Add support for pass-through authentication

[Traksewt]

Description

Allow the rest connector to call other loopback services by passing on the user authorization from the options where available. This is the fallback if no other authorization is specified.

This allows loopback servers to communicate securely with other loopback servers by passing on the auth token. Useful for using loopback as microservices.

Related issues

• connect to Pass auth header from client to loopback rest-connector loopbackio/loopback-connector-rest#89
• connect to Add accessToken support loopback-connector-remote#3
• connect to Use lb access token #421

Checklist

• New tests added or existing tests modified to cover all changes
• Code conforms with the style
  guide

[slnode]

Can one of the admins verify this patch?

[slnode]

Can one of the admins verify this patch?

[slnode]

Can one of the admins verify this patch?

[Traksewt]

recreated #421 to be based on master branch

[bajtos]

@Traksewt great, thank you for the updated patch. I'm short on time today and off work tomorrow, I'll take a look next week.

[bajtos]

@slnode ok to test

[Traksewt]

@bajtos I'm not sure how to fix the PR Builder as I don't have access to see the Details on the build machine.

[bajtos]

Hey, sorry for the delay, I am going to review this right now.

I'm not sure how to fix the PR Builder as I don't have access to see the Details on the build machine.

Unfortunately those CI machines are accessible only from the internal IBM network :(

The error seems unrelated to your changes to me, I think we can safely ignore it.

Installing dependencies in preparation for tests and possibly publishing...
+ npm install --ignore-scripts
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@^1.0.0 (node_modules/chokidar/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm ERR! Linux 4.4.0-89-generic
npm ERR! argv "/usr/local/bin/node" "/usr/local/bin/npm" "install" "--ignore-scripts"
npm ERR! node v6.11.1
npm ERR! npm  v3.10.10
npm ERR! code E404

npm ERR! 404 no such package available : restore-cursor
npm ERR! 404 
npm ERR! 404  'restore-cursor' is not in the npm registry.
npm ERR! 404 You should bug the author to publish it (or use the name yourself!)
npm ERR! 404 It was specified as a dependency of 'cli-cursor'
npm ERR! 404 
npm ERR! 404 Note that you can also install from a
npm ERR! 404 tarball, folder, http url, or git url.

cc @rmg is this a known problem of our CI?

[bajtos]

The changes look good to me at high level. I cleaned the code a bit for you, PTAL at b7c3564 and let me know if this is ok with you.

[bajtos]

See my comments below for an explanation of the changes I made.

In addition to that, I changed var to let and const per our style guide (http://loopback.io/doc/en/contrib/style-guide.html#variable-declarations) and reworked test functions to use () => { notation.

[bajtos]

I find this structure difficult to comprehend, there are too many different code paths possible. I reworked it by moving the branch where we are setting req.headers to the top and preserving the old code mostly intact.

[bajtos]

Instead of checking if this.options is set everywhere, it's usually easier to ensure it's at least an empty object in the constructor.

I have also rearranged the code in this function to make it easier to follow for me (hopefully it still looks clear to you too!)

[bajtos]

No need to pass remotes, since they are already available as this.remotes.

[bajtos]

I reformatted the code to follow the convention we are using in LoopBack, where each arg definition is on a single line.

[
 {arg: 'argName1', /*...*/},
 {arg: 'argName2', /*...*/},
]

I have also renamed the variable to make the intent more clear.

[bajtos]

Breaking the line in the middle of argument list make the code difficult to follow. Here is a better solution that we are already using in other parts of our codebase:

expect(method.getArgByName('argName1', ['firstArg', 'secondArg']))
  .to.equal('firstArg');

[Traksewt]

thanks @bajtos looks good. Good to hear we can use let & const. I was used to the 2.x codebase.

[bajtos]

[cis-jenkins] x64 && linux && nvm,4 — Failed! (e8ef11e)

This failure is unrelated to the changes made by this patch. I am going to ignore it.

[bajtos]

Landed, thank you for the contribution!