feat: Deprecation DEPPS6: Authentication adapters disabled by default (#8858)

BREAKING CHANGE: Authentication adapters are disabled by default; to use an authentication adapter it needs to be explicitly enabled in the Parse Server authentication adapter option `auth.<provider>.enabled: true`
2024-02-15 03:28:09 +03:00
parent 0e9b6d69ef
commit 0cf58eb8d6
5 changed files with 3 additions and 24 deletions
--- a/DEPRECATIONS.md
+++ b/DEPRECATIONS.md
@@ -9,7 +9,7 @@ The following is a list of deprecations, according to the [Deprecation Policy](h
 | DEPPS3 | Config option `enforcePrivateUsers` defaults to `true` | [#7319](https://github.com/parse-community/parse-server/pull/7319)   | 5.0.0 (2022)                    | 6.0.0 (2023)                    | removed            | -     |
 | DEPPS4 | Remove convenience method for http request `Parse.Cloud.httpRequest` | [#7589](https://github.com/parse-community/parse-server/pull/7589)   | 5.0.0 (2022)                    | 6.0.0 (2023)                    | removed            | -     |
 | DEPPS5 | Config option `allowClientClassCreation` defaults to `false` | [#7925](https://github.com/parse-community/parse-server/pull/7925)   | 5.3.0 (2022)                    | 7.0.0 (2024)                    | deprecated            | -     |
-| DEPPS6 | Auth providers disabled by default | [#7953](https://github.com/parse-community/parse-server/pull/7953)   | 5.3.0 (2022)                    | 7.0.0 (2024)                    | deprecated            | -     |
+| DEPPS6 | Auth providers disabled by default | [#7953](https://github.com/parse-community/parse-server/pull/7953)   | 5.3.0 (2022)                    | 7.0.0 (2024)                    | removed            | -     |
 | DEPPS7 | Remove file trigger syntax `Parse.Cloud.beforeSaveFile((request) => {})` | [#7966](https://github.com/parse-community/parse-server/pull/7966)   | 5.3.0 (2022)                    | 7.0.0 (2024)                    | removed            | -     |
 | DEPPS8 | Login with expired 3rd party authentication token defaults to `false` | [#7079](https://github.com/parse-community/parse-server/pull/7079)   | 5.3.0 (2022)                    | 7.0.0 (2024)                    | removed            | -     |
 | DEPPS9 | Rename LiveQuery `fields` option to `keys` | [#8389](https://github.com/parse-community/parse-server/issues/8389)   | 6.0.0 (2023)                    | 7.0.0 (2024)                    | removed            | -     |
--- a/spec/AuthenticationAdapters.spec.js
+++ b/spec/AuthenticationAdapters.spec.js
@@ -589,20 +589,6 @@ describe('AuthenticationProviders', function () {
      new Parse.Error(Parse.Error.UNSUPPORTED_SERVICE, 'This authentication method is unsupported.')
    );
  });
-
-  it('can deprecate', async () => {
-    await reconfigureServer();
-    const Deprecator = require('../lib/Deprecator/Deprecator');
-    const spy = spyOn(Deprecator, 'logRuntimeDeprecation').and.callFake(() => {});
-    const provider = getMockMyOauthProvider();
-    Parse.User._registerAuthenticationProvider(provider);
-    await Parse.User._logInWith('myoauth');
-    expect(spy).toHaveBeenCalledWith({
-      usage: 'Using the authentication adapter "myoauth" without explicitly enabling it',
-      solution:
-        'Enable the authentication adapter by setting the Parse Server option "auth.myoauth.enabled: true".',
-    });
-  });
 });

 describe('instagram auth adapter', () => {
--- a/src/Auth.js
+++ b/src/Auth.js
@@ -1,7 +1,6 @@
 const Parse = require('parse/node');
 import { isDeepStrictEqual } from 'util';
 import { getRequestObject, resolveError } from './triggers';
-import Deprecator from './Deprecator/Deprecator';
 import { logger } from './logger';
 import RestQuery from './RestQuery';
 import RestWrite from './RestWrite';
@@ -523,12 +522,6 @@ const handleAuthDataValidation = async (authData, req, foundUser) => {
      }
      const { validator } = req.config.authDataManager.getValidatorForProvider(provider);
      const authProvider = (req.config.auth || {})[provider] || {};
-      if (authProvider.enabled == null) {
-        Deprecator.logRuntimeDeprecation({
-          usage: `Using the authentication adapter "${provider}" without explicitly enabling it`,
-          solution: `Enable the authentication adapter by setting the Parse Server option "auth.${provider}.enabled: true".`,
-        });
-      }
      if (!validator || authProvider.enabled === false) {
        throw new Parse.Error(
          Parse.Error.UNSUPPORTED_SERVICE,
--- a/src/Options/Definitions.js
+++ b/src/Options/Definitions.js
@@ -1046,7 +1046,7 @@ module.exports.AuthAdapter = {
  enabled: {
    help: 'Is `true` if the auth adapter is enabled, `false` otherwise.',
    action: parsers.booleanParser,
-    default: true,
+    default: false,
  },
 };
 module.exports.LogLevels = {
--- a/src/Options/index.js
+++ b/src/Options/index.js
@@ -600,7 +600,7 @@ export interface DatabaseOptions {

 export interface AuthAdapter {
  /* Is `true` if the auth adapter is enabled, `false` otherwise.
-  :DEFAULT: true
+  :DEFAULT: false
  :ENV:
  */
  enabled: ?boolean;