Revert breaking edits and fix tests

It wasn't working before because the default redirectURI in the Config had been changed.
cli is a predefined client in arduino authentication system that requires a certain redirectURI.
Changing the redirectURI means you have to change the ClientID as well.

Now the tests are run providing -user and -pass flags, in order not to leak passwords when the arduino-cli will be made public.

Author: matteosuppo

auth/auth.go

@@ -27,21 +27,19 @@
  * Copyright 2017 BCMI LABS SA (http://www.arduino.cc/)
  */
 
-/*
-Package auth uses the `oauth2 authorization_code` flow to authenticate with Arduino
-
-If you have the username and password of a user, you can just instantiate a client with sane defaults:
-
-  client := auth.New()
-
-and then call the Token method to obtain a Token object with an AccessToken and a RefreshToken
-
-  token, err := client.Token(username, password)
-
-If instead you already have a token but want to refresh it, just call
-
-  token, err := client.refresh(refreshToken)
-*/
+// Package auth uses the `oauth2 authorization_code` flow to authenticate with Arduino
+//
+// If you have the username and password of a user, you can just instantiate a client with sane defaults:
+//
+//   client := auth.New()
+//
+// and then call the Token method to obtain a Token object with an AccessToken and a RefreshToken
+//
+//   token, err := client.Token(username, password)
+//
+// If instead you already have a token but want to refresh it, just call
+//
+//   token, err := client.refresh(refreshToken)
 package auth
 
 import (
@@ -56,17 +54,53 @@ import (
 	"github.com/pkg/errors"
 )
 
+// Config contains the variables you may want to change
+type Config struct {
+	// CodeURL is the endpoint to redirect to obtain a code
+	CodeURL string
+
+	// TokenURL is the endpoint where you can request an access code
+	TokenURL string
+
+	// ClientID is the client id you are using
+	ClientID string
+
+	// RedirectURI is the redirectURI where the oauth process will redirect. It's only required since the oauth system checks for it, but we intercept the redirect before hitting it
+	RedirectURI string
+
+	// Scopes is a space-separated list of scopes to require
+	Scopes string
+}
+
 // New returns an auth configuration with sane defaults
 func New() *Config {
 	return &Config{
 		CodeURL:     "https://hydra.arduino.cc/oauth2/auth",
 		TokenURL:    "https://hydra.arduino.cc/oauth2/token",
 		ClientID:    "cli",
-		RedirectURI: "http://auth.arduino.cc:5000",
+		RedirectURI: "http://localhost:5000",
 		Scopes:      "profile:core offline",
 	}
 }
 
+// Token is the response of the two authentication functions
+type Token struct {
+	// Access is the token to use to authenticate requests
+	Access string `json:"access_token"`
+
+	// Refresh is the token to use to request another access token. It's only returned if one of the scopes is "offline"
+	Refresh string `json:"refresh_token"`
+
+	// TTL is the number of seconds that the tokens will last
+	TTL int `json:"expires_in"`
+
+	// Scopes is a space-separated list of scopes associated to the access token
+	Scopes string `json:"scope"`
+
+	// Type is the type of token
+	Type string `json:"token_type"`
+}
+
 // Token authenticates with the given username and password and returns a Token object
 func (c *Config) Token(user, pass string) (*Token, error) {
 	// We want to make sure we send the proper cookies each step, so we don't follow redirects
@@ -131,37 +165,6 @@ func (c *Config) Refresh(token string) (*Token, error) {
 	return &data, nil
 }
 
