From b7f3a2e404eaaa96db5b522a6ae04480cfc07921 Mon Sep 17 00:00:00 2001 From: Antonio Barcelos Date: Wed, 6 Oct 2021 13:29:17 +0200 Subject: [PATCH 1/6] Introducion Bearer tokens and SSO support This change provides an utility function to easy create auth token object for `bearer` tokens. The error handling related with this kind of token usage is also implemented. When a `Neo.ClientError.Security.TokenExpired` error happens, the adress should be purged from the pool and the caller should be notified - no retry should be performed. --- .../connection/connection-error-handler.js | 5 +- .../connection-provider-direct.test.js | 41 +++++ .../connection-provider-routing.test.js | 148 ++++++++++++++++++ .../connection-error-handler.test.js | 62 ++++++++ packages/neo4j-driver-lite/src/index.ts | 6 + packages/neo4j-driver/src/index.js | 6 + packages/neo4j-driver/types/index.d.ts | 2 + .../testkit-backend/src/request-handlers.js | 3 + 8 files changed, 272 insertions(+), 1 deletion(-) diff --git a/packages/bolt-connection/src/connection/connection-error-handler.js b/packages/bolt-connection/src/connection/connection-error-handler.js index d90e8825b..bafcc8a82 100644 --- a/packages/bolt-connection/src/connection/connection-error-handler.js +++ b/packages/bolt-connection/src/connection/connection-error-handler.js @@ -77,7 +77,10 @@ export default class ConnectionErrorHandler { } function isAutorizationExpiredError (error) { - return error && error.code === 'Neo.ClientError.Security.AuthorizationExpired' + return error && ( + error.code === 'Neo.ClientError.Security.AuthorizationExpired' || + error.code === 'Neo.ClientError.Security.TokenExpired' + ) } function isAvailabilityError (error) { diff --git a/packages/bolt-connection/test/connection-provider/connection-provider-direct.test.js b/packages/bolt-connection/test/connection-provider/connection-provider-direct.test.js index a9e7568b4..59c587664 100644 --- a/packages/bolt-connection/test/connection-provider/connection-provider-direct.test.js +++ b/packages/bolt-connection/test/connection-provider/connection-provider-direct.test.js @@ -98,6 +98,47 @@ describe('#unit DirectConnectionProvider', () => { }) }) +it('should purge connections for address when TokenExpired happens', async () => { + const address = ServerAddress.fromUrl('localhost:123') + const pool = newPool() + jest.spyOn(pool, 'purge') + const connectionProvider = newDirectConnectionProvider(address, pool) + + const conn = await connectionProvider.acquireConnection({ + accessMode: 'READ', + database: '' + }) + + const error = newError( + 'Message', + 'Neo.ClientError.Security.TokenExpired' + ) + + conn.handleAndTransformError(error, address) + + expect(pool.purge).toHaveBeenCalledWith(address) +}) + +it('should purge not change error when TokenExpired happens', async () => { + const address = ServerAddress.fromUrl('localhost:123') + const pool = newPool() + const connectionProvider = newDirectConnectionProvider(address, pool) + + const conn = await connectionProvider.acquireConnection({ + accessMode: 'READ', + database: '' + }) + + const expectedError = newError( + 'Message', + 'Neo.ClientError.Security.TokenExpired' + ) + + const error = conn.handleAndTransformError(expectedError, address) + + expect(error).toBe(expectedError) +}) + function newDirectConnectionProvider (address, pool) { const connectionProvider = new DirectConnectionProvider({ id: 0, diff --git a/packages/bolt-connection/test/connection-provider/connection-provider-routing.test.js b/packages/bolt-connection/test/connection-provider/connection-provider-routing.test.js index f61b3c635..eb30ce311 100644 --- a/packages/bolt-connection/test/connection-provider/connection-provider-routing.test.js +++ b/packages/bolt-connection/test/connection-provider/connection-provider-routing.test.js @@ -1493,6 +1493,80 @@ describe('#unit RoutingConnectionProvider', () => { expect(error).toBe(expectedError) }) + it('should purge connections for address when TokenExpired happens', async () => { + const pool = newPool() + + jest.spyOn(pool, 'purge') + + const