joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix: Linking with Apple Auth (#5755)

Browse Source 
Rename from apple-signin to apple (key names can't have hyphens
Rename id_token to id (auth adapters require id)
This commit is contained in:
Diamond Lewis
2019-07-03 16:28:29 -05:00
committed by GitHub
parent d33fb677be
commit 3a7b0c4c75
3 changed files with 17 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
spec/AuthenticationAdapters.spec.js
View File

@@ -17,7 +17,7 @@ const responses = {
describe('AuthenticationProviders', function() { describe('AuthenticationProviders', function() {
[ [
'apple-signin', 'apple',
'facebook', 'facebook',
'facebookaccountkit', 'facebookaccountkit',
'github', 'github',
@@ -51,7 +51,7 @@ describe('AuthenticationProviders', function() {
}); });
it(`should provide the right responses for adapter ${providerName}`, async () => { it(`should provide the right responses for adapter ${providerName}`, async () => {
if (providerName === 'twitter' || providerName === 'apple-signin') { if (providerName === 'twitter' || providerName === 'apple') {
return; return;
} }
spyOn(require('../lib/Adapters/Auth/httpsRequest'), 'get').and.callFake( spyOn(require('../lib/Adapters/Auth/httpsRequest'), 'get').and.callFake(
@@ -1087,7 +1087,7 @@ describe('oauth2 auth adapter', () => {
}); });
describe('apple signin auth adapter', () => { describe('apple signin auth adapter', () => {
const apple = require('../lib/Adapters/Auth/apple-signin'); const apple = require('../lib/Adapters/Auth/apple');
const jwt = require('jsonwebtoken'); const jwt = require('jsonwebtoken');
it('should throw error with missing id_token', async () => { it('should throw error with missing id_token', async () => {
@@ -1095,14 +1095,14 @@ describe('apple signin auth adapter', () => {
await apple.validateAuthData({}, { client_id: 'secret' }); await apple.validateAuthData({}, { client_id: 'secret' });
fail(); fail();
} catch (e) { } catch (e) {
expect(e.message).toBe('id_token is invalid for this user.'); expect(e.message).toBe('id token is invalid for this user.');
} }
}); });
it('should not verify invalid id_token', async () => { it('should not verify invalid id_token', async () => {
try { try {
await apple.validateAuthData( await apple.validateAuthData(
{ id_token: 'the_token' }, { id: 'the_token' },
{ client_id: 'secret' } { client_id: 'secret' }
); );
fail(); fail();
@@ -1120,7 +1120,7 @@ describe('apple signin auth adapter', () => {
spyOn(jwt, 'verify').and.callFake(() => fakeClaim); spyOn(jwt, 'verify').and.callFake(() => fakeClaim);
const result = await apple.validateAuthData( const result = await apple.validateAuthData(
{ id_token: 'the_token' }, { id: 'the_token' },
{ client_id: 'secret' } { client_id: 'secret' }
); );
expect(result).toEqual(fakeClaim); expect(result).toEqual(fakeClaim);
@@ -1134,13 +1134,13 @@ describe('apple signin auth adapter', () => {
try { try {
await apple.validateAuthData( await apple.validateAuthData(
{ id_token: 'the_token' }, { id: 'the_token' },
{ client_id: 'secret' } { client_id: 'secret' }
); );
fail(); fail();
} catch (e) { } catch (e) {
expect(e.message).toBe( expect(e.message).toBe(
'id_token not issued by correct OpenID provider - expected: https://appleid.apple.com | from: https://not.apple.com' 'id token not issued by correct OpenID provider - expected: https://appleid.apple.com | from: https://not.apple.com'
); );
} }
}); });
@@ -1154,7 +1154,7 @@ describe('apple signin auth adapter', () => {
try { try {
await apple.validateAuthData( await apple.validateAuthData(
{ id_token: 'the_token' }, { id: 'the_token' },
{ client_id: 'secret' } { client_id: 'secret' }
); );
fail(); fail();

12
src/Adapters/Auth/apple-signin.js → src/Adapters/Auth/apple.js
View File

@@ -21,7 +21,7 @@ const verifyIdToken = async (token, clientID) => {
if (!token) { if (!token) {
throw new Parse.Error( throw new Parse.Error(
Parse.Error.OBJECT_NOT_FOUND, Parse.Error.OBJECT_NOT_FOUND,
'id_token is invalid for this user.' 'id token is invalid for this user.'
); );
} }
const applePublicKey = await getApplePublicKey(); const applePublicKey = await getApplePublicKey();
@@ -30,7 +30,7 @@ const verifyIdToken = async (token, clientID) => {
if (jwtClaims.iss !== TOKEN_ISSUER) { if (jwtClaims.iss !== TOKEN_ISSUER) {
throw new Parse.Error( throw new Parse.Error(
Parse.Error.OBJECT_NOT_FOUND, Parse.Error.OBJECT_NOT_FOUND,
`id_token not issued by correct OpenID provider - expected: ${TOKEN_ISSUER} | from: ${jwtClaims.iss}` `id token not issued by correct OpenID provider - expected: ${TOKEN_ISSUER} | from: ${jwtClaims.iss}`
); );
} }
if (clientID !== undefined && jwtClaims.aud !== clientID) { if (clientID !== undefined && jwtClaims.aud !== clientID) {
@@ -42,9 +42,9 @@ const verifyIdToken = async (token, clientID) => {
return jwtClaims; return jwtClaims;
}; };
// Returns a promise that fulfills if this id_token is valid // Returns a promise that fulfills if this id token is valid
function validateAuthData(authData, options = {}) { function validateAuthData(authData, options = {}) {
return verifyIdToken(authData.id_token, options.client_id); return verifyIdToken(authData.id, options.client_id);
} }
// Returns a promise that fulfills if this app id is valid. // Returns a promise that fulfills if this app id is valid.
@@ -53,6 +53,6 @@ function validateAppId() {
} }
module.exports = { module.exports = {
validateAppId: validateAppId, validateAppId,
validateAuthData: validateAuthData, validateAuthData,
}; };

2
src/Adapters/Auth/index.js
View File

@@ -1,5 +1,6 @@
import loadAdapter from '../AdapterLoader'; import loadAdapter from '../AdapterLoader';
const apple = require('./apple');
const facebook = require('./facebook'); const facebook = require('./facebook');
const facebookaccountkit = require('./facebookaccountkit'); const facebookaccountkit = require('./facebookaccountkit');
const instagram = require('./instagram'); const instagram = require('./instagram');
@@ -28,6 +29,7 @@ const anonymous = {
}; };
const providers = { const providers = {
apple,
facebook, facebook,
facebookaccountkit, facebookaccountkit,
instagram, instagram,