Inject credentials from batch endpoint if applicable

lib/batch.js

@@ -331,6 +331,7 @@ internals.dispatch = async function (batchRequest, request) {
     const injectOptions = {
         url: path,
         method: request.method,
+        credentials: batchRequest.auth.credentials,
         headers: batchRequest.headers,
         payload: body
     };

test/batch.js

@@ -9,7 +9,7 @@ const Internals = require('./internals.js');
 // Test shortcuts
 
 const lab = exports.lab = Lab.script();
-const { describe, it, before } = lab;
+const { describe, it, before, beforeEach } = lab;
 const { expect } = Code;
 
 let server = null;
@@ -21,6 +21,11 @@ describe('Batch', () => {
         server = await Internals.setupServer();
     });
 
+    beforeEach( () => {
+
+        server.app = { authCount: 0 };
+    });
+
     it('shows single response when making request for single endpoint', async () => {
 
         const res = await Internals.makeRequest(server, '{ "requests": [{ "method": "get", "path": "/profile" }] }');
@@ -653,4 +658,13 @@ describe('Batch', () => {
         expect(res[4]).to.equal({ id: '55cf687663', paramString: 'Item', queryString: 'Item', payloadString: 'Item' });
         expect(res[5]).to.equal({ id: '55cf687663', name: 'John Doe' });
     });
+
+    it('supports reusing batch endpoint credentials for subsequent requests', async () => {
+
+        const res = await Internals.makeAuthenticatedRequest(server, '{ "requests": [ {"method": "get", "path": "/protected"}, {"method": "get", "path": "/protected"} ] }');
+
+        expect(server.app.authCount).to.equal(1);
+        expect(res[0]).to.equal('authenticated');
+        expect(res[1]).to.equal('authenticated');
+    });
 });

test/internals.js

@@ -201,9 +201,31 @@ const returnInputtedStringHandler = function (request, h) {
     };
 };
 
+const protectedHandler = function (request, h) {
+
+    return 'authenticated';
+};
+
 module.exports.setupServer = async function () {
 
     const server = new Hapi.Server();
+
+    server.auth.scheme('mockScheme', () => ({
+
+        authenticate: (request, h) => {
+
+            server.app.authCount += 1;
+
+            if (request.headers.authorization === '12345') {
+                return h.authenticated({ credentials: { user_id: 12345 } });
+            }
+
+            return h.unauthenticated();
+        }
+    }));
+
+    server.auth.strategy('mockStrategy', 'mockScheme');
+
     server.route([
         { method: 'POST', path: '/echo', handler: echoHandler },
         { method: 'PUT', path: '/echo', handler: echoHandler },
@@ -240,10 +262,26 @@ module.exports.setupServer = async function () {
         { method: 'GET', path: '/returnPathParamInteger/{pathParamInteger}', handler: returnPathParamHandler },
         { method: 'GET', path: '/getFalse', handler: getFalseHandler },
         { method: 'POST', path: '/returnInputtedBoolean', handler: returnInputtedBooleanHandler },
-        { method: 'POST', path: '/returnInputtedString/{id}/{paramString}', handler: returnInputtedStringHandler }
+        { method: 'POST', path: '/returnInputtedString/{id}/{paramString}', handler: returnInputtedStringHandler },
+        {
+            method: 'GET',
+            path: '/protected',
+            handler: protectedHandler,
+            options: {
+                auth: 'mockStrategy'
+            }
+        }
     ]);
 
-    await server.register(Bassmaster);
+    await server.register({
+        plugin: Bassmaster,
+        options: {
+            auth: {
+                strategy: 'mockStrategy',
+                mode: 'optional'
+            }
+        }
+    });
 
     return server;
 };
@@ -256,3 +294,13 @@ module.exports.makeRequest = async function (server, payload) {
         payload
     })).result;
 };
+
+module.exports.makeAuthenticatedRequest = async function (server, payload) {
+
+    return (await server.inject({
+        method: 'post',
+        url: '/batch',
+        headers: { authorization: '12345' },
+        payload
+    })).result;
+};