refactor(authn api): reformat for elvis compliance

apps/emqx_authn/src/emqx_authn_api.erl

@@ -90,9 +90,8 @@ roots() -> [ request_user_create
 
 fields(request_user_create) ->
     [
-        {user_id, binary()},
-        {password, binary()},
-        {is_superuser, mk(boolean(), #{default => false, nullable => true})}
+        {user_id, binary()}
+        | fields(request_user_update)
     ];
 
 fields(request_user_update) ->
@@ -125,7 +124,7 @@ fields(pagination_meta) ->
 
 schema("/authentication") ->
     #{
-        operationId => authenticators,
+        'operationId' => authenticators,
         get => #{
             tags => [<<"authentication">>, <<"global">>],
             description => <<"List authenticators for global authentication">>,
@@ -138,7 +137,7 @@ schema("/authentication") ->
         post => #{
             tags => [<<"authentication">>, <<"global">>],
             description => <<"Create authenticator for global authentication">>,
-            requestBody => emqx_dashboard_swagger:schema_with_examples(
+            'requestBody' => emqx_dashboard_swagger:schema_with_examples(
                 emqx_authn_schema:authenticator_type(),
                 authenticator_examples()),
             responses => #{
@@ -153,7 +152,7 @@ schema("/authentication") ->
 
 schema("/authentication/:id") ->
     #{
-        operationId => authenticator,
+        'operationId' => authenticator,
         get => #{
             tags => [<<"authentication">>, <<"global">>],
             description => <<"Get authenticator from global authentication chain">>,
@@ -169,7 +168,7 @@ schema("/authentication/:id") ->
             tags => [<<"authentication">>, <<"global">>],
             description => <<"Update authenticator from global authentication chain">>,
             parameters => [{id, mk(binary(), #{in => path, desc => <<"Authenticator ID">>})}],
-            requestBody => emqx_dashboard_swagger:schema_with_examples(
+            'requestBody' => emqx_dashboard_swagger:schema_with_examples(
                 emqx_authn_schema:authenticator_type(),
                 authenticator_examples()
             ),
@@ -195,7 +194,7 @@ schema("/authentication/:id") ->
 
 schema("/listeners/:listener_id/authentication") ->
     #{
-        operationId => listener_authenticators,
+        'operationId' => listener_authenticators,
         get => #{
             tags => [<<"authentication">>, <<"listener">>],
             description => <<"List authenticators for listener authentication">>,
@@ -210,7 +209,7 @@ schema("/listeners/:listener_id/authentication") ->
             tags => [<<"authentication">>, <<"listener">>],
             description => <<"Create authenticator for listener authentication">>,
             parameters => [{listener_id, mk(binary(), #{in => path, desc => <<"Listener ID">>})}],
-            requestBody => emqx_dashboard_swagger:schema_with_examples(
+            'requestBody' => emqx_dashboard_swagger:schema_with_examples(
                 emqx_authn_schema:authenticator_type(),
                 authenticator_examples()
             ),
@@ -226,7 +225,7 @@ schema("/listeners/:listener_id/authentication") ->
 
 schema("/listeners/:listener_id/authentication/:id") ->
     #{
-        operationId => listener_authenticator,
+        'operationId' => listener_authenticator,
         get => #{
             tags => [<<"authentication">>, <<"listener">>],
             description => <<"Get authenticator from listener authentication chain">>,
@@ -248,7 +247,7 @@ schema("/listeners/:listener_id/authentication/:id") ->
                 {listener_id, mk(binary(), #{in => path, desc => <<"Listener ID">>})},
                 {id, mk(binary(), #{in => path, desc => <<"Authenticator ID">>})}
             ],
-            requestBody => emqx_dashboard_swagger:schema_with_examples(
+            'requestBody' => emqx_dashboard_swagger:schema_with_examples(
                 emqx_authn_schema:authenticator_type(),
                 authenticator_examples()),
             responses => #{
@@ -277,12 +276,12 @@ schema("/listeners/:listener_id/authentication/:id") ->
 
 schema("/authentication/:id/move") ->
     #{
-        operationId => authenticator_move,
+        'operationId' => authenticator_move,
         post => #{
             tags => [<<"authentication">>, <<"global">>],
             description => <<"Move authenticator in global authentication chain">>,
             parameters => [{id, mk(binary(), #{in => path, desc => <<"Authenticator ID">>})}],
-            requestBody => emqx_dashboard_swagger:schema_with_examples(
+            'requestBody' => emqx_dashboard_swagger:schema_with_examples(
                 ref(request_move),
                 request_move_examples()),
             responses => #{
@@ -295,7 +294,7 @@ schema("/authentication/:id/move") ->
 
