breaking: rely on context.kauth instead of context.auth

examples/authResolvers.js

@@ -5,7 +5,7 @@ const session = require('express-session')
 const Keycloak = require('keycloak-connect')
 const { ApolloServer, gql } = require('apollo-server-express')
 
-const { KeycloakContextProvider, KeycloakTypeDefs, auth, hasRole } = require('../')
+const { KeycloakContext, KeycloakTypeDefs, auth, hasRole } = require('../')
 
 const app = express()
 
@@ -68,7 +68,7 @@ const options ={
   resolvers,
   context: ({ req }) => {
     return {
-      auth: new KeycloakContextProvider({ req })
+      kauth: new KeycloakContext({ req })
     }
   }
 }

examples/basic.js

@@ -4,7 +4,7 @@ const express = require('express')
 const session = require('express-session')
 const Keycloak = require('keycloak-connect')
 
-const { KeycloakContextProvider, KeycloakTypeDefs, KeycloakSchemaDirectives } = require('../')
+const { KeycloakContext, KeycloakTypeDefs, KeycloakSchemaDirectives } = require('../')
 
 const { ApolloServer, gql } = require('apollo-server-express')
 
@@ -47,10 +47,10 @@ const resolvers = {
   Query: {
     hello: (obj, args, context, info) => {
       // log some of the auth related info added to the context
-      console.log(context.auth.isAuthenticated())
-      console.log(context.auth.accessToken.content.name)
+      console.log(context.kauth.isAuthenticated())
+      console.log(context.kauth.accessToken.content.name)
 
-      const name = context.auth.accessToken.content.preferred_username || 'world'
+      const name = context.kauth.accessToken.content.preferred_username || 'world'
       return `Hello ${name}`
     }
   }
@@ -64,7 +64,7 @@ const server = new ApolloServer({
   resolvers,
   context: ({ req }) => {
     return {
-      auth: new KeycloakContextProvider({ req })
+      kauth: new KeycloakContext({ req })
     }
   }
 })

examples/private_and_public.js

@@ -5,7 +5,7 @@ const session = require('express-session')
 const Keycloak = require('keycloak-connect')
 const { ApolloServer, gql } = require('apollo-server-express')
 
-const { KeycloakContextProvider, KeycloakTypeDefs, KeycloakSchemaDirectives } = require('../')
+const { KeycloakContext, KeycloakTypeDefs, KeycloakSchemaDirectives } = require('../')
 
 const app = express()
 
@@ -69,7 +69,7 @@ const options ={
   resolvers,
   context: ({ req }) => {
     return {
-      auth: new KeycloakContextProvider({ req })
+      kauth: new KeycloakContext({ req })
     }
   }
 }

src/KeycloakContextProvider.ts → src/KeycloakContext.ts

@@ -1,6 +1,6 @@
 import { AuthContextProvider } from './api'
 
-export class KeycloakContextProvider implements AuthContextProvider {
+export class KeycloakContext implements AuthContextProvider {
   public readonly request: any
   public readonly accessToken: any
   public readonly authenticated: boolean

src/directives/directiveResolvers.ts

@@ -1,12 +1,12 @@
 export const auth = (next: Function) => (root: any, args: any, context: any, info: any) => {
-  if (!context.auth || !context.auth.isAuthenticated()) {
+  if (!context.kauth || !context.kauth.isAuthenticated()) {
     throw new Error(`User not Authenticated`)
   }
   return next(root, args, context, info)
 }
 
 export const hasRole = (roles: Array<string>) => (next: Function) => (root: any, args: any, context: any, info: any) => {
-  if (!context.auth || !context.auth.isAuthenticated()) {
+  if (!context.kauth || !context.kauth.isAuthenticated()) {
     throw new Error(`User not Authenticated`)
   }
 
@@ -16,9 +16,12 @@ export const hasRole = (roles: Array<string>) => (next: Function) => (root: any,
 
   let foundRole = null // this will be the role the user was successfully authorized on
 
-  foundRole = roles.find((role: string) => {
-    return context.auth.hasRole(role)
-  })
+  for (let role of roles) {
+    if (context.kauth.hasRole(role)) {
+      foundRole = role
+      break
+    }
+  }
 
   if (!foundRole) {
     throw new Error(`User is not authorized. Must have one of the following roles: [${roles}]`)

src/index.ts

@@ -1,4 +1,4 @@
 export * from './KeycloakSubscriptionHandler'
-export * from './KeycloakContextProvider'
+export * from './KeycloakContext'
 export * from './directives'
 export * from './api'

test/AuthContextProvider.test.ts

@@ -1,6 +1,6 @@
 import test from 'ava'
 
-import { KeycloakContextProvider } from '../src/KeycloakContextProvider'
+import { KeycloakContext } from '../src/KeycloakContext'
 
 test('AuthContextProvider accessToken is the access_token in req.kauth', (t) => {
 
@@ -19,7 +19,7 @@ test('AuthContextProvider accessToken is the access_token in req.kauth', (t) =>
     }
   }
 
-  const provider = new KeycloakContextProvider({ req })
+  const provider = new KeycloakContext({ req })
   t.deepEqual(provider.accessToken, req.kauth.grant.access_token)
 })
 
@@ -41,7 +41,7 @@ test('AuthContextProvider hasRole calls hasRole in the access_token', (t) => {
     }
   }
 
