Merge pull request #985 from oskarhane/no-initial-empty-auth-check

Don’t auto-connect without credentials

Author: oskarhane

src/browser/modules/Stream/Auth/ConnectForm.jsx

@@ -24,10 +24,17 @@ import { FormButton } from 'browser-components/buttons'
 import {
   StyledConnectionForm,
   StyledConnectionTextInput,
+  StyledConnectionSelect,
   StyledConnectionLabel,
   StyledConnectionFormEntry
 } from './styled'
 import InputEnterStepping from 'browser-components/InputEnterStepping/InputEnterStepping'
+import { NATIVE, NO_AUTH } from 'services/bolt/boltHelpers'
+
+const readableauthenticationMethods = {
+  [NATIVE]: 'Username / Password',
+  [NO_AUTH]: 'No authentication'
+}
 
 export default class ConnectForm extends Component {
   state = {
@@ -63,31 +70,54 @@ export default class ConnectForm extends Component {
                     })}
                   />
                 </StyledConnectionFormEntry>
-
                 <StyledConnectionFormEntry>
-                  <StyledConnectionLabel>Username</StyledConnectionLabel>
-                  <StyledConnectionTextInput
+                  <StyledConnectionLabel>
+                    Authentication type
+                  </StyledConnectionLabel>
+                  <StyledConnectionSelect
                     {...getInputPropsForIndex(1, {
-                      'data-testid': 'username',
-                      onChange: this.props.onUsernameChange,
-                      defaultValue: this.props.username,
+                      'data-testid': 'authenticationMethod',
+                      onChange: this.props.onAuthenticationMethodChange,
+                      value: this.props.authenticationMethod,
                       ref: ref => setRefForIndex(1, ref)
                     })}
-                  />
+                  >
+                    {[NATIVE, NO_AUTH].map((auth, i) => (
+                      <option value={auth} key={i}>
+                        {readableauthenticationMethods[auth]}
+                      </option>
+                    ))}
+                  </StyledConnectionSelect>
                 </StyledConnectionFormEntry>
 
-                <StyledConnectionFormEntry>
-                  <StyledConnectionLabel>Password</StyledConnectionLabel>
-                  <StyledConnectionTextInput
-                    {...getInputPropsForIndex(2, {
-                      'data-testid': 'password',
-                      onChange: this.props.onPasswordChange,
-                      defaultValue: this.props.password,
-                      type: 'password',
-                      ref: ref => setRefForIndex(2, ref)
-                    })}
-                  />
-                </StyledConnectionFormEntry>
+                {this.props.authenticationMethod === NATIVE && (
+                  <StyledConnectionFormEntry>
+                    <StyledConnectionLabel>Username</StyledConnectionLabel>
+                    <StyledConnectionTextInput
+                      {...getInputPropsForIndex(2, {
+                        'data-testid': 'username',
+                        onChange: this.props.onUsernameChange,
+                        defaultValue: this.props.username,
+                        ref: ref => setRefForIndex(2, ref)
+                      })}
+                    />
+                  </StyledConnectionFormEntry>
+                )}
+
+                {this.props.authenticationMethod === NATIVE && (
+                  <StyledConnectionFormEntry>
+                    <StyledConnectionLabel>Password</StyledConnectionLabel>
+                    <StyledConnectionTextInput
+                      {...getInputPropsForIndex(3, {
+                        'data-testid': 'password',
+                        onChange: this.props.onPasswordChange,
+                        defaultValue: this.props.password,
+                        type: 'password',
+                        ref: ref => setRefForIndex(3, ref)
+                      })}
+                    />
+                  </StyledConnectionFormEntry>
+                )}
 
                 <Render if={!this.state.connecting}>
                   <FormButton data-testid='connect' {...getSubmitProps()}>

src/browser/modules/Stream/Auth/ConnectionForm.jsx

@@ -35,7 +35,7 @@ import { shouldRetainConnectionCredentials } from 'shared/modules/dbMeta/dbMetaD
 import { FORCE_CHANGE_PASSWORD } from 'shared/modules/cypher/cypherDuck'
 import { changeCurrentUsersPasswordQueryObj } from 'shared/modules/cypher/procedureFactory'
 import { generateBoltHost } from 'services/utils'
-import { getEncryptionMode } from 'services/bolt/boltHelpers'
+import { getEncryptionMode, NATIVE, NO_AUTH } from 'services/bolt/boltHelpers'
 