 schema("/listeners/:listener_id/authentication/:id/move") ->
     #{
-        operationId => listener_authenticator_move,
+        'operationId' => listener_authenticator_move,
         post => #{
             tags => [<<"authentication">>, <<"listener">>],
             description => <<"Move authenticator in listener authentication chain">>,
@@ -303,7 +302,7 @@ schema("/listeners/:listener_id/authentication/:id/move") ->
                 {listener_id, mk(binary(), #{in => path, desc => <<"Listener ID">>})},
                 {id, mk(binary(), #{in => path, desc => <<"Authenticator ID">>})}
             ],
-            requestBody => emqx_dashboard_swagger:schema_with_examples(
+            'requestBody' => emqx_dashboard_swagger:schema_with_examples(
                 ref(request_move),
                 request_move_examples()),
             responses => #{
@@ -316,12 +315,12 @@ schema("/listeners/:listener_id/authentication/:id/move") ->
 
 schema("/authentication/:id/import_users") ->
     #{
-        operationId => authenticator_import_users,
+        'operationId' => authenticator_import_users,
         post => #{
             tags => [<<"authentication">>, <<"global">>],
             description => <<"Import users into authenticator in global authentication chain">>,
             parameters => [{id, mk(binary(), #{in => path, desc => <<"Authenticator ID">>})}],
-            requestBody => emqx_dashboard_swagger:schema_with_examples(
+            'requestBody' => emqx_dashboard_swagger:schema_with_examples(
                 ref(request_import_users),
                 request_import_users_examples()),
             responses => #{
@@ -334,7 +333,7 @@ schema("/authentication/:id/import_users") ->
 
 schema("/listeners/:listener_id/authentication/:id/import_users") ->
     #{
-        operationId => listener_authenticator_import_users,
+        'operationId' => listener_authenticator_import_users,
         post => #{
             tags => [<<"authentication">>, <<"listener">>],
             description => <<"Import users into authenticator in listener authentication chain">>,
@@ -342,7 +341,7 @@ schema("/listeners/:listener_id/authentication/:id/import_users") ->
                 {listener_id, mk(binary(), #{in => path, desc => <<"Listener ID">>})},
                 {id, mk(binary(), #{in => path, desc => <<"Authenticator ID">>})}
             ],
-            requestBody => emqx_dashboard_swagger:schema_with_examples(
+            'requestBody' => emqx_dashboard_swagger:schema_with_examples(
                 ref(request_import_users),
                 request_import_users_examples()),
             responses => #{
@@ -355,12 +354,12 @@ schema("/listeners/:listener_id/authentication/:id/import_users") ->
 
 schema("/authentication/:id/users") ->
     #{
-        operationId => authenticator_users,
+        'operationId' => authenticator_users,
         post => #{
             tags => [<<"authentication">>, <<"global">>],
             description => <<"Create users for authenticator in global authentication chain">>,
             parameters => [{id, mk(binary(), #{in => path, desc => <<"Authenticator ID">>})}],
-            requestBody => emqx_dashboard_swagger:schema_with_examples(
+            'requestBody' => emqx_dashboard_swagger:schema_with_examples(
                 ref(request_user_create),
                 request_user_create_examples()),
             responses => #{
@@ -391,7 +390,7 @@ schema("/authentication/:id/users") ->
 
 schema("/listeners/:listener_id/authentication/:id/users") ->
     #{
-        operationId => listener_authenticator_users,
+        'operationId' => listener_authenticator_users,
         post => #{
             tags => [<<"authentication">>, <<"listener">>],
             description => <<"Create users for authenticator in global authentication chain">>,
@@ -399,7 +398,7 @@ schema("/listeners/:listener_id/authentication/:id/users") ->
                 {listener_id, mk(binary(), #{in => path, desc => <<"Listener ID">>})},
                 {id, mk(binary(), #{in => path, desc => <<"Authenticator ID">>})}
             ],
-            requestBody => emqx_dashboard_swagger:schema_with_examples(
+            'requestBody' => emqx_dashboard_swagger:schema_with_examples(
                 ref(request_user_create),
                 request_user_create_examples()),
             responses => #{
@@ -431,7 +430,7 @@ schema("/listeners/:listener_id/authentication/:id/users") ->
 
 schema("/authentication/:id/users/:user_id") ->
     #{
-        operationId => authenticator_user,
+        'operationId' => authenticator_user,
         get => #{
             tags => [<<"authentication">>, <<"global">>],
             description => <<"Get user from authenticator in global authentication chain">>,
@@ -453,7 +452,7 @@ schema("/authentication/:id/users/:user_id") ->
                 {id, mk(binary(), #{in => path, desc => <<"Authenticator ID">>})},
                 {user_id, mk(binary(), #{in => path, desc => <<"User ID">>})}
             ],
-            requestBody => emqx_dashboard_swagger:schema_with_examples(
+            'requestBody' => emqx_dashboard_swagger:schema_with_examples(
                 ref(request_user_update),
                 request_user_update_examples()),
             responses => #{
@@ -480,7 +479,7 @@ schema("/authentication/:id/users/:user_id") ->
 