-type User struct{}
-
-// LoggedUser returns the logged User's data.
-func (t *Token) LoggedUser() (*User, error) {
-	req, err := http.NewRequest("GET", "https://auth.arduino.cc/v1/users/byID/me", nil)
-	if err != nil {
-		return nil, err
-	}
-	req.SetBasicAuth("cli", "")
-	req.Header.Add("Authorization", "Bearer "+t.Access)
-	client := http.Client{}
-	resp, err := client.Do(req)
-	if err != nil {
-		return nil, errors.Wrap(err, "LoggedUser")
-	}
-	if resp.StatusCode != 200 {
-		return nil, errors.New(resp.Status)
-	}
-	defer resp.Body.Close()
-	content, err := ioutil.ReadAll(resp.Body)
-	if err != nil {
-		return nil, errors.Wrap(err, "LoggedUser")
-	}
-	var ret User
-	err = json.Unmarshal(content, &ret)
-	if err != nil {
-		return nil, errors.Wrap(err, "LoggedUser")
-	}
-	return &ret, nil
-}
-
 // cookies keeps track of the cookies for each request
 type cookies map[string][]*http.Cookie
 
@@ -269,7 +272,7 @@ func (c *Config) requestToken(client *http.Client, code string) (*Token, error)
 	}
 
 	req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
-	req.SetBasicAuth("cli", "")
+	req.SetBasicAuth(c.ClientID, "")
 	res, err := client.Do(req)
 	if err != nil {
 		return nil, err
@@ -280,6 +283,14 @@ func (c *Config) requestToken(client *http.Client, code string) (*Token, error)
 		return nil, err
 	}
 
+	if res.StatusCode != 200 {
+		data := struct {
+			Error string `json:"error_description"`
+		}{}
+		json.Unmarshal(body, &data)
+		return nil, errors.New(data.Error)
+	}
+
 	data := Token{}
 
 	err = json.Unmarshal(body, &data)

auth/auth_test.go

@@ -1,39 +1,64 @@
 package auth_test
 
-import "testing"
-import "github.com/bcmi-labs/arduino-cli/auth"
+import (
+	"encoding/json"
+	"flag"
+	"io/ioutil"
+	"net/http"
+	"os"
+	"testing"
 
-const (
-	testUsername = "ARDUINO-CLI-TEST-USER"
-	testPassword = "clitestuser"
+	"github.com/bcmi-labs/arduino-cli/auth"
 )
 
-func testConfig_Token(t *testing.T) (*auth.Config, *auth.Token) {
-	tokenConfig := auth.New()
-	t.Log(tokenConfig)
-	token, err := tokenConfig.Token(testUsername, testPassword)
+var (
+	testUser = flag.String("user", "", "The username of the test")
+	testPass = flag.String("pass", "", "The password of the test")
+)
+
+func TestMain(m *testing.M) {
+	flag.Parse()
+	os.Exit(m.Run())
+}
+
+func TestToken(t *testing.T) {
+	if *testUser == "" || *testPass == "" {
+		t.Skip("Skipped because -user and -pass were not provided")
+	}
+	auth := auth.New()
+	token, err := auth.Token(*testUser, *testPass)
 	if err != nil {
-		t.Error(err)
+		t.Fatal(err)
 	}
-	t.Log(token)
-	return tokenConfig, token
-}
 
-func TestConfig_Refresh(t *testing.T) {
-	tokenConfig, token := testConfig_Token(t)
+	// Obtain info
+	req, err := http.NewRequest("GET", "https://auth.arduino.cc/v1/users/byID/me", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+	req.Header.Add("Authorization", "Bearer "+token.Access)
+	client := http.Client{}
+	resp, err := client.Do(req)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if resp.StatusCode != 200 {
+		t.Fatal(resp.StatusCode)
+	}
 
-	newToken, err := tokenConfig.Refresh(token.Refresh)
+	body, err := ioutil.ReadAll(resp.Body)
 	if err != nil {
-		t.Error(err)
+		t.Fatal(err)
 	}
-	t.Log(newToken)
-}
 
-func TestConfig_MyUser(t *testing.T) {
-	_, token := testConfig_Token(t)
-	user, err := token.LoggedUser()
+	var data struct{ Username string }
+	err = json.Unmarshal(body, &data)
 	if err != nil {
 		t.Fatal(err)
 	}
-	t.Log(user)
+
+	if data.Username != *testUser {
+		t.Fatalf("Expected username '%s', got '%s'", *testUser, data.Username)
+	}
 }