From 450888f54245a1beba8543386e3431c1cb454539 Mon Sep 17 00:00:00 2001
From: Ariel Ferreira <aferreira@bannerengineering.com>
Date: Sat, 26 Feb 2022 16:35:46 -0500
Subject: [PATCH 1/2] check if user contains token and use it instead of
 generating a new Token

---
 .../@node-red/editor-api/lib/auth/strategies.js    | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/packages/node_modules/@node-red/editor-api/lib/auth/strategies.js b/packages/node_modules/@node-red/editor-api/lib/auth/strategies.js
index 879b3f55b..e18925c19 100644
--- a/packages/node_modules/@node-red/editor-api/lib/auth/strategies.js
+++ b/packages/node_modules/@node-red/editor-api/lib/auth/strategies.js
@@ -92,10 +92,16 @@ var passwordTokenExchange = function(client, username, password, scope, done) {
                 loginAttempts = loginAttempts.filter(function(logEntry) {
                     return logEntry.user !== username;
                 });
-                Tokens.create(username,client.id,scope).then(function(tokens) {
-                    log.audit({event: "auth.login",user,username:username,client:client.id,scope:scope});
-                    done(null,tokens.accessToken,null,{expires_in:tokens.expires_in});
-                });
+                // Check if the user contains a user defined token and use it
+                // instead of generating a new token
+                if(user.token){
+                    done(null,user.token,null,null);
+                } else {
+                    Tokens.create(username,client.id,scope).then(function(tokens) {
+                        log.audit({event: "auth.login",user,username:username,client:client.id,scope:scope});
+                        done(null,tokens.accessToken,null,{expires_in:tokens.expires_in});
+                    });
+                }
             } else {
                 log.audit({event: "auth.login.fail.permissions",username:username,client:client.id,scope:scope});
                 done(null,false);

From 79a789c55795cd1a1404d55fb507a97e10e9a501 Mon Sep 17 00:00:00 2001
From: Ariel Ferreira <aferreira@bannerengineering.com>
Date: Sat, 26 Feb 2022 17:24:59 -0500
Subject: [PATCH 2/2] add test to check if in the case user contains token,
 Node-RED uses it instead of generating a new Token

---
 .../editor-api/lib/auth/strategies_spec.js       | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/test/unit/@node-red/editor-api/lib/auth/strategies_spec.js b/test/unit/@node-red/editor-api/lib/auth/strategies_spec.js
index 9fafc11ed..0da23d66a 100644
--- a/test/unit/@node-red/editor-api/lib/auth/strategies_spec.js
+++ b/test/unit/@node-red/editor-api/lib/auth/strategies_spec.js
@@ -92,7 +92,23 @@ describe("api/auth/strategies", function() {
                     tokenCreate.restore();
                 }
             });
+        });
 
+        it('Uses provided token on authentication success and token provided',function(done) {
+            userAuthentication = sinon.stub(Users,"authenticate").callsFake(function(username,password) {
+                return Promise.resolve({username:"user",permissions:"*",token:"123456"});
+            });
+
+            strategies.passwordTokenExchange({id:"myclient"},"user","password","read",function(err,token) {
+                try {
+                    should.not.exist(err);
+                    token.should.equal("123456");
+                    done();
+                } catch(e) {
+                    done(e);
+                }
+            });
+        
         });
     });