joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update gcenter.js

Browse Source
This commit is contained in:
Manuel Trezza
2022-06-17 17:30:54 +02:00
parent c411c48d49
commit 53afafa13f
1 changed files with 17 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/Adapters/Auth/gcenter.js
View File

@@ -56,8 +56,9 @@ async function getAppleCertificate(publicKeyUrl) {
const cert_headers = await new Promise((resolve, reject) => const cert_headers = await new Promise((resolve, reject) =>
https.get(headOptions, res => resolve(res.headers)).on('error', reject) https.get(headOptions, res => resolve(res.headers)).on('error', reject)
); );
const validContentTypes = ['application/x-x509-ca-cert', 'application/pkix-cert'];
if ( if (
cert_headers['content-type'] !== 'application/pkix-cert' || !validContentTypes.includes(cert_headers['content-type']) ||
cert_headers['content-length'] == null || cert_headers['content-length'] == null ||
cert_headers['content-length'] > 10000 cert_headers['content-length'] > 10000
) { ) {
@@ -132,7 +133,10 @@ function verifySignature(publicKey, authData) {
function verifyPublicKeyIssuer(cert, publicKeyUrl) { function verifyPublicKeyIssuer(cert, publicKeyUrl) {
const publicKeyCert = pki.certificateFromPem(cert); const publicKeyCert = pki.certificateFromPem(cert);
if (!ca.cert) { if (!ca.cert) {
throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Apple Game Center auth adapter parameter `rootCertificateURL` is invalid.'); throw new Parse.Error(
Parse.Error.OBJECT_NOT_FOUND,
'Apple Game Center auth adapter parameter `rootCertificateURL` is invalid.'
);
} }
try { try {
if (!ca.cert.verify(publicKeyCert)) { if (!ca.cert.verify(publicKeyCert)) {
@@ -163,7 +167,8 @@ async function validateAuthData(authData) {
// Returns a promise that fulfills if this app id is valid. // Returns a promise that fulfills if this app id is valid.
async function validateAppId(appIds, authData, options = {}) { async function validateAppId(appIds, authData, options = {}) {
if (!options.rootCertificateUrl) { if (!options.rootCertificateUrl) {
options.rootCertificateUrl = 'https://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt.pem' options.rootCertificateUrl =
'https://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt.pem';
} }
if (ca.url === options.rootCertificateUrl) { if (ca.url === options.rootCertificateUrl) {
return; return;
@@ -174,10 +179,13 @@ async function validateAppId(appIds, authData, options = {}) {
headers['content-length'] == null || headers['content-length'] == null ||
headers['content-length'] > 10000 headers['content-length'] > 10000
) { ) {
throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Apple Game Center auth adapter parameter `rootCertificateURL` is invalid.'); throw new Parse.Error(
Parse.Error.OBJECT_NOT_FOUND,
'Apple Game Center auth adapter parameter `rootCertificateURL` is invalid.'
);
} }
ca.cert = pki.certificateFromPem(certificate); ca.cert = pki.certificateFromPem(certificate);
ca.url = options.rootCertificateUrl ca.url = options.rootCertificateUrl;
} }
module.exports = { module.exports = {