From df883d4641391e014d27a25b24144537a9088285 Mon Sep 17 00:00:00 2001 From: Zhen Date: Wed, 19 Apr 2017 14:42:46 +0200 Subject: [PATCH 1/2] Adding kerberos auth support --- src/v1/index.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/v1/index.js b/src/v1/index.js index a9425642e..e0f16cdbf 100644 --- a/src/v1/index.js +++ b/src/v1/index.js @@ -38,6 +38,9 @@ const auth ={ return {scheme: "basic", principal: username, credentials: password}; } }, + kerberos:(base64EncodedTicket)=> { + return {scheme:"kerberos", credentials: base64EncodedTicket}; + }, custom: (principal, credentials, realm, scheme, parameters = undefined ) => { if (parameters) { return {scheme: scheme, principal: principal, credentials: credentials, realm: realm, From eed1ebd7f1b21bb9e9b80d51feb25cfbdcf688c7 Mon Sep 17 00:00:00 2001 From: lutovich Date: Mon, 24 Apr 2017 19:07:17 +0200 Subject: [PATCH 2/2] Send empty principal in kerberos auth This is needed for backwards compatibility with Neo4j versions earlier than 3.2. Commit also fixes formatting and adds tests. --- src/v1/index.js | 38 +++++++++++++---------- test/v1/auth.test.js | 73 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 95 insertions(+), 16 deletions(-) create mode 100644 test/v1/auth.test.js diff --git a/src/v1/index.js b/src/v1/index.js index e0f16cdbf..8a55f10d1 100644 --- a/src/v1/index.js +++ b/src/v1/index.js @@ -17,40 +17,46 @@ * limitations under the License. */ -import {int, isInt, inSafeRange, toNumber, toString} from './integer'; -import {Node, Relationship, UnboundRelationship, PathSegment, Path} from './graph-types' -import {Neo4jError, SERVICE_UNAVAILABLE, SESSION_EXPIRED, PROTOCOL_ERROR} from './error'; +import {inSafeRange, int, isInt, toNumber, toString} from './integer'; +import {Node, Path, PathSegment, Relationship, UnboundRelationship} from './graph-types'; +import {Neo4jError, PROTOCOL_ERROR, SERVICE_UNAVAILABLE, SESSION_EXPIRED} from './error'; import Result from './result'; import ResultSummary from './result-summary'; import Record from './record'; import {Driver, READ, WRITE} from './driver'; import RoutingDriver from './routing-driver'; import VERSION from '../version'; -import {parseScheme, parseUrl} from "./internal/connector"; -import {assertString} from "./internal/util"; +import {parseScheme, parseUrl} from './internal/connector'; +import {assertString} from './internal/util'; -const auth ={ +const auth = { basic: (username, password, realm = undefined) => { if (realm) { - return {scheme: "basic", principal: username, credentials: password, realm: realm}; + return {scheme: 'basic', principal: username, credentials: password, realm: realm}; } else { - return {scheme: "basic", principal: username, credentials: password}; + return {scheme: 'basic', principal: username, credentials: password}; } }, - kerberos:(base64EncodedTicket)=> { - return {scheme:"kerberos", credentials: base64EncodedTicket}; - }, - custom: (principal, credentials, realm, scheme, parameters = undefined ) => { + kerberos: (base64EncodedTicket) => { + return { + scheme: 'kerberos', + principal: '', // This empty string is required for backwards compatibility. + credentials: base64EncodedTicket + }; + }, + custom: (principal, credentials, realm, scheme, parameters = undefined) => { if (parameters) { - return {scheme: scheme, principal: principal, credentials: credentials, realm: realm, - parameters: parameters} + return { + scheme: scheme, principal: principal, credentials: credentials, realm: realm, + parameters: parameters + }; } else { - return {scheme: scheme, principal: principal, credentials: credentials, realm: realm} + return {scheme: scheme, principal: principal, credentials: credentials, realm: realm}; } } }; -let USER_AGENT = "neo4j-javascript/" + VERSION; +const USER_AGENT = "neo4j-javascript/" + VERSION; /** * Construct a new Neo4j Driver. This is your main entry point for this diff --git a/test/v1/auth.test.js b/test/v1/auth.test.js new file mode 100644 index 000000000..dfbd250db --- /dev/null +++ b/test/v1/auth.test.js @@ -0,0 +1,73 @@ +/** + * Copyright (c) 2002-2017 "Neo Technology,"," + * Network Engine for Objects in Lund AB [http://neotechnology.com] + * + * This file is part of Neo4j. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +import neo4j from '../../src/v1'; + +describe('auth', () => { + + it('should use correct username and password in basic auth', () => { + const token = neo4j.auth.basic('cat', 'dog'); + expect(token).toEqual({ + scheme: 'basic', + principal: 'cat', + credentials: 'dog' + }); + }); + + it('should support realm in basic auth', () => { + const token = neo4j.auth.basic('cat', 'dog', 'apartment'); + expect(token).toEqual({ + scheme: 'basic', + principal: 'cat', + credentials: 'dog', + realm: 'apartment' + }); + }); + + it('should use correct ticket in kerberos', () => { + const token = neo4j.auth.kerberos('my-ticket'); + expect(token).toEqual({ + scheme: 'kerberos', + principal: '', + credentials: 'my-ticket' + }); + }); + + it('should construct correct custom auth', () => { + const token = neo4j.auth.custom('cat', 'dog', 'apartment', 'pets'); + expect(token).toEqual({ + scheme: 'pets', + principal: 'cat', + credentials: 'dog', + realm: 'apartment' + }); + }); + + it('should support parameters in custom auth', () => { + const token = neo4j.auth.custom('cat', 'dog', 'apartment', 'pets', {key1: 'value1', key2: 42}); + expect(token).toEqual({ + scheme: 'pets', + principal: 'cat', + credentials: 'dog', + realm: 'apartment', + parameters: {key1: 'value1', key2: 42} + }); + }); + +});