 schema("/listeners/:listener_id/authentication/:id/users/:user_id") ->
     #{
-        operationId => listener_authenticator_user,
+        'operationId' => listener_authenticator_user,
         get => #{
             tags => [<<"authentication">>, <<"listener">>],
             description => <<"Get user from authenticator in listener authentication chain">>,
@@ -504,7 +503,7 @@ schema("/listeners/:listener_id/authentication/:id/users/:user_id") ->
                 {id, mk(binary(), #{in => path, desc => <<"Authenticator ID">>})},
                 {user_id, mk(binary(), #{in => path, desc => <<"User ID">>})}
             ],
-            requestBody => emqx_dashboard_swagger:schema_with_example(
+            'requestBody' => emqx_dashboard_swagger:schema_with_example(
                 ref(request_user_update),
                 request_user_update_examples()),
             responses => #{
@@ -566,7 +565,9 @@ listener_authenticator(get, #{bindings := #{listener_id := ListenerID, id := Aut
                         list_authenticator([listeners, Type, Name, authentication],
                                        AuthenticatorID)
                   end);
-listener_authenticator(put, #{bindings := #{listener_id := ListenerID, id := AuthenticatorID}, body := Config}) ->
+listener_authenticator(put,
+                       #{bindings := #{listener_id := ListenerID, id := AuthenticatorID},
+                         body := Config}) ->
     with_listener(ListenerID,
                   fun(Type, Name, ChainName) ->
                         update_authenticator([listeners, Type, Name, authentication],
@@ -574,7 +575,8 @@ listener_authenticator(put, #{bindings := #{listener_id := ListenerID, id := Aut
                                              AuthenticatorID,
                                              Config)
                   end);
-listener_authenticator(delete, #{bindings := #{listener_id := ListenerID, id := AuthenticatorID}}) ->
+listener_authenticator(delete,
+                       #{bindings := #{listener_id := ListenerID, id := AuthenticatorID}}) ->
     with_listener(ListenerID,
                   fun(Type, Name, ChainName) ->
                         delete_authenticator([listeners, Type, Name, authentication],
@@ -582,12 +584,16 @@ listener_authenticator(delete, #{bindings := #{listener_id := ListenerID, id :=
                                              AuthenticatorID)
                   end).
 
-authenticator_move(post, #{bindings := #{id := AuthenticatorID}, body := #{<<"position">> := Position}}) ->
+authenticator_move(post,
+                   #{bindings := #{id := AuthenticatorID},
+                     body := #{<<"position">> := Position}}) ->
     move_authenitcator([authentication], ?GLOBAL, AuthenticatorID, Position);
 authenticator_move(post, #{bindings := #{id := _}, body := _}) ->
     serialize_error({missing_parameter, position}).
 
-listener_authenticator_move(post, #{bindings := #{listener_id := ListenerID, id := AuthenticatorID}, body := #{<<"position">> := Position}}) ->
+listener_authenticator_move(post,
+                            #{bindings := #{listener_id := ListenerID, id := AuthenticatorID},
+                              body := #{<<"position">> := Position}}) ->
     with_listener(ListenerID,
                   fun(Type, Name, ChainName) ->
                         move_authenitcator([listeners, Type, Name, authentication],
@@ -598,22 +604,28 @@ listener_authenticator_move(post, #{bindings := #{listener_id := ListenerID, id
 listener_authenticator_move(post, #{bindings := #{listener_id := _, id := _}, body := _}) ->
     serialize_error({missing_parameter, position}).
 
-authenticator_import_users(post, #{bindings := #{id := AuthenticatorID}, body := #{<<"filename">> := Filename}}) ->
-    case ?AUTHN:import_users(?GLOBAL, AuthenticatorID, Filename) of
+authenticator_import_users(post,
+                           #{bindings := #{id := AuthenticatorID},
+                             body := #{<<"filename">> := Filename}}) ->
+    case emqx_authentication:import_users(?GLOBAL, AuthenticatorID, Filename) of
         ok -> {204};
         {error, Reason} -> serialize_error(Reason)
     end;
 authenticator_import_users(post, #{bindings := #{id := _}, body := _}) ->
     serialize_error({missing_parameter, filename}).
 
-listener_authenticator_import_users(post, #{bindings := #{listener_id := ListenerID, id := AuthenticatorID}, body := #{<<"filename">> := Filename}}) ->
-    with_chain(ListenerID,
-                    fun(ChainName) ->
-                        case ?AUTHN:import_users(ChainName, AuthenticatorID, Filename) of
-                            ok -> {204};
-                            {error, Reason} -> serialize_error(Reason)
-                        end
-                    end);
+listener_authenticator_import_users(
+  post,
+  #{bindings := #{listener_id := ListenerID, id := AuthenticatorID},
+    body := #{<<"filename">> := Filename}}) ->
+    with_chain(
+      ListenerID,
+      fun(ChainName) ->
+              case emqx_authentication:import_users(ChainName, AuthenticatorID, Filename) of
+                  ok -> {204};
+                  {error, Reason} -> serialize_error(Reason)
+              end
+      end);
 listener_authenticator_import_users(post, #{bindings := #{listener_id := _, id := _}, body := _}) ->
     serialize_error({missing_parameter, filename}).
 