 import ConnectForm from './ConnectForm'
 import ConnectedView from './ConnectedView'
@@ -47,8 +47,12 @@ export class ConnectionForm extends Component {
     const connection =
       this.props.activeConnectionData || this.props.frame.connectionData
     const isConnected = !!props.activeConnection
+    const authenticationMethod =
+      (connection && connection.authenticationMethod) || NATIVE
+
     this.state = {
       ...connection,
+      authenticationMethod,
       isConnected: isConnected,
       isLoading: false,
       passwordChangeNeeded: props.passwordChangeNeeded || false,
@@ -105,6 +109,14 @@ export class ConnectionForm extends Component {
     this.setState({ password })
     this.props.error({})
   }
+  onAuthenticationMethodChange (event) {
+    const authenticationMethod = event.target.value
+    const username =
+      authenticationMethod === NO_AUTH ? '' : this.state.username || 'neo4j'
+    const password = authenticationMethod === NO_AUTH ? '' : this.state.password
+    this.setState({ authenticationMethod, username, password })
+    this.props.error({})
+  }
   onHostChange (event) {
     const host = event.target.value
     this.setState({
@@ -187,7 +199,8 @@ export class ConnectionForm extends Component {
       id: this.state.id,
       host: this.state.host,
       username: this.state.username,
-      password: this.state.password
+      password: this.state.password,
+      authenticationMethod: this.state.authenticationMethod
     })
   }
   componentWillReceiveProps (nextProps) {
@@ -227,6 +240,7 @@ export class ConnectionForm extends Component {
           host={this.state.host}
           username={this.state.username}
           storeCredentials={this.props.storeCredentials}
+          hideStoreCredentials={this.state.authenticationMethod === NO_AUTH}
         />
       )
     } else if (!this.state.isConnected && !this.state.passwordChangeNeeded) {
@@ -236,9 +250,13 @@ export class ConnectionForm extends Component {
           onHostChange={this.onHostChange.bind(this)}
           onUsernameChange={this.onUsernameChange.bind(this)}
           onPasswordChange={this.onPasswordChange.bind(this)}
+          onAuthenticationMethodChange={this.onAuthenticationMethodChange.bind(
+            this
+          )}
           host={this.state.hostInputVal || this.state.host}
           username={this.state.username}
           password={this.state.password}
+          authenticationMethod={this.state.authenticationMethod}
           used={this.state.used}
         />
       )

src/browser/modules/Stream/Auth/ConnectionFrame.jsx

@@ -59,7 +59,7 @@ export class ConnectionFrame extends Component {
                 <React.Fragment>
                   <H3>Connect to Neo4j</H3>
                   <Lead>
-                    Database access requires an authenticated connection.
+                    Database access might require an authenticated connection.
                   </Lead>
                 </React.Fragment>
               </Render>

src/browser/modules/Stream/Auth/styled.jsx

@@ -19,7 +19,7 @@
  */
 
 import styled from 'styled-components'
-import { StyledInput } from 'browser-components/Form'
+import { StyledInput, StyledSelect } from 'browser-components/Form'
 import { StyledFrameAside } from '../../Frame/styled'
 
 export const StyledConnectionForm = styled.form`
@@ -43,6 +43,12 @@ export const StyledConnectionTextInput = styled(StyledInput)`
   min-width: 200px;
   width: 44%;
 `
+
+export const StyledConnectionSelect = styled(StyledSelect)`
+  min-width: 200px;
+  width: 44%;
+`
+
 export const StyledConnectionBodyContainer = styled.div`
   flex: 1 1 auto;
 `

src/shared/modules/connections/connectionsDuck.js

@@ -20,7 +20,7 @@
 
 import Rx from 'rxjs/Rx'
 import bolt from 'services/bolt/bolt'
-import { getEncryptionMode } from 'services/bolt/boltHelpers'
+import { getEncryptionMode, NO_AUTH } from 'services/bolt/boltHelpers'
 import * as discovery from 'shared/modules/discovery/discoveryDuck'
 import {
   fetchMetaData,
@@ -350,70 +350,43 @@ export const verifyConnectionCredentialsEpic = (action$, store) => {
 export const startupConnectEpic = (action$, store) => {
   return action$.ofType(discovery.DONE).mergeMap(action => {
     const connection = getConnection(store.getState(), discovery.CONNECTION_ID)
-    if (!connection || !connection.host) {
+
+    // No creds stored, fail auto-connect
+    if (
+      !connection ||
+      connection.authenticationMethod === NO_AUTH ||
+      !(connection.host && connection.username && connection.password)
+    ) {
       store.dispatch(setActiveConnection(null))
       store.dispatch(
-        discovery.updateDiscoveryConnection({ username: 'neo4j', password: '' })
+        discovery.updateDiscoveryConnection({ username: '', password: '' })
       )
       return Promise.resolve({ type: STARTUP_CONNECTION_FAILED })
     }
     return new Promise((resolve, reject) => {
+      // Try to connect with stored creds
       bolt
         .openConnection(
-          // Try without creds
           connection,
           {
-            withoutCredentials: true,
             encrypted: getEncryptionMode(connection),
             connectionTimeout: getConnectionTimeout(store.getState())
           },
           onLostConnection(store.dispatch)
         )
-        .then(r => {
-          store.dispatch(
-            discovery.updateDiscoveryConnection({
-              username: undefined,
-              password: undefined
-            })
-          )
+        .then(() => {
           store.dispatch(setActiveConnection(discovery.CONNECTION_ID))
           resolve({ type: STARTUP_CONNECTION_SUCCESS })
         })
-        .catch(() => {
-          if (!connection || (!connection.username && !connection.password)) {
-            // No creds stored
-            store.dispatch(setActiveConnection(null))
-            store.dispatch(
-              discovery.updateDiscoveryConnection({
-                username: 'neo4j',
-                password: ''
-              })
-            )
-            return resolve({ type: STARTUP_CONNECTION_FAILED })
-          }
-          bolt
-            .openConnection(
-              connection,
-              {
-                encrypted: getEncryptionMode(connection),
-                connectionTimeout: getConnectionTimeout(store.getState())
-              },
-              onLostConnection(store.dispatch)
-            ) // Try with stored creds
-            .then(connection => {
-              store.dispatch(setActiveConnection(discovery.CONNECTION_ID))
-              resolve({ type: STARTUP_CONNECTION_SUCCESS })
-            })
-            .catch(e => {
-              store.dispatch(setActiveConnection(null))
-              store.dispatch(
-                discovery.updateDiscoveryConnection({
-                  username: 'neo4j',
-                  password: ''
-                })
-              )
-              resolve({ type: STARTUP_CONNECTION_FAILED })
+        .catch(e => {
+          store.dispatch(setActiveConnection(null))
+          store.dispatch(
+            discovery.updateDiscoveryConnection({
+              username: '',
+              password: ''
             })
+          )
+          resolve({ type: STARTUP_CONNECTION_FAILED })
         })
     })
   })

