nodejs support OIE login, issue 178 (#471)

* support oie

* fix okta didn't pass client app id and client app version

* revert back package json

* fix mock test for okta

* Remove test on linux azure

---------

Co-authored-by: ilesh garish <[email protected]>

Author: sfc-gh-ext-simba-dl

.github/workflows/build-test.yml

@@ -191,7 +191,9 @@ jobs:
             max-parallel: 1
             matrix:
                 image: [ 'nodejs-centos6-default', 'nodejs-centos7-node12' ]
-                cloud: [ 'AZURE', 'GCP' ]
+                #REMOVE AZURE for now
+                #cloud: [ 'AZURE', 'GCP' ]
+                cloud: [ 'GCP' ]
         steps:
             - uses: actions/checkout@v1
             - uses: actions/setup-node@v1

lib/authentication/auth_okta.js

@@ -11,12 +11,14 @@ var rest = require('../global_config').rest;
  * @param {String} password
  * @param {String} region
  * @param {String} account
+ * @param {String} clientType
+ * @param {String} clientVersion
  * @param {module} httpclient
  *
  * @returns {Object}
  * @constructor
  */
-function auth_okta(password, region, account, httpclient)
+function auth_okta(password, region, account, clientType, clientVersion, httpclient)
 {
   var axios = typeof httpclient !== "undefined" ? httpclient : require('axios');
   var password = password;
@@ -25,6 +27,8 @@ function auth_okta(password, region, account, httpclient)
   var port = rest.HTTPS_PORT;
   var protocol = rest.HTTPS_PROTOCOL;
 
+  var clientAppId = clientType;
+  var clientAppVersion = clientVersion;
   var samlResponse;
 
   /**
@@ -53,7 +57,6 @@ function auth_okta(password, region, account, httpclient)
   {
     var ssoUrl;
     var tokenUrl;
-
     await step1(authenticator, serviceName, account, username).then((response) =>
     {
       var data = response['data']['data'];
@@ -66,8 +69,14 @@ function auth_okta(password, region, account, httpclient)
     var oneTimeToken;
     await step3(tokenUrl, username, password).then((response) =>
     {
-      var data = response['data'];
-      oneTimeToken = data['cookieToken'];
+        var data = response['data'];
+
+        if (data['sessionToken']) {
+            oneTimeToken = data['sessionToken'];
+        }
+        else {
+            oneTimeToken = data['cookieToken'];
+        }
     });
 
     var responseHtml;
@@ -109,7 +118,9 @@ function auth_okta(password, region, account, httpclient)
         "LOGIN_NAME": username,
         "PORT": port,
         "PROTOCOL": protocol,
-        "AUTHENTICATOR": authenticator
+        "AUTHENTICATOR": authenticator,
+        "CLIENT_APP_ID": clientAppId,
+        "CLIENT_APP_VERSION": clientAppVersion
       }
     };
 

lib/authentication/authentication.js

@@ -24,7 +24,7 @@ exports.authenticationTypes = authenticationTypes;
  * @param {String} authenticator
  * @param {String} account
  * @param {String} username
- * @param {String} clientName
+ * @param {String} clientType
  * @param {String} clientVersion
  * @param {Object} clientEnv
  *
@@ -34,7 +34,7 @@ exports.formAuthJSON = function formAuthJSON(
   authenticator,
   account,
   username,
-  clientName,
+  clientType,
   clientVersion,
   clientEnv
 )
@@ -46,7 +46,7 @@ exports.formAuthJSON = function formAuthJSON(
       AUTHENTICATOR: authenticator,
       ACCOUNT_NAME: account,
       LOGIN_NAME: username,
-      CLIENT_APP_ID: clientName,
+      CLIENT_APP_ID: clientType,
       CLIENT_APP_VERSION: clientVersion,
       CLIENT_ENVIRONMENT:
       {
@@ -93,7 +93,10 @@ exports.getAuthenticator = function getAuthenticator(connectionConfig)
   {
     return new auth_okta(connectionConfig.password,
       connectionConfig.region,
-      connectionConfig.account);
+      connectionConfig.account,
+      connectionConfig.getClientType(),
+      connectionConfig.getClientVersion()
+    );
   }
   else
   {

lib/connection/connection.js

@@ -228,7 +228,7 @@ function Connection(context)
       var body = Authenticator.formAuthJSON(connectionConfig.getAuthenticator(),
         connectionConfig.account,
         connectionConfig.username,
-        connectionConfig.getClientName(),
+        connectionConfig.getClientType(),
         connectionConfig.getClientVersion(),
         connectionConfig.getClientEnvironment());
 
@@ -290,7 +290,7 @@ function Connection(context)
           var body = Authenticator.formAuthJSON(connectionConfig.getAuthenticator(),
             connectionConfig.account,
             connectionConfig.username,
-            connectionConfig.getClientName(),
+            connectionConfig.getClientType(),
             connectionConfig.getClientVersion(),
             connectionConfig.getClientEnvironment());
 

test/unit/authentication/authentication_test.js

@@ -393,6 +393,8 @@ describe('okta authentication', function ()
     var auth = new auth_okta(connectionOptionsOkta.password,
       connectionOptionsOkta.region,
       connectionOptionsOkta.account,
+      connectionOptionsOkta.clientAppid,
+      connectionOptionsOkta.clientAppVersion,
       httpclient);
 
     await auth.authenticate(connectionOptionsOkta.authenticator, '', connectionOptionsOkta.account, connectionOptionsOkta.username);
@@ -432,6 +434,8 @@ describe('okta authentication', function ()
     var auth = new auth_okta(connectionOptionsOkta.password,
       connectionOptionsOkta.region,
       connectionOptionsOkta.account,
+      connectionOptionsOkta.clientAppid,
+      connectionOptionsOkta.clientAppVersion,
       httpclient);
 
     try
@@ -487,6 +491,8 @@ describe('okta authentication', function ()
     var auth = new auth_okta(connectionOptionsOkta.password,
       connectionOptionsOkta.region,
       connectionOptionsOkta.account,
+      connectionOptionsOkta.clientAppid,
+      connectionOptionsOkta.clientAppVersion,
       httpclient);
 
     try

test/unit/mock/mock_test_util.js

@@ -130,6 +130,8 @@ var connectionOptionsOkta =
   username: 'fakeusername',
   account: 'fakeaccount',
   token: 'faketoken',
+  clientAppid: 'JavaScript',
+  clientAppVersion: '1.6.21',
   rawSamlResponse: '<form action="https://fakeaccount.snowflakecomputing.com/fed/login">',
   authenticator: 'https://dev-12345678.okta.com/'
 };