@@ -694,7 +706,7 @@ find_listener(ListenerID) ->
     end.
 
 with_chain(ListenerID, Fun) ->
-    {ok, ChainNames} = ?AUTHN:list_chain_names(),
+    {ok, ChainNames} = emqx_authentication:list_chain_names(),
     ListenerChainName =
         [ Name || Name <- ChainNames, atom_to_binary(Name) =:= ListenerID ],
     case ListenerChainName of
@@ -706,7 +718,7 @@ with_chain(ListenerID, Fun) ->
 
 create_authenticator(ConfKeyPath, ChainName, Config) ->
     case update_config(ConfKeyPath, {create_authenticator, ChainName, Config}) of
-        {ok, #{post_config_update := #{?AUTHN := #{id := ID}},
+        {ok, #{post_config_update := #{emqx_authentication := #{id := ID}},
             raw_config := AuthenticatorsConfig}} ->
             {ok, AuthenticatorConfig} = find_config(ID, AuthenticatorsConfig),
             {200, maps:put(id, ID, convert_certs(fill_defaults(AuthenticatorConfig)))};
@@ -716,7 +728,10 @@ create_authenticator(ConfKeyPath, ChainName, Config) ->
 
 list_authenticators(ConfKeyPath) ->
     AuthenticatorsConfig = get_raw_config_with_defaults(ConfKeyPath),
-    NAuthenticators = [maps:put(id, ?AUTHN:authenticator_id(AuthenticatorConfig), convert_certs(AuthenticatorConfig))
+    NAuthenticators = [ maps:put(
+                          id,
+                          emqx_authentication:authenticator_id(AuthenticatorConfig),
+                          convert_certs(AuthenticatorConfig))
                         || AuthenticatorConfig <- AuthenticatorsConfig],
     {200, NAuthenticators}.
 
@@ -731,7 +746,7 @@ list_authenticator(ConfKeyPath, AuthenticatorID) ->
 
 update_authenticator(ConfKeyPath, ChainName, AuthenticatorID, Config) ->
     case update_config(ConfKeyPath, {update_authenticator, ChainName, AuthenticatorID, Config}) of
-        {ok, #{post_config_update := #{?AUTHN := #{id := ID}},
+        {ok, #{post_config_update := #{emqx_authentication := #{id := ID}},
                raw_config := AuthenticatorsConfig}} ->
             {ok, AuthenticatorConfig} = find_config(ID, AuthenticatorsConfig),
             {200, maps:put(id, ID, convert_certs(fill_defaults(AuthenticatorConfig)))};
@@ -750,7 +765,9 @@ delete_authenticator(ConfKeyPath, ChainName, AuthenticatorID) ->
 move_authenitcator(ConfKeyPath, ChainName, AuthenticatorID, Position) ->
     case parse_position(Position) of
         {ok, NPosition} ->
-            case update_config(ConfKeyPath, {move_authenticator, ChainName, AuthenticatorID, NPosition}) of
+            case update_config(
+                   ConfKeyPath,
+                   {move_authenticator, ChainName, AuthenticatorID, NPosition}) of
                 {ok, _} ->
                     {204};
                 {error, {_, _, Reason}} ->
@@ -760,9 +777,11 @@ move_authenitcator(ConfKeyPath, ChainName, AuthenticatorID, Position) ->
             serialize_error(Reason)
     end.
 
-add_user(ChainName, AuthenticatorID, #{<<"user_id">> := UserID, <<"password">> := Password} = UserInfo) ->
+add_user(ChainName,
+         AuthenticatorID,
+         #{<<"user_id">> := UserID, <<"password">> := Password} = UserInfo) ->
     IsSuperuser = maps:get(<<"is_superuser">>, UserInfo, false),
-    case ?AUTHN:add_user(ChainName, AuthenticatorID, #{ user_id => UserID
+    case emqx_authentication:add_user(ChainName, AuthenticatorID, #{ user_id => UserID
                                                       , password => Password
                                                       , is_superuser => IsSuperuser}) of
         {ok, User} ->
@@ -780,7 +799,7 @@ update_user(ChainName, AuthenticatorID, UserID, UserInfo) ->
         true ->
             serialize_error({missing_parameter, password});
         false ->
-            case ?AUTHN:update_user(ChainName, AuthenticatorID, UserID, UserInfo) of
+            case emqx_authentication:update_user(ChainName, AuthenticatorID, UserID, UserInfo) of
                 {ok, User} ->
                     {200, User};
                 {error, Reason} ->
@@ -789,7 +808,7 @@ update_user(ChainName, AuthenticatorID, UserID, UserInfo) ->
     end.
 
 find_user(ChainName, AuthenticatorID, UserID) ->
-    case ?AUTHN:lookup_user(ChainName, AuthenticatorID, UserID) of
+    case emqx_authentication:lookup_user(ChainName, AuthenticatorID, UserID) of
         {ok, User} ->
             {200, User};
         {error, Reason} ->
@@ -797,7 +816,7 @@ find_user(ChainName, AuthenticatorID, UserID) ->
     end.
 
