From 307dba3219c15cd094d732e61f8f7e849fd72790 Mon Sep 17 00:00:00 2001 From: Joachim Van Herwegen Date: Wed, 27 Sep 2023 11:14:02 +0200 Subject: [PATCH] fix: Rename cookie field to authorization --- .../metadata-parser/parsers/authorization.json | 2 +- .../markdown/usage/account/json-api.md | 7 ++++--- .../interaction/login/ResolveLoginHandler.ts | 4 ++-- test/deploy/createAccountCredentials.ts | 17 +++++++---------- test/integration/Accounts.test.ts | 4 ++-- .../login/ResolveLoginHandler.test.ts | 18 +++++++++--------- test/util/AccountUtil.ts | 3 +-- 7 files changed, 26 insertions(+), 29 deletions(-) diff --git a/config/ldp/metadata-parser/parsers/authorization.json b/config/ldp/metadata-parser/parsers/authorization.json index c2a98c0710..c3dd533c55 100644 --- a/config/ldp/metadata-parser/parsers/authorization.json +++ b/config/ldp/metadata-parser/parsers/authorization.json @@ -7,7 +7,7 @@ "@type": "AuthorizationParser", "authMap": [ { - "AuthorizationParser:_authMap_key": "CSS-Account-Cookie", + "AuthorizationParser:_authMap_key": "CSS-Account-Token", "AuthorizationParser:_authMap_value": "urn:npm:solid:community-server:http:accountCookie" } ] diff --git a/documentation/markdown/usage/account/json-api.md b/documentation/markdown/usage/account/json-api.md index 2ba4a657f5..2d1d02a4a3 100644 --- a/documentation/markdown/usage/account/json-api.md +++ b/documentation/markdown/usage/account/json-api.md @@ -23,12 +23,13 @@ When doing a GET request on these APIs they will return an object describing wha ## Authorization -After logging in, the API will return a `set-cookie` header. +After logging in, the API will return a `set-cookie` header of the format `css-account=$VALUE` This cookie is necessary to have access to many of the APIs. When including this cookie, the controls object will also be extended with new URLs that are now accessible. -When logging in, the response body JSON body will also contain a `cookie` field containing the cookie value. +When logging in, the response body JSON body will also contain an `authorization` field +containing the `$VALUE` value mentioned above. Instead of using cookies, -this value can also be used in an `Authorization` header with auth scheme `CSS-Account-Cookie` +this value can be used in an `Authorization` header with value `CSS-Account-Token $VALUE` to achieve the same result. The expiration time of this cookie will be refreshed diff --git a/src/identity/interaction/login/ResolveLoginHandler.ts b/src/identity/interaction/login/ResolveLoginHandler.ts index c3c511bad0..916d3b30cf 100644 --- a/src/identity/interaction/login/ResolveLoginHandler.ts +++ b/src/identity/interaction/login/ResolveLoginHandler.ts @@ -55,8 +55,8 @@ export abstract class ResolveLoginHandler extends JsonInteractionHandler { // Putting it in the metadata, so it can be converted into an HTTP response header. // Putting it in the response JSON so users can also use it in an Authorization header. const metadata = result.metadata ?? new RepresentationMetadata(input.target); - json.cookie = await this.cookieStore.generate(accountId); - metadata.add(SOLID_HTTP.terms.accountCookie, json.cookie); + json.authorization = await this.cookieStore.generate(accountId); + metadata.add(SOLID_HTTP.terms.accountCookie, json.authorization); // Delete the old cookie if there was one, to prevent unused cookies from being stored. // We are not reusing this cookie as it could be associated with a different account. diff --git a/test/deploy/createAccountCredentials.ts b/test/deploy/createAccountCredentials.ts index 17747b42f8..4e89490882 100644 --- a/test/deploy/createAccountCredentials.ts +++ b/test/deploy/createAccountCredentials.ts @@ -31,7 +31,7 @@ const bob: User = { * Registers a user with the server and provides them with a pod. * @param user - The user settings necessary to register a user. */ -async function register(user: User): Promise<{ webId: string; cookie: string }> { +async function register(user: User): Promise<{ webId: string; authorization: string }> { // Get controls let res = await fetch(urljoin(baseUrl, '.account/')); let { controls } = await res.json(); @@ -41,8 +41,7 @@ async function register(user: User): Promise<{ webId: string; cookie: string }> if (res.status !== 200) { throw new Error(`Account creation failed: ${await res.text()}`); } - const { cookie } = await res.json(); - const authorization = `CSS-Account-Cookie ${cookie}`; + const authorization = `CSS-Account-Token ${(await res.json()).authorization}`; // Get account controls res = await fetch(controls.main.index, { @@ -74,18 +73,16 @@ async function register(user: User): Promise<{ webId: string; cookie: string }> } const { webId } = await res.json(); - return { webId, cookie }; + return { webId, authorization }; } /** * Requests a client credentials API token. * @param webId - WebID to create credentials for. - * @param cookie - Authoriziation cookie for the account that tries to create credentials. + * @param authorization - Authorization header for the account that tries to create credentials. * @returns The id/secret for the client credentials request. */ -async function createCredentials(webId: string, cookie: