joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/alpha' into alpha

Browse Source
This commit is contained in:
Manuel Trezza
2024-05-16 18:49:46 +02:00
parent 1a614433f5 b4739509f7
commit 76c3a74dcf
5 changed files with 19 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
changelogs/CHANGELOG_alpha.md
View File

@@ -1,3 +1,10 @@
# [7.1.0-alpha.7](https://github.com/parse-community/parse-server/compare/7.1.0-alpha.6...7.1.0-alpha.7) (2024-05-16)
### Bug Fixes
* Facebook Limited Login not working due to incorrect domain in JWT validation ([#9122](https://github.com/parse-community/parse-server/issues/9122)) ([9d0bd2b](https://github.com/parse-community/parse-server/commit/9d0bd2badd6e5f7429d1af00b118225752e5d86a))
# [7.1.0-alpha.6](https://github.com/parse-community/parse-server/compare/7.1.0-alpha.5...7.1.0-alpha.6) (2024-04-14) # [7.1.0-alpha.6](https://github.com/parse-community/parse-server/compare/7.1.0-alpha.5...7.1.0-alpha.6) (2024-04-14)

4
package-lock.json generated
View File

@@ -1,12 +1,12 @@
{ {
"name": "parse-server", "name": "parse-server",
"version": "7.1.0-alpha.6", "version": "7.1.0-alpha.7",
"lockfileVersion": 2, "lockfileVersion": 2,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"name": "parse-server", "name": "parse-server",
"version": "7.1.0-alpha.6", "version": "7.1.0-alpha.7",
"hasInstallScript": true, "hasInstallScript": true,
"license": "Apache-2.0", "license": "Apache-2.0",
"dependencies": { "dependencies": {

2
package.json
View File

@@ -1,6 +1,6 @@
{ {
"name": "parse-server", "name": "parse-server",
"version": "7.1.0-alpha.6", "version": "7.1.0-alpha.7",
"description": "An express module providing a Parse-compatible API server", "description": "An express module providing a Parse-compatible API server",
"main": "lib/index.js", "main": "lib/index.js",
"repository": { "repository": {

16
spec/AuthenticationAdapters.spec.js
View File

@@ -2047,7 +2047,7 @@ describe('facebook limited auth adapter', () => {
it('should use algorithm from key header to verify id_token', async () => { it('should use algorithm from key header to verify id_token', async () => {
const fakeClaim = { const fakeClaim = {
iss: 'https://facebook.com', iss: 'https://www.facebook.com',
aud: 'secret', aud: 'secret',
exp: Date.now(), exp: Date.now(),
sub: 'the_user_id', sub: 'the_user_id',
@@ -2097,7 +2097,7 @@ describe('facebook limited auth adapter', () => {
it('(using client id as string) should verify id_token', async () => { it('(using client id as string) should verify id_token', async () => {
const fakeClaim = { const fakeClaim = {
iss: 'https://facebook.com', iss: 'https://www.facebook.com',
aud: 'secret', aud: 'secret',
exp: Date.now(), exp: Date.now(),
sub: 'the_user_id', sub: 'the_user_id',
@@ -2117,7 +2117,7 @@ describe('facebook limited auth adapter', () => {
it('(using client id as array) should verify id_token', async () => { it('(using client id as array) should verify id_token', async () => {
const fakeClaim = { const fakeClaim = {
iss: 'https://facebook.com', iss: 'https://www.facebook.com',
aud: 'secret', aud: 'secret',
exp: Date.now(), exp: Date.now(),
sub: 'the_user_id', sub: 'the_user_id',
@@ -2137,7 +2137,7 @@ describe('facebook limited auth adapter', () => {
it('(using client id as array with multiple items) should verify id_token', async () => { it('(using client id as array with multiple items) should verify id_token', async () => {
const fakeClaim = { const fakeClaim = {
iss: 'https://facebook.com', iss: 'https://www.facebook.com',
aud: 'secret', aud: 'secret',
exp: Date.now(), exp: Date.now(),
sub: 'the_user_id', sub: 'the_user_id',
@@ -2174,7 +2174,7 @@ describe('facebook limited auth adapter', () => {
fail(); fail();
} catch (e) { } catch (e) {
expect(e.message).toBe( expect(e.message).toBe(
'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com' 'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com'
); );
} }
}); });
@@ -2203,7 +2203,7 @@ describe('facebook limited auth adapter', () => {
fail(); fail();
} catch (e) { } catch (e) {
expect(e.message).toBe( expect(e.message).toBe(
'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com' 'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com'
); );
} }
}); });
@@ -2230,7 +2230,7 @@ describe('facebook limited auth adapter', () => {
fail(); fail();
} catch (e) { } catch (e) {
expect(e.message).toBe( expect(e.message).toBe(
'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com' 'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com'
); );
} }
}); });
@@ -2288,7 +2288,7 @@ describe('facebook limited auth adapter', () => {
it('should throw error with with invalid user id', async () => { it('should throw error with with invalid user id', async () => {
const fakeClaim = { const fakeClaim = {
iss: 'https://facebook.com', iss: 'https://www.facebook.com',
aud: 'invalid_client_id', aud: 'invalid_client_id',
sub: 'a_different_user_id', sub: 'a_different_user_id',
}; };

2
src/Adapters/Auth/facebook.js
View File

@@ -6,7 +6,7 @@ const jwt = require('jsonwebtoken');
const httpsRequest = require('./httpsRequest'); const httpsRequest = require('./httpsRequest');
const authUtils = require('./utils'); const authUtils = require('./utils');
const TOKEN_ISSUER = 'https://facebook.com'; const TOKEN_ISSUER = 'https://www.facebook.com';
function getAppSecretPath(authData, options = {}) { function getAppSecretPath(authData, options = {}) {
const appSecret = options.appSecret; const appSecret = options.appSecret;