 delete_user(ChainName, AuthenticatorID, UserID) ->
-    case ?AUTHN:delete_user(ChainName, AuthenticatorID, UserID) of
+    case emqx_authentication:delete_user(ChainName, AuthenticatorID, UserID) of
         ok ->
             {204};
         {error, Reason} ->
@@ -805,7 +824,7 @@ delete_user(ChainName, AuthenticatorID, UserID) ->
     end.
 
 list_users(ChainName, AuthenticatorID, PageParams) ->
-    case ?AUTHN:list_users(ChainName, AuthenticatorID, PageParams) of
+    case emqx_authentication:list_users(ChainName, AuthenticatorID, PageParams) of
         {ok, Users} ->
             {200, Users};
         {error, Reason} ->
@@ -821,7 +840,11 @@ get_raw_config_with_defaults(ConfKeyPath) ->
     ensure_list(fill_defaults(RawConfig)).
 
 find_config(AuthenticatorID, AuthenticatorsConfig) ->
-    case [AC || AC <- ensure_list(AuthenticatorsConfig), AuthenticatorID =:= ?AUTHN:authenticator_id(AC)] of
+    MatchingACs
+        = [AC
+           || AC <- ensure_list(AuthenticatorsConfig),
+              AuthenticatorID =:= emqx_authentication:authenticator_id(AC)],
+    case MatchingACs of
         [] -> {error, {not_found, {authenticator, AuthenticatorID}}};
         [AuthenticatorConfig] -> {ok, AuthenticatorConfig}
     end.

apps/emqx_authn/test/emqx_authn_api_SUITE.erl

@@ -49,7 +49,9 @@ init_per_testcase(_, Config) ->
     Config.
 
 init_per_suite(Config) ->
-    ok = emqx_common_test_helpers:start_apps([emqx_authn, emqx_dashboard], fun set_special_configs/1),
+    ok = emqx_common_test_helpers:start_apps(
+           [emqx_authn, emqx_dashboard],
+           fun set_special_configs/1),
     Config.
 
 end_per_suite(_Config) ->
@@ -118,322 +120,275 @@ test_authenticators(PathPrefix) ->
 
     ValidConfig = emqx_authn_test_lib:http_example(),
     {ok, 200, _} = request(
-                    post,
-                    uri(PathPrefix ++ ["authentication"]),
-                    ValidConfig),
+                     post,
+                     uri(PathPrefix ++ ["authentication"]),
+                     ValidConfig),
 
     InvalidConfig = ValidConfig#{method => <<"delete">>},
     {ok, 400, _} = request(
-                    post,
-                    uri(PathPrefix ++ ["authentication"]),
-                    InvalidConfig),
+                     post,
+                     uri(PathPrefix ++ ["authentication"]),
+                     InvalidConfig),
 
     ?assertAuthenticatorsMatch(
-        [#{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"http">>}],
-        PathPrefix ++ ["authentication"]).
+       [#{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"http">>}],
+       PathPrefix ++ ["authentication"]).
 
 test_authenticator(PathPrefix) ->
     ValidConfig0 = emqx_authn_test_lib:http_example(),
 
     {ok, 200, _} = request(
-                    post,
-                    uri(PathPrefix ++ ["authentication"]),
-                    ValidConfig0),
+                     post,
+                     uri(PathPrefix ++ ["authentication"]),
+                     ValidConfig0),
 
     {ok, 200, _} = request(
-                    get,
-                    uri(PathPrefix ++ ["authentication", "password-based:http"])),
+                     get,
+                     uri(PathPrefix ++ ["authentication", "password-based:http"])),
 
     {ok, 404, _} = request(
-                    get,
-                    uri(PathPrefix ++ ["authentication", "password-based:redis"])),
+                     get,
+                     uri(PathPrefix ++ ["authentication", "password-based:redis"])),
 
 
     {ok, 404, _} = request(
-                    put,
-                    uri(PathPrefix ++ ["authentication", "password-based:built-in-database"]),
-                    emqx_authn_test_lib:built_in_database_example()),
+                     put,
+                     uri(PathPrefix ++ ["authentication", "password-based:built-in-database"]),
+                     emqx_authn_test_lib:built_in_database_example()),
 
     InvalidConfig0 = ValidConfig0#{method => <<"delete">>},
     {ok, 400, _} = request(
-                    put,
-                    uri(PathPrefix ++ ["authentication", "password-based:http"]),
-                    InvalidConfig0),
+                     put,
+                     uri(PathPrefix ++ ["authentication", "password-based:http"]),
+                     InvalidConfig0),
 
     ValidConfig1 = ValidConfig0#{pool_size => 9},
     {ok, 200, _} = request(
-                    put,
-                    uri(PathPrefix ++ ["authentication", "password-based:http"]),
-                    ValidConfig1),
+                     put,
+                     uri(PathPrefix ++ ["authentication", "password-based:http"]),
+                     ValidConfig1),
 
