
Show file tree

Hide file tree

Showing 7 changed files with 26 additions and 29 deletions.
diff --git a/config/ldp/metadata-parser/parsers/authorization.json b/config/ldp/metadata-parser/parsers/authorization.json
@@ -7,7 +7,7 @@
       "@type": "AuthorizationParser",
       "authMap": [
         {
-          "AuthorizationParser:_authMap_key": "CSS-Account-Cookie",
+          "AuthorizationParser:_authMap_key": "CSS-Account-Token",
           "AuthorizationParser:_authMap_value": "urn:npm:solid:community-server:http:accountCookie"
         }
       ]

diff --git a/documentation/markdown/usage/account/json-api.md b/documentation/markdown/usage/account/json-api.md
@@ -23,12 +23,13 @@ When doing a GET request on these APIs they will return an object describing wha
 
 ## Authorization
 
-After logging in, the API will return a `set-cookie` header.
+After logging in, the API will return a `set-cookie` header of the format `css-account=$VALUE`
 This cookie is necessary to have access to many of the APIs.
 When including this cookie, the controls object will also be extended with new URLs that are now accessible.
-When logging in, the response body JSON body will also contain a `cookie` field containing the cookie value.
+When logging in, the response body JSON body will also contain an `authorization` field
+containing the `$VALUE` value mentioned above.
 Instead of using cookies,
-this value can also be used in an `Authorization` header with auth scheme `CSS-Account-Cookie`
+this value can be used in an `Authorization` header with value `CSS-Account-Token $VALUE`
 to achieve the same result.
 
 The expiration time of this cookie will be refreshed

diff --git a/src/identity/interaction/login/ResolveLoginHandler.ts b/src/identity/interaction/login/ResolveLoginHandler.ts
@@ -55,8 +55,8 @@ export abstract class ResolveLoginHandler extends JsonInteractionHandler {
     // Putting it in the metadata, so it can be converted into an HTTP response header.
     // Putting it in the response JSON so users can also use it in an Authorization header.
     const metadata = result.metadata ?? new RepresentationMetadata(input.target);
-    json.cookie = await this.cookieStore.generate(accountId);
-    metadata.add(SOLID_HTTP.terms.accountCookie, json.cookie);
+    json.authorization = await this.cookieStore.generate(accountId);
+    metadata.add(SOLID_HTTP.terms.accountCookie, json.authorization);
 
     // Delete the old cookie if there was one, to prevent unused cookies from being stored.
     // We are not reusing this cookie as it could be associated with a different account.

diff --git a/test/deploy/createAccountCredentials.ts b/test/deploy/createAccountCredentials.ts
@@ -31,7 +31,7 @@ const bob: User = {
  * Registers a user with the server and provides them with a pod.
  * @param user - The user settings necessary to register a user.
  */
-async function register(user: User): Promise<{ webId: string; cookie: string }> {
+async function register(user: User): Promise<{ webId: string; authorization: string }> {
   // Get controls
   let res = await fetch(urljoin(baseUrl, '.account/'));
   let { controls } = await res.json();
@@ -41,8 +41,7 @@ async function register(user: User): Promise<{ webId: string; cookie: string }>
   if (res.status !== 200) {
     throw new Error(`Account creation failed: ${await res.text()}`);
   }
-  const { cookie } = await res.json();
-  const authorization = `CSS-Account-Cookie ${cookie}`;
+  const authorization = `CSS-Account-Token ${(await res.json()).authorization}`;
 
   // Get account controls
   res = await fetch(controls.main.index, {
@@ -74,18 +73,16 @@ async function register(user: User): Promise<{ webId: string; cookie: string }>
   }
   const { webId } = await res.json();
 
-  return { webId, cookie };
+  return { webId, authorization };
 }
 
 /**
  * Requests a client credentials API token.
  * @param webId - WebID to create credentials for.
- * @param cookie - Authoriziation cookie for the account that tries to create credentials.
+ * @param authorization - Authorization header for the account that tries to create credentials.
  * @returns The id/secret for the client credentials request.
  */
-async function createCredentials(webId: string, cookie: string): Promise<{ id: string; secret: string }> {
-  // Get account controls
-  const authorization = `CSS-Account-Cookie ${cookie}`;
+async function createCredentials(webId: string, authorization: string): Promise<{ id: string; secret: string }> {
   let res = await fetch(urljoin(baseUrl, '.account/'), {
     headers: { authorization },
   });
@@ -110,8 +107,8 @@ async function createCredentials(webId: string, cookie: string): Promise<{ id: s
  * @param user - User for which data needs to be generated.
  */
 async function outputCredentials(user: User): Promise<void> {
-  const { webId, cookie } = await register(user);
-  const { id, secret } = await createCredentials(webId, cookie);
+  const { webId, authorization } = await register(user);
+  const { id, secret } = await createCredentials(webId, authorization);
 
