feat(middleware): export client and user authentication middlewares

README.md

@@ -2978,6 +2978,47 @@ this.component(AuthenticationComponent);
 This binding needs to be done before adding the Authentication component to your application.
 Apart from this all other steps for authentication for all strategies remain the same.
 
+### Custom Sequence Support
+
+You can also configure `ClientAuthenticationMiddlewareProvider` and `UserAuthenticationMiddlewareProvider` options, which can be invoked using a custom sequence. See the sample below.
+
+`custom-sequence.ts`
+
+```ts title="custom-sequence.ts"
+export class CustomSequence implements SequenceHandler {
+  @inject(SequenceActions.INVOKE_MIDDLEWARE, {optional: true})
+  protected invokeMiddleware: InvokeMiddleware = () => false;
+  ...
+
+  async handle(context: RequestContext) {
+    ...
+    ...
+    // call custom registered middlewares in the pre-invoke chain
+    let finished = await this.invokeMiddleware(context, {
+      chain: CustomMiddlewareChain.PRE_INVOKE,
+    });
+      if (finished) return;
+      const result = await this.invoke(route, args);
+      this.send(response, result);
+   ...
+  }
+}
+```
+
+`application.ts`
+
+```ts title="application.ts"
+import {ClientAuthenticationMiddlewareProvider} from 'loopback4-authentication';
+...
+...
+
+// bind middleware with custom options
+this.middleware(ClientAuthenticationMiddlewareProvider, {
+  chain: CustomMiddlwareChain.PRE_INVOKE
+});
+
+```
+
 ### Passport Auth0
 
 In order to use it, run `npm install passport-auth0` and `npm install @types/passport-auth0`.

docs/README.md

@@ -2978,6 +2978,46 @@ this.component(AuthenticationComponent);
 This binding needs to be done before adding the Authentication component to your application.
 Apart from this all other steps for authentication for all strategies remain the same.
 
+### Custom Sequence Support
+
+You can also configure `ClientAuthenticationMiddlewareProvider` and `UserAuthenticationMiddlewareProvider` options, which can be invoked using a custom sequence. See the sample below.
+
+`custom-sequence.ts`
+
+```ts title="custom-sequence.ts"
+export class CustomSequence implements SequenceHandler {
+  @inject(SequenceActions.INVOKE_MIDDLEWARE, {optional: true})
+  protected invokeMiddleware: InvokeMiddleware = () => false;
+  ...
+
+  async handle(context: RequestContext) {
+    ...
+    ...
+    // call custom registered middlewares in the pre-invoke chain
+    let finished = await this.invokeMiddleware(context, {
+      chain: CustomMiddlewareChain.PRE_INVOKE,
+    });
+      if (finished) return;
+      const result = await this.invoke(route, args);
+      this.send(response, result);
+   ...
+  }
+}
+```
+
+`application.ts`
+
+```ts title="application.ts"
+import {ClientAuthenticationMiddlewareProvider} from 'loopback4-authentication';
+...
+...
+// bind middleware with custom options
+this.middleware(ClientAuthenticationMiddlewareProvider, {
+  chain: CustomMiddlwareChain.PRE_INVOKE
+});
+
+```
+
 ### Passport Auth0
 
 In order to use it, run `npm install passport-auth0` and `npm install @types/passport-auth0`.

