joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #478 from flovilmart/flovilmart.hotfix.facebook.appId.Validation

Browse Source 
Moved the proper facebook auth data validation
This commit is contained in:
Drew
2016-02-18 08:30:36 -08:00
parent b1ab388c96 d42b08055b
commit 19d17d8610
2 changed files with 2 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
src/facebook.js
View File

@@ -1,58 +0,0 @@
// Helper functions for accessing the Facebook Graph API.
var https = require('https');
var Parse = require('parse/node').Parse;
// Returns a promise that fulfills iff this user id is valid.
function validateAuthData(authData) {
return graphRequest('me?fields=id&access_token=' + authData.access_token)
.then((data) => {
if (data && data.id == authData.id) {
return;
}
throw new Parse.Error(
Parse.Error.OBJECT_NOT_FOUND,
'Facebook auth is invalid for this user.');
});
}
// Returns a promise that fulfills iff this app id is valid.
function validateAppId(appIds, authData) {
var access_token = authData.access_token;
if (!appIds.length) {
throw new Parse.Error(
Parse.Error.OBJECT_NOT_FOUND,
'Facebook auth is not configured.');
}
return graphRequest('app?access_token=' + access_token)
.then((data) => {
if (data && appIds.indexOf(data.id) != -1) {
return;
}
throw new Parse.Error(
Parse.Error.OBJECT_NOT_FOUND,
'Facebook auth is invalid for this user.');
});
}
// A promisey wrapper for FB graph requests.
function graphRequest(path) {
return new Promise(function(resolve, reject) {
https.get('https://graph.facebook.com/v2.5/' + path, function(res) {
var data = '';
res.on('data', function(chunk) {
data += chunk;
});
res.on('end', function() {
data = JSON.parse(data);
resolve(data);
});
}).on('error', function(e) {
reject('Failed to validate this access token with Facebook.');
});
});
}
module.exports = {
validateAppId: validateAppId,
validateAuthData: validateAuthData
};

3
src/oauth/facebook.js
View File

@@ -16,7 +16,8 @@ function validateAuthData(authData) {
} }
// Returns a promise that fulfills iff this app id is valid. // Returns a promise that fulfills iff this app id is valid.
function validateAppId(appIds, access_token) { function validateAppId(appIds, authData) {
var access_token = authData.access_token;
if (!appIds.length) { if (!appIds.length) {
throw new Parse.Error( throw new Parse.Error(
Parse.Error.OBJECT_NOT_FOUND, Parse.Error.OBJECT_NOT_FOUND,