-  const provider = new KeycloakContextProvider({ req })
+  const provider = new KeycloakContext({ req })
   t.truthy(provider.hasRole(''))
 })
 
@@ -61,7 +61,7 @@ test('AuthContextProvider.isAuthenticated is true when token is defined and isEx
     }
   }
 
-  const provider = new KeycloakContextProvider({ req })
+  const provider = new KeycloakContext({ req })
   t.truthy(provider.isAuthenticated())
 })
 
@@ -81,7 +81,7 @@ test('AuthContextProvider.isAuthenticated is false when token is defined but isE
     }
   }
 
-  const provider = new KeycloakContextProvider({ req })
+  const provider = new KeycloakContext({ req })
   t.false(provider.isAuthenticated())
 })
 
@@ -101,6 +101,6 @@ test('AuthContextProvider.hasRole is false if token is expired', (t) => {
     }
   }
 
-  const provider = new KeycloakContextProvider({ req })
+  const provider = new KeycloakContext({ req })
   t.false(provider.hasRole(''))
 })

test/auth.test.ts

@@ -5,7 +5,7 @@ import { GraphQLSchema } from 'graphql'
 import { VisitableSchemaType } from 'graphql-tools/dist/schemaVisitor'
 import { AuthDirective } from '../src/directives/schemaDirectiveVisitors'
 
-import { KeycloakContextProvider } from '../src/KeycloakContextProvider'
+import { KeycloakContext } from '../src/KeycloakContext'
 
 const createHasRoleDirective = () => {
   return new AuthDirective({
@@ -16,7 +16,7 @@ const createHasRoleDirective = () => {
   })
 }
 
-test('happy path: context.auth.isAuthenticated() is called, then original resolver is called', async (t) => {
+test('happy path: context.kauth.isAuthenticated() is called, then original resolver is called', async (t) => {
   const directive = createHasRoleDirective()
 
   const field = {
@@ -45,10 +45,10 @@ test('happy path: context.auth.isAuthenticated() is called, then original resolv
   }
   const context = {
     request: req,
-    auth: new KeycloakContextProvider({ req })
+    kauth: new KeycloakContext({ req })
   }
 
-  const isAuthenticatedSpy = sinon.spy(context.auth, 'isAuthenticated')
+  const isAuthenticatedSpy = sinon.spy(context.kauth, 'isAuthenticated')
 
   const info = {
     parentType: {
@@ -62,7 +62,7 @@ test('happy path: context.auth.isAuthenticated() is called, then original resolv
   t.truthy(resolverSpy.called)
 })
 
-test('resolver will throw if context.auth is not present', async (t) => {
+test('resolver will throw if context.kauth is not present', async (t) => {
   const directive = createHasRoleDirective()
 
   const field = {
@@ -102,7 +102,7 @@ test('resolver will throw if context.auth is not present', async (t) => {
   }, 'User not Authenticated')
 })
 
-test('resolver will throw if context.auth present but context.auth.isAuthenticated returns false', async (t) => {
+test('resolver will throw if context.kauth present but context.kauth.isAuthenticated returns false', async (t) => {
   const directive = createHasRoleDirective()
 
   const field = {
@@ -120,7 +120,7 @@ test('resolver will throw if context.auth present but context.auth.isAuthenticat
 
   const context = {
     request: req,
-    auth: {
+    kauth: {
       isAuthenticated: () => false
     }
   }

test/hasRole.test.ts

@@ -4,7 +4,7 @@ import { GraphQLSchema } from 'graphql'
 import { VisitableSchemaType } from 'graphql-tools/dist/schemaVisitor'
 import { HasRoleDirective } from '../src/directives/schemaDirectiveVisitors'
 
-import { KeycloakContextProvider } from '../src/KeycloakContextProvider'
+import { KeycloakContext } from '../src/KeycloakContext'
 
 const createHasRoleDirective = (directiveArgs: any) => {
   return new HasRoleDirective({
@@ -53,7 +53,7 @@ test('context.auth.hasRole() is called', async (t) => {
   }
   const context = {
     request: req,
-    auth: new KeycloakContextProvider({ req })
+    kauth: new KeycloakContext({ req })
   }
 
   const info = {
@@ -102,7 +102,7 @@ test('visitFieldDefinition accepts an array of roles', async (t) => {
   }
   const context = {
     request: req,
-    auth: new KeycloakContextProvider({ req })
+    kauth: new KeycloakContext({ req })
   }
 
   const info = {
@@ -138,7 +138,7 @@ test('if there is no authentication, then an error is returned and the original
   const req = {}
   const context = {
     request: req,
-    auth: new KeycloakContextProvider({ req })
+    kauth: new KeycloakContext({ req })
   }
 
   const info = {
@@ -189,7 +189,7 @@ test('if token does not have the required role, then an error is returned and th
   }
   const context = {
     request: req,
-    auth: new KeycloakContextProvider({ req })
+    kauth: new KeycloakContext({ req })
   }
 
   const info = {
@@ -263,7 +263,7 @@ test('context.auth.hasRole() works even if request is not supplied in context',
     }
   }
   const context = {
-    auth: new KeycloakContextProvider({ req })
+    kauth: new KeycloakContext({ req })
   }
 
   const info = {