src/__tests__/fixtures/sequences/custom-middleware.sequence.ts

@@ -0,0 +1,68 @@
+import {inject} from '@loopback/context';
+import {
+  FindRoute,
+  InvokeMethod,
+  InvokeMiddleware,
+  ParseParams,
+  Reject,
+  RequestContext,
+  RestBindings,
+  Send,
+  SequenceHandler,
+} from '@loopback/rest';
+
+const SequenceActions = RestBindings.SequenceActions;
+export const enum CustomMiddlewareChain {
+  PRE_INVOKE = 'pre-invoke',
+  POST_INVOKE = 'post-invoke',
+}
+
+export class CustomSequence implements SequenceHandler {
+  @inject(SequenceActions.INVOKE_MIDDLEWARE, {optional: true})
+  protected invokeMiddleware: InvokeMiddleware = () => false;
+
+  constructor(
+    @inject(SequenceActions.FIND_ROUTE) protected findRoute: FindRoute,
+    @inject(SequenceActions.PARSE_PARAMS)
+    protected parseParams: ParseParams,
+    @inject(SequenceActions.INVOKE_METHOD) protected invoke: InvokeMethod,
+    @inject(SequenceActions.SEND) protected send: Send,
+    @inject(SequenceActions.REJECT) protected reject: Reject,
+  ) {}
+
+  async handle(context: RequestContext) {
+    try {
+      const {request, response} = context;
+
+      const route = this.findRoute(request);
+      const args = await this.parseParams(request, route);
+      request.body = args[args.length - 1];
+
+      // call custom registered middlewares in the pre-invoke chain
+      let finished = await this.invokeMiddleware(context, {
+        chain: CustomMiddlewareChain.PRE_INVOKE,
+      });
+      if (finished) return;
+
+      const result = await this.invoke(route, args);
+
+      context.bind('invocation.result').to(result);
+
+      // call custom registered middlewares in the post-invoke chain
+      finished = await this.invokeMiddleware(context, {
+        chain: CustomMiddlewareChain.POST_INVOKE,
+      });
+      if (finished) return;
+      this.send(response, result);
+    } catch (error) {
+      if (
+        error.code === 'AUTHENTICATION_STRATEGY_NOT_FOUND' ||
+        error.code === 'USER_PROFILE_NOT_FOUND'
+      ) {
+        Object.assign(error, {statusCode: 401 /* Unauthorized */});
+      }
+      this.reject(context, error);
+      return;
+    }
+  }
+}

src/__tests__/integration/custom-sequence/helpers/helpers.ts

@@ -0,0 +1,27 @@
+import {Application} from '@loopback/core';
+import {RestComponent, RestServer} from '@loopback/rest';
+import {AuthenticationComponent} from '../../../../component';
+
+import {
+  ClientAuthenticationMiddlewareProvider,
+  UserAuthenticationMiddlewareProvider,
+} from '../../../..';
+import {CustomMiddlewareChain} from '../../../fixtures/sequences/custom-middleware.sequence';
+
+export function getApp(): Application {
+  const app = new Application();
+  app.component(AuthenticationComponent);
+  app.component(RestComponent);
+  return app;
+}
+
+export async function givenCustomMiddlewareServer(app: Application) {
+  const server = await app.getServer(RestServer);
+  server.middleware(ClientAuthenticationMiddlewareProvider, {
+    chain: CustomMiddlewareChain.PRE_INVOKE,
+  });
+  server.middleware(UserAuthenticationMiddlewareProvider, {
+    chain: CustomMiddlewareChain.PRE_INVOKE,
+  });
+  return server;
+}

src/__tests__/integration/custom-sequence/passport-apple-oauth2/apple-oauth2.integration.ts

@@ -0,0 +1,85 @@
+import {Application, Provider} from '@loopback/core';
+import {get} from '@loopback/openapi-v3';
+import {Request, RestServer} from '@loopback/rest';
+import {Client, createClientForHandler} from '@loopback/testlab';
+import AppleStrategy, {DecodedIdToken} from 'passport-apple';
+import {authenticate} from '../../../../decorators';
+import {VerifyFunction} from '../../../../strategies';
+import {Strategies} from '../../../../strategies/keys';
+import {AppleAuthStrategyFactoryProvider} from '../../../../strategies/passport/passport-apple-oauth2';
+import {STRATEGY} from '../../../../strategy-name.enum';
+import {userWithoutReqObj} from '../../../fixtures/data/bearer-data';
+import {CustomSequence} from '../../../fixtures/sequences/custom-middleware.sequence';
+import {getApp, givenCustomMiddlewareServer} from '../helpers/helpers';
+
+describe('getting apple oauth2 strategy using Custom Sequence', () => {
+  let app: Application;
+  let server: RestServer;
+  beforeEach(givenAServer);
+  beforeEach(givenCustomSequence);
+  beforeEach(getAuthVerifier);
+  afterEach(closeServer);
+
+  it('should return 302 when client id is passed and passReqToCallback is set true', async () => {
+    getAuthVerifier();
+    class TestController {
+      @get('/test')
+      @authenticate(STRATEGY.APPLE_OAUTH2, {
+        clientID: 'string',
+        clientSecret: 'string',
+        passReqToCallback: true,
+      })
+      test() {
+        return 'test successful';
+      }
+    }
+
+    app.controller(TestController);
+
+    await whenIMakeRequestTo(server).get('/test').expect(302);
+  });
+
+  function whenIMakeRequestTo(restServer: RestServer): Client {
+    return createClientForHandler(restServer.requestHandler);
+  }
+
+  async function givenAServer() {
+    app = getApp();
+    server = await givenCustomMiddlewareServer(app);
+  }
+
+  function getAuthVerifier() {
+    app
+      .bind(Strategies.Passport.APPLE_OAUTH2_STRATEGY_FACTORY)
+      .toProvider(AppleAuthStrategyFactoryProvider);
+    app
+      .bind(Strategies.Passport.APPLE_OAUTH2_VERIFIER)
+      .toProvider(AppleAuthVerifyProvider);
+  }
+
+  function closeServer() {
+    app.close();
+  }
+
+  function givenCustomSequence() {
+    // bind custom sequence
+    server.sequence(CustomSequence);
+  }
+});
+
+class AppleAuthVerifyProvider implements Provider<VerifyFunction.AppleAuthFn> {
+  constructor() {}
+
+  value(): VerifyFunction.AppleAuthFn {
+    return async (
+      accessToken: string,
+      refreshToken: string,
+      decodedIdToken: DecodedIdToken,
+      profile: AppleStrategy.Profile,
+      cd: AppleStrategy.VerifyCallback,
+      req?: Request,
+    ) => {
+      return userWithoutReqObj;
+    };
+  }
+}

