Merge remote-tracking branch 'upstream/alpha' into alpha

2024-05-16 18:49:46 +02:00
parent 1a614433f5 b4739509f7
commit 76c3a74dcf
5 changed files with 19 additions and 12 deletions
--- a/changelogs/CHANGELOG_alpha.md
+++ b/changelogs/CHANGELOG_alpha.md
@@ -1,3 +1,10 @@
+# [7.1.0-alpha.7](https://github.com/parse-community/parse-server/compare/7.1.0-alpha.6...7.1.0-alpha.7) (2024-05-16)
+
+
+### Bug Fixes
+
+* Facebook Limited Login not working due to incorrect domain in JWT validation ([#9122](https://github.com/parse-community/parse-server/issues/9122)) ([9d0bd2b](https://github.com/parse-community/parse-server/commit/9d0bd2badd6e5f7429d1af00b118225752e5d86a))
+
 # [7.1.0-alpha.6](https://github.com/parse-community/parse-server/compare/7.1.0-alpha.5...7.1.0-alpha.6) (2024-04-14)


--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
  "name": "parse-server",
-  "version": "7.1.0-alpha.6",
+  "version": "7.1.0-alpha.7",
  "lockfileVersion": 2,
  "requires": true,
  "packages": {
    "": {
      "name": "parse-server",
-      "version": "7.1.0-alpha.6",
+      "version": "7.1.0-alpha.7",
      "hasInstallScript": true,
      "license": "Apache-2.0",
      "dependencies": {
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "parse-server",
-  "version": "7.1.0-alpha.6",
+  "version": "7.1.0-alpha.7",
  "description": "An express module providing a Parse-compatible API server",
  "main": "lib/index.js",
  "repository": {
--- a/spec/AuthenticationAdapters.spec.js
+++ b/spec/AuthenticationAdapters.spec.js
@@ -2047,7 +2047,7 @@ describe('facebook limited auth adapter', () => {

  it('should use algorithm from key header to verify id_token', async () => {
    const fakeClaim = {
-      iss: 'https://facebook.com',
+      iss: 'https://www.facebook.com',
      aud: 'secret',
      exp: Date.now(),
      sub: 'the_user_id',
@@ -2097,7 +2097,7 @@ describe('facebook limited auth adapter', () => {

  it('(using client id as string) should verify id_token', async () => {
    const fakeClaim = {
-      iss: 'https://facebook.com',
+      iss: 'https://www.facebook.com',
      aud: 'secret',
      exp: Date.now(),
      sub: 'the_user_id',
@@ -2117,7 +2117,7 @@ describe('facebook limited auth adapter', () => {

  it('(using client id as array) should verify id_token', async () => {
    const fakeClaim = {
-      iss: 'https://facebook.com',
+      iss: 'https://www.facebook.com',
      aud: 'secret',
      exp: Date.now(),
      sub: 'the_user_id',
@@ -2137,7 +2137,7 @@ describe('facebook limited auth adapter', () => {

  it('(using client id as array with multiple items) should verify id_token', async () => {
    const fakeClaim = {
-      iss: 'https://facebook.com',
+      iss: 'https://www.facebook.com',
      aud: 'secret',
      exp: Date.now(),
      sub: 'the_user_id',
@@ -2174,7 +2174,7 @@ describe('facebook limited auth adapter', () => {
      fail();
    } catch (e) {
      expect(e.message).toBe(
-        'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com'
+        'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com'
      );
    }
  });
@@ -2203,7 +2203,7 @@ describe('facebook limited auth adapter', () => {
      fail();
    } catch (e) {
      expect(e.message).toBe(
-        'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com'
+        'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com'
      );
    }
  });
@@ -2230,7 +2230,7 @@ describe('facebook limited auth adapter', () => {
      fail();
    } catch (e) {
      expect(e.message).toBe(
-        'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com'
+        'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com'
      );
    }
  });
@@ -2288,7 +2288,7 @@ describe('facebook limited auth adapter', () => {

  it('should throw error with with invalid user id', async () => {
    const fakeClaim = {
-      iss: 'https://facebook.com',
+      iss: 'https://www.facebook.com',
      aud: 'invalid_client_id',
      sub: 'a_different_user_id',
    };
--- a/src/Adapters/Auth/facebook.js
+++ b/src/Adapters/Auth/facebook.js
@@ -6,7 +6,7 @@ const jwt = require('jsonwebtoken');
 const httpsRequest = require('./httpsRequest');
 const authUtils = require('./utils');

-const TOKEN_ISSUER = 'https://facebook.com';
+const TOKEN_ISSUER = 'https://www.facebook.com';

 function getAppSecretPath(authData, options = {}) {
  const appSecret = options.appSecret;