connectionProvider = newRoutingConnectionProvider( + [ + newRoutingTable( + null, + [server1, server2], + [server3, server2], + [server2, server4] + ) + ], + pool + ) + + const error = newError( + 'Message', + 'Neo.ClientError.Security.TokenExpired' + ) + + const server2Connection = await connectionProvider.acquireConnection({ + accessMode: 'WRITE', + database: null + }) + + const server3Connection = await connectionProvider.acquireConnection({ + accessMode: 'READ', + database: null + }) + + server3Connection.handleAndTransformError(error, server3) + server2Connection.handleAndTransformError(error, server2) + + expect(pool.purge).toHaveBeenCalledWith(server3) + expect(pool.purge).toHaveBeenCalledWith(server2) + }) + + it('should purge not change error when TokenExpired happens', async () => { + const pool = newPool() + + jest.spyOn(pool, 'purge') + + const connectionProvider = newRoutingConnectionProvider( + [ + newRoutingTable( + null, + [server1, server2], + [server3, server2], + [server2, server4] + ) + ], + pool + ) + + const expectedError = newError( + 'Message', + 'Neo.ClientError.Security.TokenExpired' + ) + + const server2Connection = await connectionProvider.acquireConnection({ + accessMode: 'WRITE', + database: null + }) + + const error = server2Connection.handleAndTransformError( + expectedError, + server2 + ) + + expect(error).toBe(expectedError) + }) + it('should use resolved seed router after accepting table with no writers', done => { const routingTable1 = newRoutingTable( null, @@ -1674,6 +1748,80 @@ describe('#unit RoutingConnectionProvider', () => { expect(error).toBe(expectedError) }) + it('should purge connections for address when TokenExpired happens', async () => { + const pool = newPool() + + jest.spyOn(pool, 'purge') + + const connectionProvider = newRoutingConnectionProvider( + [ + newRoutingTable( + 'databaseA', + [server1, server2], + [server1], + [server2] + ), + newRoutingTable('databaseB', [serverA, serverB], [serverA], [serverB]) + ], + pool + ) + + const error = newError( + 'Message', + 'Neo.ClientError.Security.TokenExpired' + ) + + const server2Connection = await connectionProvider.acquireConnection({ + accessMode: 'WRITE', + database: 'databaseA' + }) + + const serverAConnection = await connectionProvider.acquireConnection({ + accessMode: 'READ', + database: 'databaseB' + }) + + serverAConnection.handleAndTransformError(error, serverA) + server2Connection.handleAndTransformError(error, server2) + + expect(pool.purge).toHaveBeenCalledWith(serverA) + expect(pool.purge).toHaveBeenCalledWith(server2) + }) + + it('should purge not change error when TokenExpired happens', async () => { + const pool = newPool() + + const connectionProvider = newRoutingConnectionProvider( + [ + newRoutingTable( + 'databaseA', + [server1, server2], + [server1], + [server2] + ), + newRoutingTable('databaseB', [serverA, serverB], [serverA], [serverB]) + ], + pool + ) + + const expectedError = newError( + 'Message', + 'Neo.ClientError.Security.TokenExpired' + ) + + const server2Connection = await connectionProvider.acquireConnection({ + accessMode: 'WRITE', + database: 'databaseA' + }) + + const error = server2Connection.handleAndTransformError( + expectedError, + server2 + ) + + expect(error).toBe(expectedError) + }) + it('should acquire write connection from correct routing table', async () => { const pool = newPool() const connectionProvider = newRoutingConnectionProvider( diff --git a/packages/bolt-connection/test/connection/connection-error-handler.test.js b/packages/bolt-connection/test/connection/connection-error-handler.test.js index 7d3c6e8fd..f526e1c4c 100644 --- a/packages/bolt-connection/test/connection/connection-error-handler.test.js +++ b/packages/bolt-connection/test/connection/connection-error-handler.test.js @@ -140,6 +140,68 @@ describe('#unit ConnectionErrorHandler', () => { expect(addresses).toEqual([]) }) + + it('should handle and transform token expired error', () => { + const errors = [] + const addresses = [] + const transformedError = newError('Message', 'Code') + const handler = ConnectionErrorHandler.create({ + errorCode: SERVICE_UNAVAILABLE, + handleAuthorizationExpired: (error, address) => { + errors.push(error) + addresses.push(address) + return transformedError + } + }) + + const error1 = newError( + 'C', + 'Neo.ClientError.Security.TokenExpired' + ) + + const errorTransformed1 = handler.handleAndTransformError( + error1, + ServerAddress.fromUrl('localhost:0') + ) + + expect(errorTransformed1).toEqual(transformedError) + + expect(addresses).toEqual([ServerAddress.fromUrl('localhost:0')]) + }) + + it('should return original erro if token expired handler is not informed', () => { + const errors = [] + const addresses = [] + const transformedError = newError('Message', 'Code') + const handler = ConnectionErrorHandler.create({ + errorCode: SERVICE_UNAVAILABLE, + handleUnavailability: (error, address) => { + errors.push(error) + addresses.push(address) + return transformedError + }, + handleWriteFailure: (error, address) => { + errors.push(error) + addresses.push(address) + return transformedError + } + }) + + const error1 = newError( + 'C', + 'Neo.ClientError.Security.TokenExpired' + ) + + const errorTransformed1 = handler.handleAndTransformError( + error1, + ServerAddress.fromUrl('localhost:0') + ) + + expect(errorTransformed1).toEqual(error1) + + expect(addresses).toEqual([]) + }) + it('should handle and transform failure to write errors', () => { const errors = [] const addresses = [] diff --git a/packages/neo4j-driver-lite/src/index.ts b/packages/neo4j-driver-lite/src/index.ts index 48f6c05be..048bc7dfc 100644 --- a/packages/neo4j-driver-lite/src/index.ts +++ b/packages/neo4j-driver-lite/src/index.ts @@ -352,6 +352,12 @@ const auth = { credentials: base64EncodedTicket } }, + bearer: (base64EncodedToken: string) => { + return { + scheme: 'bearer', + credentials: base64EncodedToken + } + }, custom: ( principal: string, credentials: string, diff --git a/packages/neo4j-driver/src/index.js b/packages/neo4j-driver/src/index.js index 2aa16d3b3..6709995cf 100644 --- a/packages/neo4j-driver/src/index.js +++ b/packages/neo4j-driver/src/index.js @@ -319,6 +319,12 @@ const auth = { credentials: base64EncodedTicket } }, + bearer: base64EncodedToken => { + return { + scheme: 'bearer', + credentials: base64EncodedToken + } + }, custom: (principal, credentials, realm, scheme, parameters = undefined) => { if (parameters) { return { diff --git a/packages/neo4j-driver/types/index.d.ts b/packages/neo4j-driver/types/index.d.ts index 7f49f6522..2ec47266e 100644 --- a/packages/neo4j-driver/types/index.d.ts +++ b/packages/neo4j-driver/types/index.d.ts @@ -80,6 +80,8 @@ declare const auth: { kerberos: (base64EncodedTicket: string) => AuthToken + bearer: (base64EncodedToken: string) => AuthToken + custom: ( principal: string, credentials: string, diff --git a/packages/testkit-backend/src/request-handlers.js b/packages/testkit-backend/src/request-handlers.js index e1f3230e0..1b6180ac9 100644 --- a/packages/testkit-backend/src/request-handlers.js +++ b/packages/testkit-backend/src/request-handlers.js @@ -22,6 +22,8 @@ export function NewDriver (context, data, { writeResponse }) { case 'kerberos': parsedAuthToken = neo4j.auth.kerberos(authToken.credentials) break + case 'bearer': + parsedAuthToken = neo4j.auth.bearer(authToken.credentials) default: parsedAuthToken = neo4j.auth.custom( authToken.principal, @@ -261,6 +263,7 @@ export function GetFeatures (_context, _params, wire) { features: [ 'Feature:Auth:Custom', 'Feature:Auth:Kerberos', + 'Feature:Auth:Bearer', 'AuthorizationExpiredTreatment', 'ConfHint:connection.recv_timeout_seconds' ] From 3efd6cb07c7c48287d5d6b256dacd361ed52ce0f Mon Sep 17 00:00:00 2001 From: Antonio Barcelos Date: Thu, 7 Oct 2021 12:29:15 +0200 Subject: [PATCH 2/6] Connection errors should be thrown with the root cause --- packages/bolt-connection/src/bolt/bolt-protocol-v1.js | 4 ++++ packages/bolt-connection/src/bolt/response-handler.js | 5 +++++ .../bolt-connection/src/connection/connection-channel.js | 2 +- 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/packages/bolt-connection/src/bolt/bolt-protocol-v1.js