Merge branch 'master-mirror' into BOOST-878-improve-azure-tests

docs/README.md

@@ -1437,16 +1437,31 @@ export class User {}
 @Role({
   auth: {
     signUpMethods: ['email', 'phone'],
+    skipConfirmation: false
   },
 })
 export class SuperUser {}
+
+@Role({
+  auth: {
+    signUpMethods: ['email', 'phone'],
+    skipConfirmation: true
+  },
+})
+export class SuperUserWithoutConfirmation {}
 ```
 
-Here, we have defined the `Admin`, `User` and `SuperUser` roles. They all contain an `auth` attribute. This one contains a `signUpMethods` attribute. When this value is empty (`Admin` role) a user can't use this role to sign up.
+Here, we have defined the `Admin`, `User`, `SuperUser` and `SuperUserWithoutConfirmation` roles. They all contain an `auth` attribute which contains a `signUpMethods` and `skipConfirmation` attributes.
 
-`signUpMethods` is an array with limited possible values: `email` or `phone` or a combination of both.
+When `signUpMethods` is empty (`Admin` role) or is not specified, a user can't use this role to sign up.
+`signUpMethods` is an array with limited possible values: `email`, `phone` or a combination of both.
 Users with the `User` role will only be able to sign up with their emails, whereas the ones with the `SuperUser` role will be able to sign up with either their email or their phone number.
 
+When `skipConfirmation` is false or not specified, a confirmation is required for the chosen sign up method.
+Users that sign up with their emails will receive a confirmation link in their inbox. They just need to click it to confirm their registration.
+Users that sign up with their phones will receive a confirmation code as an SMS message. That code needs to be sent back using the [confirmation endpoint](#sign-up/confirm)
+If `skipConfirmation` is set to true, users can sign in without confirmation after signing up.
+
 If your Booster application has roles defined, an [authentication API](#authentication-api) will be provisioned. It will allow your users to gain
 access to your resources.
 
@@ -1461,10 +1476,6 @@ The base URL of all these endpoints is the `httpURL` output of your application.
 
 ##### Sign-up
 Users can use this endpoint to register in your application and get a role assigned to them.
-Only roles that filled `signUpMethods` with valid entries can be used upon sign-up. After calling this endpoint, the
-registration isn't completed yet. 
-Users that sign up with their emails will receive a confirmation link in their inbox. They just need to click it to confirm their registration.
-Users that sign up with their phones will receive a confirmation code as an SMS message. That code needs to be sent back using the [confirmation endpoint](#sign-up/confirm)
 
 ![confirmation email](./img/sign-up-verificaiton-email.png)
 ![email confirmed](./img/sign-up-confirmed.png)

lerna.json

@@ -13,7 +13,7 @@
     "packages/cli",
     "packages/framework-integration-tests"
   ],
-  "version": "0.5.1",
+  "version": "0.6.0",
   "npmClient": "yarn",
   "useWorkspaces": true
 }

packages/cli/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@boostercloud/cli",
   "description": "CLI of the Booster Cloud Framework, the next level of abstraction for cloud-native applications",
-  "version": "0.5.1",
+  "version": "0.6.0",
   "author": "Booster Cloud",
   "homepage": "https://booster.cloud",
   "publishConfig": {
@@ -12,8 +12,8 @@
   },
   "bugs": "https://github.com/boostercloud/booster/issues",
   "dependencies": {
-    "@boostercloud/framework-core": "^0.5.1",
-    "@boostercloud/framework-types": "^0.5.1",
+    "@boostercloud/framework-core": "^0.6.0",
+    "@boostercloud/framework-types": "^0.6.0",
     "@oclif/command": "^1",
     "@oclif/config": "^1",
     "@oclif/plugin-help": "^2",

packages/framework-core/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@boostercloud/framework-core",
-  "version": "0.5.1",
+  "version": "0.6.0",
   "description": "Library for your Booster apps",
   "author": "Booster Cloud",
   "homepage": "https://booster.cloud",
@@ -28,7 +28,7 @@
     "url": "https://github.com/boostercloud/booster/issues"
   },
   "dependencies": {
-    "@boostercloud/framework-types": "^0.5.1",
+    "@boostercloud/framework-types": "^0.6.0",
     "fp-ts": "^2.0.3",
     "graphql": "^15.0.0",
     "graphql-subscriptions": "^1.1.0",

packages/framework-core/src/booster-auth.ts

@@ -46,7 +46,7 @@ export class BoosterAuth {
       }
     }
 
-    return rawMessage
+    return config.provider.auth.handleSignUpResult(config, rawMessage, userEnvelope)
   }
 
   public static isUserAuthorized(authorizedRoles: RoleAccess['authorize'], user?: UserEnvelope): boolean {

packages/framework-core/test/booster-auth.test.ts

@@ -22,7 +22,10 @@ describe('the "checkSignUp" method', () => {
   function buildBoosterConfig(): BoosterConfig {
