Fix handling of Bolt init auth metadata

Summary:
Our implementation of the Bolt protocol now correctly handles INIT message
metadata used for authentification. The related description from the Bolt
standard is: 'The token must contain either just the entry {"scheme": "none"}
or the keys scheme, principal, and credentials. Example {"scheme": "basic",
"principal": "user", "credentials": "secret"}". If no scheme is provided, it
defaults to "none".'

Reviewers: msantl

Reviewed By: msantl

Subscribers: pullbot

Differential Revision: https://phabricator.memgraph.io/D1518

src/communication/bolt/v1/states/init.hpp

@@ -61,21 +61,27 @@ State StateInitRun(Session &session) {
             << std::endl;
 
   // Get authentication data.
+  std::string username, password;
   auto &data = metadata.ValueMap();
-  if (!data.count("scheme") || !data.count("principal") ||
+  if (!data.count("scheme")) {
-      !data.count("credentials")) {
     LOG(WARNING) << "The client didn't supply authentication information!";
     return State::Close;
   }
-  if (data["scheme"].ValueString() != "basic") {
+  if (data["scheme"].ValueString() == "basic") {
+    if (!data.count("principal") || !data.count("credentials")) {
+      LOG(WARNING) << "The client didn't supply authentication information!";
+      return State::Close;
+    }
+    username = data["principal"].ValueString();
+    password = data["credentials"].ValueString();
+  } else if (data["scheme"].ValueString() != "none") {
     LOG(WARNING) << "Unsupported authentication scheme: "
                  << data["scheme"].ValueString();
     return State::Close;
   }
 
   // Authenticate the user.
-  if (!session.Authenticate(data["principal"].ValueString(),
+  if (!session.Authenticate(username, password)) {
-                            data["credentials"].ValueString())) {
     if (!session.encoder_.MessageFailure(
             {{"code", "Memgraph.ClientError.Security.Unauthenticated"},
              {"message", "Authentication failure"}})) {