Adapt authentication methods configuration to be backward compatible

Prior version of configuration file can be used, the authentication methods
will be set to default values (two_factor as default method).

server/src/lib/configuration/ConfigurationAdapter.ts

@@ -4,10 +4,11 @@ import {
   AppConfiguration, UserConfiguration, NotifierConfiguration,
   ACLConfiguration, LdapConfiguration, SessionRedisOptions,
   MongoStorageConfiguration, LocalStorageConfiguration,
-  UserLdapConfiguration, AuthenticationMethodsConfiguration
+  UserLdapConfiguration
 } from "./Configuration";
 import Util = require("util");
 import { ACLAdapter } from "./adapters/ACLAdapter";
+import { AuthenticationMethodsAdapter } from "./adapters/AuthenticationMethodsAdapter";
 
 const LDAP_URL_ENV_VARIABLE = "LDAP_URL";
 
@@ -55,25 +56,16 @@ function adaptLdapConfiguration(userConfig: UserLdapConfiguration): LdapConfigur
   };
 }
 
-function adaptAuthenticationMethods(authentication_methods: AuthenticationMethodsConfiguration)
-  : AuthenticationMethodsConfiguration {
-  if (!authentication_methods) {
-    return {
-      default_method: "two_factor",
-      per_subdomain_methods: {}
-    };
-  }
-  return authentication_methods;
-}
-
-function adaptFromUserConfiguration(userConfiguration: UserConfiguration): AppConfiguration {
+function adaptFromUserConfiguration(userConfiguration: UserConfiguration)
+  : AppConfiguration {
   ensure_key_existence(userConfiguration, "ldap");
   ensure_key_existence(userConfiguration, "session.secret");
   ensure_key_existence(userConfiguration, "regulation");
 
   const port = userConfiguration.port || 8080;
   const ldapConfiguration = adaptLdapConfiguration(userConfiguration.ldap);
-  const authenticationMethods = adaptAuthenticationMethods(userConfiguration.authentication_methods);
+  const authenticationMethods = AuthenticationMethodsAdapter
+    .adapt(userConfiguration.authentication_methods);
 
   return {
     port: port,

server/src/lib/configuration/adapters/ACLAdapter.ts

@@ -1,8 +1,5 @@
 import { ACLConfiguration } from "../Configuration";
-
-function clone(obj: any): any {
-  return JSON.parse(JSON.stringify(obj));
-}
+import { ObjectCloner } from "../../utils/ObjectCloner";
 
 const DEFAULT_POLICY = "deny";
 
@@ -32,7 +29,7 @@ export class ACLAdapter {
   static adapt(configuration: ACLConfiguration): ACLConfiguration {
     if (!configuration) return;
 
-    const newConfiguration: ACLConfiguration = clone(configuration);
+    const newConfiguration: ACLConfiguration = ObjectCloner.clone(configuration);
     adaptDefaultPolicy(newConfiguration);
     adaptAny(newConfiguration);
     adaptGroups(newConfiguration);

server/src/lib/configuration/adapters/AuthenticationMethodsAdapter.ts

@@ -0,0 +1,30 @@
+import { AuthenticationMethodsConfiguration } from "../Configuration";
+import { ObjectCloner } from "../../utils/ObjectCloner";
+
+function clone(obj: any): any {
+  return JSON.parse(JSON.stringify(obj));
+}
+
+export class AuthenticationMethodsAdapter {
+  static adapt(authentication_methods: AuthenticationMethodsConfiguration)
+    : AuthenticationMethodsConfiguration {
+    if (!authentication_methods) {
+      return {
+        default_method: "two_factor",
+        per_subdomain_methods: {}
+      };
+    }
+
+    const newAuthMethods: AuthenticationMethodsConfiguration
+      = ObjectCloner.clone(authentication_methods);
+
+    if (!newAuthMethods.default_method)
+      newAuthMethods.default_method = "two_factor";
+
+    if (!newAuthMethods.per_subdomain_methods ||
+      newAuthMethods.per_subdomain_methods.constructor !== Object)
+      newAuthMethods.per_subdomain_methods = {};
+
+    return newAuthMethods;
+  }
+}

server/src/lib/utils/ObjectCloner.ts

@@ -0,0 +1,6 @@
+
+export class ObjectCloner {
+  static clone(obj: any): any {
+    return JSON.parse(JSON.stringify(obj));
+  }
+}

server/test/configuration/adapters/AuthenticationMethodsAdapter.test.ts

@@ -0,0 +1,59 @@
+import { AuthenticationMethodsAdapter } from "../../../src/lib/configuration/adapters/AuthenticationMethodsAdapter";
+import Assert = require("assert");
+
+describe("test authentication methods configuration adapter", function () {
+  describe("no authentication methods defined", function () {
+    it("should adapt a configuration when no authentication methods config is defined", function () {
+      const userConfiguration: any = undefined;
+
+      const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
+      Assert.deepStrictEqual(appConfiguration, {
+        default_method: "two_factor",
+        per_subdomain_methods: {}
+      });
+    });
+  });
+
+  describe("partial authentication methods config", function() {
+    it("should adapt a configuration when default_method is not defined", function () {
+      const userConfiguration: any = {
+        per_subdomain_methods: {
+          "example.com": "basic_auth"
+        }
+      };
+
+      const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
+      Assert.deepStrictEqual(appConfiguration, {
+        default_method: "two_factor",
+        per_subdomain_methods: {
+          "example.com": "basic_auth"
+        }
+      });
+    });
+
+    it("should adapt a configuration when per_subdomain_methods is not defined", function () {
+      const userConfiguration: any = {
+        default_method: "basic_auth"
+      };
+
+      const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
+      Assert.deepStrictEqual(appConfiguration, {
+        default_method: "basic_auth",
+        per_subdomain_methods: {}
+      });
+    });
+
+    it("should adapt a configuration when per_subdomain_methods has wrong type", function () {
+      const userConfiguration: any = {
+        default_method: "basic_auth",
+        per_subdomain_methods: []
+      };
+
+      const appConfiguration = AuthenticationMethodsAdapter.adapt(userConfiguration);
+      Assert.deepStrictEqual(appConfiguration, {
+        default_method: "basic_auth",
+        per_subdomain_methods: {}
+      });
+    });
+  });
+});