fix: Facebook Limited Login not workind due to incorrect domain in JWT validation (#9120)

2024-05-16 09:11:02 +02:00
parent acea93c8a6
commit 0e92f765e4
2 changed files with 9 additions and 9 deletions
--- a/spec/AuthenticationAdapters.spec.js
+++ b/spec/AuthenticationAdapters.spec.js
@@ -2081,7 +2081,7 @@ describe('facebook limited auth adapter', () => {
  it('should use algorithm from key header to verify id_token', async () => {
    const fakeClaim = {
-      iss: 'https://facebook.com',
+      iss: 'https://www.facebook.com',
      aud: 'secret',
      exp: Date.now(),
      sub: 'the_user_id',
@@ -2145,7 +2145,7 @@ describe('facebook limited auth adapter', () => {
  it('(using client id as string) should verify id_token', async () => {
    const fakeClaim = {
-      iss: 'https://facebook.com',
+      iss: 'https://www.facebook.com',
      aud: 'secret',
      exp: Date.now(),
      sub: 'the_user_id',
@@ -2172,7 +2172,7 @@ describe('facebook limited auth adapter', () => {
  it('(using client id as array) should verify id_token', async () => {
    const fakeClaim = {
-      iss: 'https://facebook.com',
+      iss: 'https://www.facebook.com',
      aud: 'secret',
      exp: Date.now(),
      sub: 'the_user_id',
@@ -2199,7 +2199,7 @@ describe('facebook limited auth adapter', () => {
  it('(using client id as array with multiple items) should verify id_token', async () => {
    const fakeClaim = {
-      iss: 'https://facebook.com',
+      iss: 'https://www.facebook.com',
      aud: 'secret',
      exp: Date.now(),
      sub: 'the_user_id',
@@ -2250,7 +2250,7 @@ describe('facebook limited auth adapter', () => {
      fail();
    } catch (e) {
      expect(e.message).toBe(
-        'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com'
+        'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com'
      );
    }
  });
@@ -2286,7 +2286,7 @@ describe('facebook limited auth adapter', () => {
      fail();
    } catch (e) {
      expect(e.message).toBe(
-        'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com'
+        'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com'
      );
    }
  });
@@ -2320,7 +2320,7 @@ describe('facebook limited auth adapter', () => {
      fail();
    } catch (e) {
      expect(e.message).toBe(
-        'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com'
+        'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com'
      );
    }
  });
@@ -2378,7 +2378,7 @@ describe('facebook limited auth adapter', () => {
  it('should throw error with with invalid user id', async () => {
    const fakeClaim = {
-      iss: 'https://facebook.com',
+      iss: 'https://www.facebook.com',
      aud: 'invalid_client_id',
      sub: 'a_different_user_id',
    };
--- a/src/Adapters/Auth/facebook.js
+++ b/src/Adapters/Auth/facebook.js
@@ -7,7 +7,7 @@ const jwt = require('jsonwebtoken');
 const httpsRequest = require('./httpsRequest');
 const authUtils = require('./utils');
-const TOKEN_ISSUER = 'https://facebook.com';
+const TOKEN_ISSUER = 'https://www.facebook.com';
 function getAppSecretPath(authData, options = {}) {
  const appSecret = options.appSecret;