     const config = new BoosterConfig('test')
     config.provider = ({
-      auth: { rawToEnvelope: () => {} },
+      auth: {
+        rawToEnvelope: () => {},
+        handleSignUpResult: () => {},
+      },
     } as unknown) as ProviderLibrary
     config.roles['Admin'] = {
       auth: {
@@ -32,18 +35,21 @@ describe('the "checkSignUp" method', () => {
     config.roles['UserWithEmail'] = {
       auth: {
         signUpMethods: ['email'],
+        skipConfirmation: false,
       },
     }
 
     config.roles['UserWithPhone'] = {
       auth: {
         signUpMethods: ['phone'],
+        skipConfirmation: false,
       },
     }
 
     config.roles['SuperUser'] = {
       auth: {
         signUpMethods: ['phone', 'email'],
+        skipConfirmation: true,
       },
     }
 
@@ -78,7 +84,7 @@ describe('the "checkSignUp" method', () => {
     )
   })
 
-  it('succeeds when the user signs up with an email and SignUpOptions has email as value', () => {
+  it('succeeds when a user signs up with an email and confirmation is required', () => {
     const config = buildBoosterConfig()
     replace(
       config.provider.auth,
@@ -88,11 +94,21 @@ describe('the "checkSignUp" method', () => {
         username: 'test@gmail.com',
       })
     )
+    replace(
+      config.provider.auth,
+      'handleSignUpResult',
+      fake.returns({
+        response: {
+          autoConfirmUser: false,
+        },
+      })
+    )
 
-    expect(() => BoosterAuth.checkSignUp({}, config, logger)).not.to.throw()
+    const rawMessage = BoosterAuth.checkSignUp({}, config, logger)
+    expect(rawMessage.response.autoConfirmUser).to.be.false
   })
 
-  it('succeeds when the user signs up with a phone number and SignUpOptions has phone as value', () => {
+  it('succeeds when the user signs up with a phone number and confirmation is required', () => {
     const config = buildBoosterConfig()
     replace(
       config.provider.auth,
@@ -102,11 +118,21 @@ describe('the "checkSignUp" method', () => {
         username: '+59165783459',
       })
     )
+    replace(
+      config.provider.auth,
+      'handleSignUpResult',
+      fake.returns({
+        response: {
+          autoConfirmUser: false,
+        },
+      })
+    )
 
-    expect(() => BoosterAuth.checkSignUp({}, config, logger)).not.to.throw()
+    const rawMessage = BoosterAuth.checkSignUp({}, config, logger)
+    expect(rawMessage.response.autoConfirmUser).to.be.false
   })
 
-  it('succeeds user to sign up with email when SignUpOptions has phone and email as value', () => {
+  it('succeeds user to sign up with email when role allows both sign up options email and phone number, confirmation is not required', () => {
     const config = buildBoosterConfig()
     replace(
       config.provider.auth,
@@ -116,11 +142,21 @@ describe('the "checkSignUp" method', () => {
         username: 'test@gmail.com',
       })
     )
+    replace(
+      config.provider.auth,
+      'handleSignUpResult',
+      fake.returns({
+        response: {
+          autoConfirmUser: true,
+        },
+      })
+    )
 
-    expect(() => BoosterAuth.checkSignUp({}, config, logger)).not.to.throw()
+    const rawMessage = BoosterAuth.checkSignUp({}, config, logger)
+    expect(rawMessage.response.autoConfirmUser).to.be.true
   })
 
-  it('succeeds user to sign up with phone when SignUpOptions has phone and email as value', () => {
+  it('succeeds user to sign up with phone number when role allows both sign up options email and phone number, confirmation is not required', () => {
     const config = buildBoosterConfig()
     replace(
       config.provider.auth,
@@ -130,11 +166,21 @@ describe('the "checkSignUp" method', () => {
         username: '+59165783459',
       })
     )
+    replace(
+      config.provider.auth,
+      'handleSignUpResult',
+      fake.returns({
+        response: {
+          autoConfirmUser: true,
+        },
+      })
+    )
 
-    expect(() => BoosterAuth.checkSignUp({}, config, logger)).not.to.throw()
+    const rawMessage = BoosterAuth.checkSignUp({}, config, logger)
+    expect(rawMessage.response.autoConfirmUser).to.be.true
   })
 
-  it('throws an error when user signs up with phone but SignUpOptions has email as value', () => {
+  it('throws an error when user signs up with phone but role only allows email to sign up', () => {
     const config = buildBoosterConfig()
     replace(
       config.provider.auth,
@@ -150,7 +196,7 @@ describe('the "checkSignUp" method', () => {
     )
   })
 
-  it('throws an error when user signs up with email but SignUpOptions has phone as value', () => {
+  it('throws an error when user signs up with email but role only allows phone number to sign up', () => {
     const config = buildBoosterConfig()
     replace(
       config.provider.auth,