b/packages/bolt-connection/src/bolt/bolt-protocol-v1.js index 53a03b1af..c48f328b9 100644 --- a/packages/bolt-connection/src/bolt/bolt-protocol-v1.js +++ b/packages/bolt-connection/src/bolt/bolt-protocol-v1.js @@ -296,6 +296,10 @@ export default class BoltProtocol { return observer } + get currentFailure () { + return this._responseHandler.currentFailure + } + /** * Send a RESET through the underlying connection. * @param {Object} param diff --git a/packages/bolt-connection/src/bolt/response-handler.js b/packages/bolt-connection/src/bolt/response-handler.js index 15d65cfc3..df775f140 100644 --- a/packages/bolt-connection/src/bolt/response-handler.js +++ b/packages/bolt-connection/src/bolt/response-handler.js @@ -86,6 +86,10 @@ export default class ResponseHandler { ) } + get currentFailure () { + return this._currentFailure + } + handleResponse (msg) { const payload = msg.fields[0] @@ -186,4 +190,5 @@ export default class ResponseHandler { _resetFailure () { this._currentFailure = null } + } diff --git a/packages/bolt-connection/src/connection/connection-channel.js b/packages/bolt-connection/src/connection/connection-channel.js index 479765e77..c30609705 100644 --- a/packages/bolt-connection/src/connection/connection-channel.js +++ b/packages/bolt-connection/src/connection/connection-channel.js @@ -270,7 +270,7 @@ export default class ChannelConnection extends Connection { */ _handleFatalError (error) { this._isBroken = true - this._error = this.handleAndTransformError(error, this._address) + this._error = this.handleAndTransformError(this._protocol.currentFailure || error, this._address) if (this._log.isErrorEnabled()) { this._log.error( From 80232a0802fdab7c0491784bb814d7a5c85f270a Mon Sep 17 00:00:00 2001 From: Antonio Barcelos Date: Thu, 7 Oct 2021 14:09:04 +0200 Subject: [PATCH 3/6] Adding tests to the error handling logic --- .../connection/connection-channel.test.js | 76 ++++++++++++++++++- 1 file changed, 75 insertions(+), 1 deletion(-) diff --git a/packages/bolt-connection/test/connection/connection-channel.test.js b/packages/bolt-connection/test/connection/connection-channel.test.js index 93a3da3f3..da4ffa424 100644 --- a/packages/bolt-connection/test/connection/connection-channel.test.js +++ b/packages/bolt-connection/test/connection/connection-channel.test.js @@ -18,7 +18,7 @@ */ import ChannelConnection from '../../src/connection/connection-channel' -import { int, internal } from 'neo4j-driver-core' +import { int, internal, newError } from 'neo4j-driver-core' import { add } from 'lodash' const { @@ -127,6 +127,80 @@ describe('ChannelConnection', () => { ) }) + describe('._handleFatalError()', () => { + describe('when there is not current failure on going', () => { + const thrownError = newError('some error', 'C') + let notifyFatalError; + let connection; + + beforeEach(() => { + notifyFatalError = jest.fn() + const protocol = { + notifyFatalError, + currentFailure: null + } + + const protocolSupplier = () => protocol + connection = spyOnConnectionChannel({ protocolSupplier }) + }) + + it('should set connection state to broken', () => { + connection._handleFatalError(thrownError) + + expect(connection._isBroken).toBe(true) + }) + + it('should set internal erro to the thrownError', () => { + connection._handleFatalError(thrownError) + + expect(connection._error).toBe(thrownError) + }) + + it('should call notifyFatalError with the thrownError', () => { + connection._handleFatalError(thrownError) + + expect(notifyFatalError).toHaveBeenCalledWith(thrownError) + }) + }) + + describe('when there is current failure on going', () => { + const thrownError = newError('some error', 'C') + const currentFailure = newError('current failure', 'ongoing') + let notifyFatalError; + let connection; + + beforeEach(() => { + notifyFatalError = jest.fn() + const protocol = { + notifyFatalError, + currentFailure + } + + const protocolSupplier = () => protocol + connection = spyOnConnectionChannel({ protocolSupplier }) + }) + + it('should set connection state to