   const name = user.podName.toUpperCase();
   console.log(`USERS_${name}_CLIENTID=${id}`);

diff --git a/test/integration/Accounts.test.ts b/test/integration/Accounts.test.ts
@@ -100,7 +100,7 @@ describe('A server with account management', (): void => {
     expect(cookies).toHaveLength(1);
 
     cookie = `${cookies[0].name}=${cookies[0].value}`;
-    expect(json.cookie).toBe(cookies[0].value);
+    expect(json.authorization).toBe(cookies[0].value);
   });
 
   it('can only access the account controls the cookie.', async(): Promise<void> => {
@@ -124,7 +124,7 @@ describe('A server with account management', (): void => {
 
   it('can also access the account controls using the custom authorization header.', async(): Promise<void> => {
     const res = await fetch(indexUrl, { headers:
-        { authorization: `CSS-Account-Cookie ${cookie.split('=')[1]}` }});
+        { authorization: `CSS-Account-Token ${cookie.split('=')[1]}` }});
     expect(res.status).toBe(200);
     const json = await res.json();
     expect(json.controls.account.pod).toEqual(controls.account.pod);

diff --git a/test/unit/identity/interaction/login/ResolveLoginHandler.test.ts b/test/unit/identity/interaction/login/ResolveLoginHandler.test.ts
@@ -23,7 +23,7 @@ class DummyLoginHandler extends ResolveLoginHandler {
 }
 
 describe('A ResolveLoginHandler', (): void => {
-  const cookie = 'cookie';
+  const authorization = 'cookie';
   let metadata: RepresentationMetadata;
   let input: JsonInteractionHandlerInput;
   let accountStore: jest.Mocked<AccountStore>;
@@ -49,7 +49,7 @@ describe('A ResolveLoginHandler', (): void => {
     } satisfies Partial<AccountStore> as any;
 
     cookieStore = {
-      generate: jest.fn().mockResolvedValue(cookie),
+      generate: jest.fn().mockResolvedValue(authorization),
       delete: jest.fn(),
     } satisfies Partial<CookieStore> as any;
 
@@ -59,10 +59,10 @@ describe('A ResolveLoginHandler', (): void => {
   it('removes the ID from the output and adds a cookie.', async(): Promise<void> => {
     await expect(handler.handle(input)).resolves.toEqual({ json: {
       data: 'data',
-      cookie,
+      authorization,
     },
     metadata });
-    expect(metadata.get(SOLID_HTTP.terms.accountCookie)?.value).toBe(cookie);
+    expect(metadata.get(SOLID_HTTP.terms.accountCookie)?.value).toBe(authorization);
 
     expect(cookieStore.generate).toHaveBeenCalledTimes(1);
     expect(cookieStore.generate).toHaveBeenLastCalledWith(accountId);
@@ -75,7 +75,7 @@ describe('A ResolveLoginHandler', (): void => {
     const result = await handler.handle(input);
     expect(result).toEqual({ json: {
       data: 'data',
-      cookie,
+      authorization,
     },
     metadata: expect.any(RepresentationMetadata) });
     expect(result.metadata).not.toBe(metadata);
@@ -91,7 +91,7 @@ describe('A ResolveLoginHandler', (): void => {
     } as any;
     await expect(handler.handle(input)).resolves.toEqual({ json: {
       data: 'data',
-      cookie,
+      authorization,
       location: 'returnTo',
     },
     metadata });
@@ -110,7 +110,7 @@ describe('A ResolveLoginHandler', (): void => {
     };
     await expect(handler.handle(input)).resolves.toEqual({ json: {
       data: 'data',
-      cookie,
+      authorization,
     },
     metadata });
 
@@ -124,10 +124,10 @@ describe('A ResolveLoginHandler', (): void => {
     input.metadata.set(SOLID_HTTP.terms.accountCookie, 'old-cookie-value');
     await expect(handler.handle(input)).resolves.toEqual({ json: {
       data: 'data',
-      cookie,
+      authorization,
     },
     metadata });
-    expect(metadata.get(SOLID_HTTP.terms.accountCookie)?.value).toBe(cookie);
+    expect(metadata.get(SOLID_HTTP.terms.accountCookie)?.value).toBe(authorization);
 
     expect(cookieStore.generate).toHaveBeenCalledTimes(1);
     expect(cookieStore.generate).toHaveBeenLastCalledWith(accountId);

diff --git a/test/util/AccountUtil.ts b/test/util/AccountUtil.ts
@@ -22,8 +22,7 @@ Promise<{ pod: string; webId: string; authorization: string; controls: any }> {
   // Create account
   res = await fetch(controls.account.create, { method: 'POST' });
   expect(res.status).toBe(200);
-  const { cookie } = await res.json();
-  const authorization = `CSS-Account-Cookie ${cookie}`;
+  const authorization = `CSS-Account-Token ${(await res.json()).authorization}`;
 
   // Get account controls
   res = await fetch(controls.account.create, {