     {ok, 404, _} = request(
-                    delete,
-                    uri(PathPrefix ++ ["authentication", "password-based:redis"])),
+                     delete,
+                     uri(PathPrefix ++ ["authentication", "password-based:redis"])),
 
     {ok, 204, _} = request(
-                    delete,
-                    uri(PathPrefix ++ ["authentication", "password-based:http"])),
+                     delete,
+                     uri(PathPrefix ++ ["authentication", "password-based:http"])),
 
     ?assertAuthenticatorsMatch([], PathPrefix ++ ["authentication"]).
 
 test_authenticator_users(PathPrefix) ->
+    UsersUri = uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "users"]),
+
     {ok, 200, _} = request(
-                    post,
-                    uri(PathPrefix ++ ["authentication"]),
-                    emqx_authn_test_lib:built_in_database_example()),
+                     post,
+                     uri(PathPrefix ++ ["authentication"]),
+                     emqx_authn_test_lib:built_in_database_example()),
 
     InvalidUsers = [
-        #{clientid => <<"u1">>, password => <<"p1">>},
-        #{user_id => <<"u2">>},
-        #{user_id => <<"u3">>, password => <<"p3">>, foobar => <<"foobar">>}],
+                    #{clientid => <<"u1">>, password => <<"p1">>},
+                    #{user_id => <<"u2">>},
+                    #{user_id => <<"u3">>, password => <<"p3">>, foobar => <<"foobar">>}],
 
     lists:foreach(
-        fun(User) ->
-            {ok, 400, _} = request(
-                            post,
-                            uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "users"]),
-                            User)
-        end,
-        InvalidUsers),
+      fun(User) -> {ok, 400, _} = request(post, UsersUri, User) end,
+      InvalidUsers),
 
 
     ValidUsers = [
-        #{user_id => <<"u1">>, password => <<"p1">>},
-        #{user_id => <<"u2">>, password => <<"p2">>, is_superuser => true},
-        #{user_id => <<"u3">>, password => <<"p3">>}],
+                  #{user_id => <<"u1">>, password => <<"p1">>},
+                  #{user_id => <<"u2">>, password => <<"p2">>, is_superuser => true},
+                  #{user_id => <<"u3">>, password => <<"p3">>}],
 
     lists:foreach(
-        fun(User) ->
-            {ok, 201, UserData} = request(
-                                post,
-                                uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "users"]),
-                                User),
-            CreatedUser = jiffy:decode(UserData, [return_maps]),
-            ?assertMatch(#{<<"user_id">> := _}, CreatedUser)
-
-        end,
-        ValidUsers),
-
-    {ok, 200, Page1Data} =
-        request(
-            get,
-            uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "users"]) ++ "?page=1&limit=2"),
+      fun(User) ->
+          {ok, 201, UserData} = request(post, UsersUri, User),
+          CreatedUser = jiffy:decode(UserData, [return_maps]),
+          ?assertMatch(#{<<"user_id">> := _}, CreatedUser)
+      end,
+      ValidUsers),
+
+    {ok, 200, Page1Data} = request(get, UsersUri ++ "?page=1&limit=2"),
 
     #{<<"data">> := Page1Users,
       <<"meta">> :=
-          #{<<"page">> := 1,
-            <<"limit">> := 2,
-            <<"count">> := 3}} =
-        jiffy:decode(Page1Data, [return_maps]),
+      #{<<"page">> := 1,
+        <<"limit">> := 2,
+        <<"count">> := 3}} =
+    jiffy:decode(Page1Data, [return_maps]),
 
-    {ok, 200, Page2Data} =
-        request(
-            get,
-            uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "users"]) ++ "?page=2&limit=2"),
+    {ok, 200, Page2Data} = request(get, UsersUri ++ "?page=2&limit=2"),
 
     #{<<"data">> := Page2Users,
       <<"meta">> :=
-          #{<<"page">> := 2,
-            <<"limit">> := 2,
-            <<"count">> := 3}} =
-        jiffy:decode(Page2Data, [return_maps]),
+      #{<<"page">> := 2,
+        <<"limit">> := 2,
+        <<"count">> := 3}} = jiffy:decode(Page2Data, [return_maps]),
 
     ?assertEqual(2, length(Page1Users)),
     ?assertEqual(1, length(Page2Users)),
 
     ?assertEqual(
-        [<<"u1">>, <<"u2">>, <<"u3">>],
-        lists:usort([ UserId || #{<<"user_id">> := UserId} <- Page1Users ++ Page2Users])).
+       [<<"u1">>, <<"u2">>, <<"u3">>],
+       lists:usort([ UserId || #{<<"user_id">> := UserId} <- Page1Users ++ Page2Users])).
 
 test_authenticator_user(PathPrefix) ->
+    UsersUri = uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "users"]),
+
     {ok, 200, _} = request(
-                        post,
-                        uri(PathPrefix ++ ["authentication"]),
-                        emqx_authn_test_lib:built_in_database_example()),
+                     post,
+                     uri(PathPrefix ++ ["authentication"]),
+                     emqx_authn_test_lib:built_in_database_example()),
 