string): Promise<{ id: string; secret: string }> { - // Get account controls - const authorization = `CSS-Account-Cookie ${cookie}`; +async function createCredentials(webId: string, authorization: string): Promise<{ id: string; secret: string }> { let res = await fetch(urljoin(baseUrl, '.account/'), { headers: { authorization }, }); @@ -110,8 +107,8 @@ async function createCredentials(webId: string, cookie: string): Promise<{ id: s * @param user - User for which data needs to be generated. */ async function outputCredentials(user: User): Promise { - const { webId, cookie } = await register(user); - const { id, secret } = await createCredentials(webId, cookie); + const { webId, authorization } = await register(user); + const { id, secret } = await createCredentials(webId, authorization); const name = user.podName.toUpperCase(); console.log(`USERS_${name}_CLIENTID=${id}`); diff --git a/test/integration/Accounts.test.ts b/test/integration/Accounts.test.ts index 288760853d..fb613e8e3a 100644 --- a/test/integration/Accounts.test.ts +++ b/test/integration/Accounts.test.ts @@ -100,7 +100,7 @@ describe('A server with account management', (): void => { expect(cookies).toHaveLength(1); cookie = `${cookies[0].name}=${cookies[0].value}`; - expect(json.cookie).toBe(cookies[0].value); + expect(json.authorization).toBe(cookies[0].value); }); it('can only access the account controls the cookie.', async(): Promise => { @@ -124,7 +124,7 @@ describe('A server with account management', (): void => { it('can also access the account controls using the custom authorization header.', async(): Promise => { const res = await fetch(indexUrl, { headers: - { authorization: `CSS-Account-Cookie ${cookie.split('=')[1]}` }}); + { authorization: `CSS-Account-Token ${cookie.split('=')[1]}` }}); expect(res.status).toBe(200); const json = await res.json(); expect(json.controls.account.pod).toEqual(controls.account.pod); diff --git a/test/unit/identity/interaction/login/ResolveLoginHandler.test.ts b/test/unit/identity/interaction/login/ResolveLoginHandler.test.ts index 93621873ce..e59bb8700a 100644 --- a/test/unit/identity/interaction/login/ResolveLoginHandler.test.ts +++ b/test/unit/identity/interaction/login/ResolveLoginHandler.test.ts @@ -23,7 +23,7 @@ class DummyLoginHandler extends ResolveLoginHandler { } describe('A ResolveLoginHandler', (): void => { - const cookie = 'cookie'; + const authorization = 'cookie'; let metadata: RepresentationMetadata; let input: JsonInteractionHandlerInput; let accountStore: jest.Mocked; @@ -49,7 +49,7 @@ describe('A ResolveLoginHandler', (): void => { } satisfies Partial as any; cookieStore = { - generate: jest.fn().mockResolvedValue(cookie), + generate: jest.fn().mockResolvedValue(authorization), delete: jest.fn(), } satisfies Partial as any; @@ -59,10 +59,10 @@ describe('A ResolveLoginHandler', (): void => { it('removes the ID from the output and adds a cookie.', async(): Promise => { await expect(handler.handle(input)).resolves.toEqual({ json: { data: 'data', - cookie, + authorization, }, metadata }); - expect(metadata.get(SOLID_HTTP.terms.accountCookie)?.value).toBe(cookie); + expect(metadata.get(SOLID_HTTP.terms.accountCookie)?.value).toBe(authorization); expect(cookieStore.generate).toHaveBeenCalledTimes(1); expect(cookieStore.generate).toHaveBeenLastCalledWith(accountId); @@ -75,7 +75,7 @@ describe('A ResolveLoginHandler', (): void => { const result = await handler.handle(input); expect(result).toEqual({ json: { data: 'data', - cookie, + authorization, }, metadata: expect.any(RepresentationMetadata) }); expect(result.metadata).not.toBe(metadata); @@ -91,7 +91,7 @@ describe('A ResolveLoginHandler', (): void => { } as any; await expect(handler.handle(input)).resolves.toEqual({ json: { data: 'data', - cookie, + authorization, location: 'returnTo', }, metadata }); @@ -110,7 +110,7 @@ describe('A ResolveLoginHandler', (): void => { }; await expect(handler.handle(input)).resolves.toEqual({ json: { data: 'data', - cookie, + authorization, }, metadata }); @@ -124,10 +124,10 @@ describe('A ResolveLoginHandler', (): void => { input.metadata.set(SOLID_HTTP.terms.accountCookie, 'old-cookie-value'); await expect(handler.handle(input)).resolves.toEqual({ json: { data: 'data', - cookie, + authorization, }, metadata }); - expect(metadata.get(SOLID_HTTP.terms.accountCookie)?.value).toBe(cookie); + expect(metadata.get(SOLID_HTTP.terms.accountCookie)?.value).toBe(authorization); expect(cookieStore.generate).toHaveBeenCalledTimes(1); expect(cookieStore.generate).toHaveBeenLastCalledWith(accountId); diff --git a/test/util/AccountUtil.ts b/test/util/AccountUtil.ts index 535453cd03..aab8c15473 100644 --- a/test/util/AccountUtil.ts +++ b/test/util/AccountUtil.ts @@ -22,8 +22,7 @@ Promise<{ pod: string; webId: string; authorization: string; controls: any }> { // Create account res = await fetch(controls.account.create, { method: 'POST' }); expect(res.status).toBe(200); - const { cookie } = await res.json(); - const authorization = `CSS-Account-Cookie ${cookie}`; + const authorization = `CSS-Account-Token ${(await res.json()).authorization}`; // Get account controls res = await fetch(controls.account.create, {