src/__tests__/integration/custom-sequence/passport-auth0/passport-auth0.integration.ts

@@ -0,0 +1,89 @@
+import {Application, Provider} from '@loopback/core';
+import {get} from '@loopback/openapi-v3';
+import {Request, RestServer} from '@loopback/rest';
+import {Client, createClientForHandler} from '@loopback/testlab';
+import Auth0Strategy from 'passport-auth0';
+import {authenticate} from '../../../../decorators';
+import {VerifyFunction} from '../../../../strategies';
+import {Strategies} from '../../../../strategies/keys';
+import {Auth0StrategyFactoryProvider} from '../../../../strategies/passport/passport-auth0';
+import {Auth0} from '../../../../strategies/types/auth0.types';
+import {STRATEGY} from '../../../../strategy-name.enum';
+import {userWithoutReqObj} from '../../../fixtures/data/bearer-data';
+
+import {CustomSequence} from '../../../fixtures/sequences/custom-middleware.sequence';
+import {getApp, givenCustomMiddlewareServer} from '../helpers/helpers';
+
+describe('getting auth0 strategy using Custom Sequence', () => {
+  let app: Application;
+  let server: RestServer;
+  beforeEach(givenAServer);
+  beforeEach(givenCustomSequence);
+  beforeEach(getAuthVerifier);
+  afterEach(closeServer);
+
+  it('should return 302 when client id is passed and passReqToCallback is set true', async () => {
+    getAuthVerifier();
+    class TestController {
+      @get('/test')
+      @authenticate(STRATEGY.AUTH0, {
+        clientID: 'string',
+        clientSecret: 'string',
+        callbackURL: 'string',
+        domain: 'string',
+        passReqToCallback: true,
+        state: false,
+      })
+      test() {
+        return 'test successful';
+      }
+    }
+
+    app.controller(TestController);
+
+    await whenIMakeRequestTo(server).get('/test').expect(302);
+  });
+
+  function whenIMakeRequestTo(restServer: RestServer): Client {
+    return createClientForHandler(restServer.requestHandler);
+  }
+
+  async function givenAServer() {
+    app = getApp();
+    server = await givenCustomMiddlewareServer(app);
+  }
+
+  function getAuthVerifier() {
+    app
+      .bind(Strategies.Passport.AUTH0_STRATEGY_FACTORY)
+      .toProvider(Auth0StrategyFactoryProvider);
+    app
+      .bind(Strategies.Passport.AUTH0_VERIFIER)
+      .toProvider(Auth0VerifyProvider);
+  }
+
+  function closeServer() {
+    app.close();
+  }
+
+  function givenCustomSequence() {
+    // bind custom sequence
+    server.sequence(CustomSequence);
+  }
+});
+
+class Auth0VerifyProvider implements Provider<VerifyFunction.Auth0Fn> {
+  constructor() {}
+
+  value(): VerifyFunction.Auth0Fn {
+    return async (
+      accessToken: string,
+      refreshToken: string,
+      profile: Auth0Strategy.Profile,
+      cd: Auth0.VerifyCallback,
+      req?: Request,
+    ) => {
+      return userWithoutReqObj;
+    };
+  }
+}