     User = #{user_id => <<"u1">>, password => <<"p1">>},
-    {ok, 201, _} = request(
-                        post,
-                        uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "users"]),
-                        User),
+    {ok, 201, _} = request(post, UsersUri, User),
 
-    {ok, 404, _} = request(
-                        get,
-                        uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "users", "u123"])),
+    {ok, 404, _} = request(get, UsersUri ++ "/u123"),
 
-    {ok, 409, _} = request(
-                        post,
-                        uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "users"]),
-                        User),
+    {ok, 409, _} = request(post, UsersUri, User),
 
-    {ok, 200, UserData} = request(
-                            get,
-                            uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "users", "u1"])),
+    {ok, 200, UserData} = request(get, UsersUri ++ "/u1"),
 
     FetchedUser = jiffy:decode(UserData, [return_maps]),
     ?assertMatch(#{<<"user_id">> := <<"u1">>}, FetchedUser),
     ?assertNotMatch(#{<<"password">> := _}, FetchedUser),
 
     ValidUserUpdates = [
-        #{password => <<"p1">>},
-        #{password => <<"p1">>, is_superuser => true}],
+                        #{password => <<"p1">>},
+                        #{password => <<"p1">>, is_superuser => true}],
 
     lists:foreach(
-        fun(UserUpdate) ->
-            {ok, 200, _} = request(
-                            put,
-                            uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "users", "u1"]),
-                            UserUpdate)
-        end,
-        ValidUserUpdates),
+      fun(UserUpdate) -> {ok, 200, _} = request(put, UsersUri ++ "/u1", UserUpdate) end,
+      ValidUserUpdates),
 
     InvalidUserUpdates = [
-        #{user_id => <<"u1">>, password => <<"p1">>},
-        #{is_superuser => true}],
+                          #{user_id => <<"u1">>, password => <<"p1">>},
+                          #{is_superuser => true}],
 
     lists:foreach(
-        fun(UserUpdate) ->
-            {ok, 400, _} = request(
-                            put,
-                            uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "users", "u1"]),
-                            UserUpdate)
-        end,
-        InvalidUserUpdates),
+      fun(UserUpdate) -> {ok, 400, _} = request(put, UsersUri ++ "/u1", UserUpdate) end,
+      InvalidUserUpdates),
 
-    {ok, 404, _} = request(
-                    delete,
-                    uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "users", "u123"])),
-
-    {ok, 204, _} = request(
-                    delete,
-                    uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "users", "u1"])).
+    {ok, 404, _} = request(delete, UsersUri ++ "/u123"),
+    {ok, 204, _} = request(delete, UsersUri ++ "/u1").
 
 test_authenticator_move(PathPrefix) ->
     AuthenticatorConfs = [
-        emqx_authn_test_lib:http_example(),
-        emqx_authn_test_lib:jwt_example(),
-        emqx_authn_test_lib:built_in_database_example()
-    ],
+                          emqx_authn_test_lib:http_example(),
+                          emqx_authn_test_lib:jwt_example(),
+                          emqx_authn_test_lib:built_in_database_example()
+                         ],
 
     lists:foreach(
-        fun(Conf) ->
-            {ok, 200, _} = request(
-                            post,
-                            uri(PathPrefix ++ ["authentication"]),
-                            Conf)
-        end,
-        AuthenticatorConfs),
+      fun(Conf) ->
+              {ok, 200, _} = request(
+                               post,
+                               uri(PathPrefix ++ ["authentication"]),
+                               Conf)
+      end,
+      AuthenticatorConfs),
 
     ?assertAuthenticatorsMatch(
-        [
-            #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"http">>},
-            #{<<"mechanism">> := <<"jwt">>},
-            #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"built-in-database">>}
-        ],
-        PathPrefix ++ ["authentication"]),
+       [
+        #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"http">>},
+        #{<<"mechanism">> := <<"jwt">>},
+        #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"built-in-database">>}
+       ],
+       PathPrefix ++ ["authentication"]),
 
     % Invalid moves
 
     {ok, 400, _} = request(
-                    post,
-                    uri(PathPrefix ++ ["authentication", "jwt", "move"]),
-                    #{position => <<"up">>}),
+                     post,
+                     uri(PathPrefix ++ ["authentication", "jwt", "move"]),
+                     #{position => <<"up">>}),
 
     {ok, 400, _} = request(
-                    post,
-                    uri(PathPrefix ++ ["authentication", "jwt", "move"]),
-                    #{}),
+                     post,
+                     uri(PathPrefix ++ ["authentication", "jwt", "move"]),
+                     #{}),
 
     {ok, 404, _} = request(
-                    post,
-                    uri(PathPrefix ++ ["authentication", "jwt", "move"]),
-                    #{position => <<"before:invalid">>}),
+                     post,
+                     uri(PathPrefix ++ ["authentication", "jwt", "move"]),
+                     #{position => <<"before:invalid">>}),
 