broken', () => { + connection._handleFatalError(thrownError) + + expect(connection._isBroken).toBe(true) + }) + + it('should set internal erro to the currentFailure', () => { + connection._handleFatalError(thrownError) + + expect(connection._error).toBe(currentFailure) + }) + + it('should call notifyFatalError with the currentFailure', () => { + connection._handleFatalError(thrownError) + + expect(notifyFatalError).toHaveBeenCalledWith(currentFailure) + }) + }) + + }) + function spyOnConnectionChannel ({ channel, errorHandler, From 5143e7d6f252a2c10f0f0e53f2c1119dd914dc0a Mon Sep 17 00:00:00 2001 From: Antonio Barcelos Date: Thu, 7 Oct 2021 15:36:09 +0200 Subject: [PATCH 4/6] Move auth to the core package --- packages/core/src/auth.ts | 63 +++++++++++++++++++ packages/core/src/index.ts | 7 ++- packages/core/test/auth.test.ts | 9 +++ packages/neo4j-driver-lite/src/index.ts | 62 +----------------- packages/neo4j-driver/src/index.js | 56 +---------------- .../neo4j-driver/test/types/index.test.ts | 1 + 6 files changed, 82 insertions(+), 116 deletions(-) create mode 100644 packages/core/src/auth.ts create mode 100644 packages/core/test/auth.test.ts diff --git a/packages/core/src/auth.ts b/packages/core/src/auth.ts new file mode 100644 index 000000000..0652f8509 --- /dev/null +++ b/packages/core/src/auth.ts @@ -0,0 +1,63 @@ +/** + * @property {function(username: string, password: string, realm: ?string)} basic the function to create a + * basic authentication token. + * @property {function(base64EncodedTicket: string)} kerberos the function to create a Kerberos authentication token. + * Accepts a single string argument - base64 encoded Kerberos ticket. + * @property {function(base64EncodedTicket: string)} bearer the function to create a Bearer authentication token. + * Accepts a single string argument - base64 encoded Bearer ticket. + * @property {function(principal: string, credentials: string, realm: string, scheme: string, parameters: ?object)} custom + * the function to create a custom authentication token. + */ + const auth = { + basic: (username: string, password: string, realm?: string) => { + if (realm) { + return { + scheme: 'basic', + principal: username, + credentials: password, + realm: realm + } + } else { + return { scheme: 'basic', principal: username, credentials: password } + } + }, + kerberos: (base64EncodedTicket: string) => { + return { + scheme: 'kerberos', + principal: '', // This empty string is required for backwards compatibility. + credentials: base64EncodedTicket + } + }, + bearer: (base64EncodedToken: string) => { + return { + scheme: 'bearer', + credentials: base64EncodedToken + } + }, + custom: ( + principal: string, + credentials: string, + realm: string, + scheme: string, + parameters?: string + ) => { + if (parameters) { + return { + scheme: scheme, + principal: principal, + credentials: credentials, + realm: realm, + parameters: parameters + } + } else { + return { + scheme: scheme, + principal: principal, + credentials: credentials, + realm: realm + } + } + } +} + +export default auth \ No newline at end of file diff --git a/packages/core/src/index.ts b/packages/core/src/index.ts index da5e4191c..18509d07b 100644 --- a/packages/core/src/index.ts +++ b/packages/core/src/index.ts @@ -71,6 +71,7 @@ import Connection from './connection' import Transaction from './transaction' import Session, { TransactionConfig } from './session' import Driver, * as driver from './driver' +import auth from './auth' import * as types from './types' import * as json from './json' import * as internal from './internal' // todo: removed afterwards @@ -138,7 +139,8 @@ const forExport = { Connection, types, driver, - json + json, + auth } export { @@ -199,7 +201,8 @@ export { Driver, types, driver, - json + json, + auth } export default forExport diff --git a/packages/core/test/auth.test.ts b/packages/core/test/auth.test.ts new file mode 100644 index 000000000..419bbde28 --- /dev/null +++ b/packages/core/test/auth.test.ts @@ -0,0 +1,9 @@ +import auth from '../src/auth' + +describe('auth', () => { + + test('.bearer()', () => { + expect(auth.bearer('==Qyahiadakkda')).toEqual({ scheme: 'bearer', credentials: '==Qyahiadakkda' } ) + }) + +}) diff --git a/packages/neo4j-driver-lite/src/index.ts b/packages/neo4j-driver-lite/src/index.ts index 048bc7dfc..7e5716659 100644 --- a/packages/neo4j-driver-lite/src/index.ts +++ b/packages/neo4j-driver-lite/src/index.ts @@ -64,7 +64,8 @@ import { ServerInfo, Connection, driver as coreDriver, - types as coreTypes + types as coreTypes, + auth } from 'neo4j-driver-core' import { DirectConnectionProvider, @@ -324,65 +325,6 @@ function driver ( } } -/** - * @property {function(username: string, password: string, realm: ?string)} basic the function to create a - * basic authentication token. - * @property {function(base64EncodedTicket: string)} kerberos the function to create a Kerberos authentication token. - * Accepts a single string argument - base64 encoded Kerberos ticket. - * @property {function(principal: string, credentials: string, realm: string, scheme: string, parameters: ?object)} custom - * the function to create a custom authentication token. - */ -const auth = { - basic: (username: string, password: string, realm?: string) => { - if (realm) { - return { - scheme: 'basic', - principal: username, - credentials: password, - realm: realm - } - } else { - return { scheme: 'basic', principal: username, credentials: password } - } - }, - kerberos: (base64EncodedTicket: string) => { - return { - scheme: 'kerberos', - principal: '', // This empty string is required for backwards compatibility. - credentials: base64EncodedTicket - } - }, - bearer: (base64EncodedToken: string) => { - return { - scheme: 'bearer', - credentials: base64EncodedToken - } - }, - custom: ( - principal: string, - credentials: string, - realm: string, - scheme: string, - parameters?: string - ) => { - if (parameters) { - return { - scheme: scheme, - principal: principal, - credentials: credentials, - realm: realm, - parameters: parameters - } - } else { - return { - scheme: scheme, - principal: principal, - credentials: credentials, - realm: realm - } - } - } -} const USER_AGENT: string = 'neo4j-javascript/' + VERSION /** diff --git a/packages/neo4j-driver/src/index.js b/packages/neo4j-driver/src/index.js index 6709995cf..62d01bdbe 100644 --- a/packages/neo4j-driver/src/index.js +++ b/packages/neo4j-driver/src/index.js @@ -51,7 +51,8 @@ import { Record, ResultSummary, Result, - ConnectionProvider + ConnectionProvider, + auth } from 'neo4j-driver-core' import { DirectConnectionProvider, @@ -291,59 +292,6 @@ function driver (url, authToken, config = {}) { } } -/** - * @property {function(username: string, password: string, realm: ?string)} basic the function to create a - * basic authentication token. - * @property {function(base64EncodedTicket: string)} kerberos the function to create a Kerberos authentication token. - * Accepts a single string argument - base64 encoded Kerberos ticket. - * @property {function(principal: string, credentials: string, realm: string, scheme: string, parameters: ?object)} custom - * the function to create a custom authentication token. - */ -const auth = { - basic: (username, password, realm = undefined) => { - if (realm) { - return { - scheme: 'basic', - principal: username, - credentials: password, - realm: realm - } - } else { - return { scheme: 'basic', principal: username, credentials: password } - } - }, - kerberos: base64EncodedTicket => { - return { - scheme: 'kerberos', - principal: '', // This empty string is required for backwards compatibility. - credentials: base64EncodedTicket - } - }, - bearer: base64EncodedToken => { - return { - scheme: 'bearer', - credentials: base64EncodedToken - } - }, - custom: (principal, credentials, realm, scheme, parameters = undefined) => { - if (parameters) { - return { - scheme: scheme, - principal: principal, - credentials: credentials, - realm: realm, - parameters: parameters - } - } else { - return { - scheme: scheme, - principal: principal, - credentials: credentials, - realm: realm - } - } - } -} const USER_AGENT = 'neo4j-javascript/' + VERSION /** diff --git