fix(AuthAdapters): Do not revalidate auth data if hasn't changed (#3867) (#3872)

* Adds test for #3867 * Always Skip authData validation when nothing is mutated
2017-05-28 17:50:16 -04:00
parent 38a525ba5f
commit 57efd89b3d
2 changed files with 68 additions and 11 deletions
--- a/spec/ParseUser.spec.js
+++ b/spec/ParseUser.spec.js
@@ -1730,6 +1730,57 @@ describe('Parse.User testing', () => {
    });
  });

+  it('should allow PUT request with stale auth Data', (done) => {
+    const provider = {
+      authData: {
+        id: '12345',
+        access_token: 'token'
+      },
+      restoreAuthentication: function() {
+        return true;
+      },
+      deauthenticate: function() {
+        provider.authData = {};
+      },
+      authenticate: function(options) {
+        options.success(this, provider.authData);
+      },
+      getAuthType: function() {
+        return "shortLivedAuth";
+      }
+    }
+    defaultConfiguration.auth.shortLivedAuth.setValidAccessToken('token');
+    Parse.User._registerAuthenticationProvider(provider);
+    Parse.User._logInWith("shortLivedAuth", {}).then(() => {
+      // Simulate a remotely expired token (like a short lived one)
+      // In this case, we want success as it was valid once.
+      // If the client needs an updated one, do lock the user out
+      defaultConfiguration.auth.shortLivedAuth.setValidAccessToken('otherToken');
+      return rp.put({
+        url: Parse.serverURL + '/users/' + Parse.User.current().id,
+        headers: {
+          'X-Parse-Application-Id': Parse.applicationId,
+          'X-Parse-Javascript-Key': Parse.javaScriptKey,
+          'X-Parse-Session-Token': Parse.User.current().getSessionToken(),
+          'Content-Type': 'application/json'
+        },
+        json: {
+          key: 'value', // update a key
+          authData: { // pass the original auth data
+            shortLivedAuth: {
+              id: '12345',
+              access_token: 'token'
+            }
+          }
+        }
+      })
+    }).then(() => {
+      done();
+    }, (err) => {
+      done.fail(err);
+    });
+  });
+
  it('should properly error when password is missing', (done) => {
    var provider = getMockFacebookProvider();
    Parse.User._registerAuthenticationProvider(provider);