src/shared/modules/connections/connectionsDuck.test.js

@@ -200,7 +200,7 @@ describe('connectionsDucks Epics', () => {
           expect(store.getActions()).toEqual([
             action,
             connections.setActiveConnection(null),
-            updateDiscoveryConnection({ username: 'neo4j', password: '' }),
+            updateDiscoveryConnection({ username: '', password: '' }),
             currentAction
           ])
           expect(bolt.openConnection).toHaveBeenCalledTimes(0)
@@ -285,10 +285,10 @@ describe('startupConnectEpic', () => {
           expect(actions).toEqual([
             action,
             connections.setActiveConnection(null),
-            updateDiscoveryConnection({ username: 'neo4j', password: '' }),
+            updateDiscoveryConnection({ username: '', password: '' }),
             currentAction
           ])
-          expect(bolt.openConnection).toHaveBeenCalledTimes(2)
+          expect(bolt.openConnection).toHaveBeenCalledTimes(1)
           expect(bolt.closeConnection).toHaveBeenCalledTimes(1)
           resolve()
         } catch (e) {

src/shared/services/bolt/boltConnection.js

@@ -22,7 +22,7 @@ import { v1 as neo4j } from 'neo4j-driver'
 import { v4 } from 'uuid'
 import { BoltConnectionError, createErrorObject } from '../exceptions'
 import { generateBoltHost } from 'services/utils'
-import { KERBEROS } from 'services/bolt/boltHelpers'
+import { KERBEROS, NATIVE } from 'services/bolt/boltHelpers'
 
 export const DIRECT_CONNECTION = 'DIRECT_CONNECTION'
 export const ROUTED_WRITE_CONNECTION = 'ROUTED_WRITE_CONNECTION'
@@ -69,15 +69,17 @@ const validateConnection = (driver, res, rej) => {
     })
 }
 
-const buildAuthObj = (props, opts) => {
+const buildAuthObj = props => {
   let auth
   if (props.authenticationMethod === KERBEROS) {
     auth = neo4j.auth.kerberos(props.password)
+  } else if (
+    props.authenticationMethod === NATIVE ||
+    !props.authenticationMethod
+  ) {
+    auth = neo4j.auth.basic(props.username, props.password)
   } else {
-    auth =
-      opts.withoutCredentials || !props.username
-        ? neo4j.auth.basic('', '')
-        : neo4j.auth.basic(props.username, props.password)
+    auth = null
   }
   return auth
 }
@@ -95,7 +97,7 @@ const getDriver = (host, auth, opts, onConnectFail = () => {}) => {
 
 export const getDriversObj = (props, opts = {}, onConnectFail = () => {}) => {
   const driversObj = {}
-  const auth = buildAuthObj(props, opts)
+  const auth = buildAuthObj(props)
   const getDirectDriver = () => {
     if (driversObj.direct) return driversObj.direct
     driversObj.direct = getDriver(props.host, auth, opts, onConnectFail)
@@ -124,7 +126,7 @@ export function directConnect (
   shouldValidateConnection = true
 ) {
   const p = new Promise((resolve, reject) => {
-    const auth = buildAuthObj(props, opts)
+    const auth = buildAuthObj(props)
     const driver = getDriver(props.host, auth, opts)
     driver.onError = e => {
       onLostConnection(e)

src/shared/services/bolt/boltHelpers.js

@@ -23,6 +23,7 @@ import { getUrlInfo } from 'services/utils'
 
 export const KERBEROS = 'KERBEROS'
 export const NATIVE = 'NATIVE'
+export const NO_AUTH = 'NO_AUTH'
 
 export const getEncryptionMode = options => {
   if (options && typeof options['encrypted'] !== 'undefined') {