     {ok, 404, _} = request(
-                    post,
-                    uri(PathPrefix ++ ["authentication", "jwt", "move"]),
-                    #{position => <<"before:password-based:redis">>}),
+                     post,
+                     uri(PathPrefix ++ ["authentication", "jwt", "move"]),
+                     #{position => <<"before:password-based:redis">>}),
 
     {ok, 404, _} = request(
-                    post,
-                    uri(PathPrefix ++ ["authentication", "jwt", "move"]),
-                    #{position => <<"before:password-based:redis">>}),
+                     post,
+                     uri(PathPrefix ++ ["authentication", "jwt", "move"]),
+                     #{position => <<"before:password-based:redis">>}),
 
     % Valid moves
 
     {ok, 204, _} = request(
-                    post,
-                    uri(PathPrefix ++ ["authentication", "jwt", "move"]),
-                    #{position => <<"top">>}),
+                     post,
+                     uri(PathPrefix ++ ["authentication", "jwt", "move"]),
+                     #{position => <<"top">>}),
 
     ?assertAuthenticatorsMatch(
-        [
-            #{<<"mechanism">> := <<"jwt">>},
-            #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"http">>},
-            #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"built-in-database">>}
-        ],
-        PathPrefix ++ ["authentication"]),
+       [
+        #{<<"mechanism">> := <<"jwt">>},
+        #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"http">>},
+        #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"built-in-database">>}
+       ],
+       PathPrefix ++ ["authentication"]),
 
     {ok, 204, _} = request(
-                    post,
-                    uri(PathPrefix ++ ["authentication", "jwt", "move"]),
-                    #{position => <<"bottom">>}),
+                     post,
+                     uri(PathPrefix ++ ["authentication", "jwt", "move"]),
+                     #{position => <<"bottom">>}),
 
     ?assertAuthenticatorsMatch(
-        [
-            #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"http">>},
-            #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"built-in-database">>},
-            #{<<"mechanism">> := <<"jwt">>}
-        ],
-        PathPrefix ++ ["authentication"]),
+       [
+        #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"http">>},
+        #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"built-in-database">>},
+        #{<<"mechanism">> := <<"jwt">>}
+       ],
+       PathPrefix ++ ["authentication"]),
 
     {ok, 204, _} = request(
-                    post,
-                    uri(PathPrefix ++ ["authentication", "jwt", "move"]),
-                    #{position => <<"before:password-based:built-in-database">>}),
+                     post,
+                     uri(PathPrefix ++ ["authentication", "jwt", "move"]),
+                     #{position => <<"before:password-based:built-in-database">>}),
 
     ?assertAuthenticatorsMatch(
-        [
-            #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"http">>},
-            #{<<"mechanism">> := <<"jwt">>},
-            #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"built-in-database">>}
-        ],
-        PathPrefix ++ ["authentication"]).
+       [
+        #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"http">>},
+        #{<<"mechanism">> := <<"jwt">>},
+        #{<<"mechanism">> := <<"password-based">>, <<"backend">> := <<"built-in-database">>}
+       ],
+       PathPrefix ++ ["authentication"]).
 
 test_authenticator_import_users(PathPrefix) ->
+    ImportUri = uri(
+                  PathPrefix ++
+                  ["authentication", "password-based:built-in-database", "import_users"]),
+
+
     {ok, 200, _} = request(
-                        post,
-                        uri(PathPrefix ++ ["authentication"]),
-                        emqx_authn_test_lib:built_in_database_example()),
+                     post,
+                     uri(PathPrefix ++ ["authentication"]),
+                     emqx_authn_test_lib:built_in_database_example()),
 
-    {ok, 400, _} = request(
-                        post,
-                        uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "import_users"]),
-                        #{}),
+    {ok, 400, _} = request(post, ImportUri, #{}),
 
-    {ok, 400, _} = request(
-                        post,
-                        uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "import_users"]),
-                        #{filename => <<"/etc/passwd">>}),
+    {ok, 400, _} = request(post, ImportUri, #{filename => <<"/etc/passwd">>}),
 
-    {ok, 400, _} = request(
-                        post,
-                        uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "import_users"]),
-                        #{filename => <<"/not_exists.csv">>}),
+    {ok, 400, _} = request(post, ImportUri, #{filename => <<"/not_exists.csv">>}),
 
     Dir = code:lib_dir(emqx_authn, test),
     JSONFileName = filename:join([Dir, <<"data/user-credentials.json">>]),
     CSVFileName = filename:join([Dir, <<"data/user-credentials.csv">>]),
 
-    {ok, 204, _} = request(
-                        post,
-                        uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "import_users"]),
-                        #{filename => JSONFileName}),
+    {ok, 204, _} = request(post, ImportUri, #{filename => JSONFileName}),
 
-    {ok, 204, _} = request(
-                        post,
-                        uri(PathPrefix ++ ["authentication", "password-based:built-in-database", "import_users"]),
-                        #{filename => CSVFileName}).
+    {ok, 204, _} = request(post, ImportUri, #{filename => CSVFileName}).
 
 %%------------------------------------------------------------------------------
 %% Helpers