a/packages/neo4j-driver/test/types/index.test.ts b/packages/neo4j-driver/test/types/index.test.ts index 16c602c09..d93a693b1 100644 --- a/packages/neo4j-driver/test/types/index.test.ts +++ b/packages/neo4j-driver/test/types/index.test.ts @@ -39,6 +39,7 @@ const basicAuthToken1: AuthToken = auth.basic('neo4j', 'password') const basicAuthToken2: AuthToken = auth.basic('neo4j', 'password', 'realm') const kerberosAuthToken1: AuthToken = auth.kerberos('base64EncodedTicket') +const bearerAuthToken1: AuthToken = auth.bearer('base64EncodedToken') const customAuthToken1: AuthToken = auth.custom( 'neo4j', From eddf1c3a59486d9ec5a6abd8f0b2c770b2f3e351 Mon Sep 17 00:00:00 2001 From: Antonio Barcelos Date: Thu, 7 Oct 2021 16:55:41 +0200 Subject: [PATCH 5/6] add license --- packages/core/src/auth.ts | 19 +++++++++++++++++++ packages/core/test/auth.test.ts | 18 ++++++++++++++++++ 2 files changed, 37 insertions(+) diff --git a/packages/core/src/auth.ts b/packages/core/src/auth.ts index 0652f8509..3b87f2de3 100644 --- a/packages/core/src/auth.ts +++ b/packages/core/src/auth.ts @@ -1,3 +1,22 @@ +/** + * Copyright (c) "Neo4j" + * Neo4j Sweden AB [http://neo4j.com] + * + * This file is part of Neo4j. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + /** * @property {function(username: string, password: string, realm: ?string)} basic the function to create a * basic authentication token. diff --git a/packages/core/test/auth.test.ts b/packages/core/test/auth.test.ts index 419bbde28..e9f56f14d 100644 --- a/packages/core/test/auth.test.ts +++ b/packages/core/test/auth.test.ts @@ -1,3 +1,21 @@ +/** + * Copyright (c) "Neo4j" + * Neo4j Sweden AB [http://neo4j.com] + * + * This file is part of Neo4j. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ import auth from '../src/auth' describe('auth', () => { From d9b082c9dde91cbf63873f8e079d0887736ffa98 Mon Sep 17 00:00:00 2001 From: Antonio Barcelos Date: Fri, 8 Oct 2021 11:11:57 +0200 Subject: [PATCH 6/6] Addressing PR comments --- .../connection-provider/connection-provider-direct.test.js | 2 +- .../connection-provider/connection-provider-routing.test.js | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/bolt-connection/test/connection-provider/connection-provider-direct.test.js b/packages/bolt-connection/test/connection-provider/connection-provider-direct.test.js index 59c587664..f2b33546a 100644 --- a/packages/bolt-connection/test/connection-provider/connection-provider-direct.test.js +++ b/packages/bolt-connection/test/connection-provider/connection-provider-direct.test.js @@ -119,7 +119,7 @@ it('should purge connections for address when TokenExpired happens', async () => expect(pool.purge).toHaveBeenCalledWith(address) }) -it('should purge not change error when TokenExpired happens', async () => { +it('should not change error when TokenExpired happens', async () => { const address = ServerAddress.fromUrl('localhost:123') const pool = newPool() const connectionProvider = newDirectConnectionProvider(address, pool) diff --git a/packages/bolt-connection/test/connection-provider/connection-provider-routing.test.js b/packages/bolt-connection/test/connection-provider/connection-provider-routing.test.js index eb30ce311..89bec5feb 100644 --- a/packages/bolt-connection/test/connection-provider/connection-provider-routing.test.js +++ b/packages/bolt-connection/test/connection-provider/connection-provider-routing.test.js @@ -1532,7 +1532,7 @@ describe('#unit RoutingConnectionProvider', () => { expect(pool.purge).toHaveBeenCalledWith(server2) }) - it('should purge not change error when TokenExpired happens', async () => { + it('should not change error when TokenExpired happens', async () => { const pool = newPool() jest.spyOn(pool, 'purge') @@ -1788,7 +1788,7 @@ describe('#unit RoutingConnectionProvider', () => { expect(pool.purge).toHaveBeenCalledWith(server2) }) - it('should purge not change error when TokenExpired happens', async () => { + it('should not change error when TokenExpired happens', async () => { const pool = newPool() const connectionProvider = newRoutingConnectionProvider(