Remove Facebook AccountKit auth (#6870)

* Remove Facebook AccountKit auth

Account Kit services are no longer available.

https://developers.facebook.com/blog/post/2019/09/09/account-kit-services-no-longer-available-starting-march/

https://www.sinch.com/blog/facebook-account-kit-is-closing-down-are-your-apps-covered/

* remove flaky test

spec/AuthenticationAdapters.spec.js

@@ -25,7 +25,6 @@ describe('AuthenticationProviders', function () {
     'gcenter',
     'gpgames',
     'facebook',
-    'facebookaccountkit',
     'github',
     'instagram',
     'google',
@@ -43,7 +42,7 @@ describe('AuthenticationProviders', function () {
     'phantauth',
     'microsoft',
   ].map(function (providerName) {
-    it('Should validate structure of ' + providerName, (done) => {
+    it('Should validate structure of ' + providerName, done => {
       const provider = require('../lib/Adapters/Auth/' + providerName);
       jequal(typeof provider.validateAuthData, 'function');
       jequal(typeof provider.validateAppId, 'function');
@@ -71,7 +70,7 @@ describe('AuthenticationProviders', function () {
         return;
       }
       spyOn(require('../lib/Adapters/Auth/httpsRequest'), 'get').and.callFake(
-        (options) => {
+        options => {
           if (
             options ===
             'https://oauth.vk.com/access_token?client_id=appId&client_secret=appSecret&v=5.59&grant_type=client_credentials'
@@ -175,7 +174,7 @@ describe('AuthenticationProviders', function () {
       body: jsonBody,
     };
     return request(options)
-      .then((response) => {
+      .then(response => {
         if (callback) {
           callback(null, response, response.data);
         }
@@ -184,7 +183,7 @@ describe('AuthenticationProviders', function () {
           body: response.data,
         };
       })
-      .catch((error) => {
+      .catch(error => {
         if (callback) {
           callback(error);
         }
@@ -192,7 +191,7 @@ describe('AuthenticationProviders', function () {
       });
   };
 
-  it('should create user with REST API', (done) => {
+  it('should create user with REST API', done => {
     createOAuthUser((error, response, body) => {
       expect(error).toBe(null);
       const b = body;
@@ -203,7 +202,7 @@ describe('AuthenticationProviders', function () {
       const q = new Parse.Query('_Session');
       q.equalTo('sessionToken', sessionToken);
       q.first({ useMasterKey: true })
-        .then((res) => {
+        .then(res => {
           if (!res) {
             fail('should not fail fetching the session');
             done();
@@ -219,7 +218,7 @@ describe('AuthenticationProviders', function () {
     });
   });
 
-  it('should only create a single user with REST API', (done) => {
+  it('should only create a single user with REST API', done => {
     let objectId;
     createOAuthUser((error, response, body) => {
       expect(error).toBe(null);
@@ -239,9 +238,9 @@ describe('AuthenticationProviders', function () {
     });
   });
 
-  it("should fail to link if session token don't match user", (done) => {
+  it("should fail to link if session token don't match user", done => {
     Parse.User.signUp('myUser', 'password')
-      .then((user) => {
+      .then(user => {
         return createOAuthUserWithSessionToken(user.getSessionToken());
       })
       .then(() => {
@@ -250,7 +249,7 @@ describe('AuthenticationProviders', function () {
       .then(() => {
         return Parse.User.signUp('myUser2', 'password');
       })
-      .then((user) => {
+      .then(user => {
         return createOAuthUserWithSessionToken(user.getSessionToken());
       })
       .then(fail, ({ data }) => {
@@ -330,7 +329,7 @@ describe('AuthenticationProviders', function () {
     expect(typeof authAdapter.validateAppId).toBe('function');
   }
 
-  it('properly loads custom adapter', (done) => {
+  it('properly loads custom adapter', done => {
     const validAuthData = {
       id: 'hello',
       token: 'world',
@@ -370,14 +369,14 @@ describe('AuthenticationProviders', function () {
         expect(appIdSpy).not.toHaveBeenCalled();
         done();
       },
-      (err) => {
+      err => {
         jfail(err);
         done();
       }
     );
   });
 
-  it('properly loads custom adapter module object', (done) => {
+  it('properly loads custom adapter module object', done => {
     const authenticationHandler = authenticationLoader({
       customAuthentication: path.resolve('./spec/support/CustomAuth.js'),
     });
@@ -394,14 +393,14 @@ describe('AuthenticationProviders', function () {
       () => {
         done();
       },
-      (err) => {
+      err => {
         jfail(err);
         done();
       }
     );
   });
 
-  it('properly loads custom adapter module object (again)', (done) => {
+  it('properly loads custom adapter module object (again)', done => {
     const authenticationHandler = authenticationLoader({
       customAuthentication: {
         module: path.resolve('./spec/support/CustomAuthFunction.js'),
@@ -421,7 +420,7 @@ describe('AuthenticationProviders', function () {
       () => {
         done();
       },
-      (err) => {
+      err => {
         jfail(err);
         done();
       }
@@ -512,84 +511,6 @@ describe('AuthenticationProviders', function () {
     expect(appIds).toEqual(['a', 'b']);
     expect(providerOptions).toEqual(options.custom);
   });
-
-  it('properly loads Facebook accountkit adapter with options', () => {
-    const options = {
-      facebookaccountkit: {
-        appIds: ['a', 'b'],
-        appSecret: 'secret',
-      },
-    };
-    const {
-      adapter,
-      appIds,
-      providerOptions,
-    } = authenticationLoader.loadAuthAdapter('facebookaccountkit', options);
-    validateAuthenticationAdapter(adapter);
-    expect(appIds).toEqual(['a', 'b']);
-    expect(providerOptions.appSecret).toEqual('secret');
-  });
-
-  it('should fail if Facebook appIds is not configured properly', (done) => {
-    const options = {
-      facebookaccountkit: {
-        appIds: [],
-      },
-    };
-    const { adapter, appIds } = authenticationLoader.loadAuthAdapter(
-      'facebookaccountkit',
-      options
-    );
-    adapter.validateAppId(appIds).then(done.fail, (err) => {
-      expect(err.code).toBe(Parse.Error.OBJECT_NOT_FOUND);
-      done();
-    });
-  });
-
-  it('should fail to validate Facebook accountkit auth with bad token', (done) => {
-    const options = {
-      facebookaccountkit: {
-        appIds: ['a', 'b'],
-      },
-    };
-    const authData = {
-      id: 'fakeid',
-      access_token: 'badtoken',
-    };
-    const { adapter } = authenticationLoader.loadAuthAdapter(
-      'facebookaccountkit',
-      options
-    );
-    adapter.validateAuthData(authData).then(done.fail, (err) => {
-      expect(err.code).toBe(190);
-      expect(err.type).toBe('OAuthException');
-      done();
-    });
-  });
-
-  it('should fail to validate Facebook accountkit auth with bad token regardless of app secret proof', (done) => {
-    const options = {
-      facebookaccountkit: {
-        appIds: ['a', 'b'],
-        appSecret: 'badsecret',
-      },
-    };
-    const authData = {
-      id: 'fakeid',
-      access_token: 'badtoken',
-    };
-    const { adapter, providerOptions } = authenticationLoader.loadAuthAdapter(
-      'facebookaccountkit',
-      options
-    );
-    adapter
-      .validateAuthData(authData, providerOptions)
-      .then(done.fail, (err) => {
-        expect(err.code).toBe(190);
-        expect(err.type).toBe('OAuthException');
-        done();
-      });
-  });
 });
 
 describe('instagram auth adapter', () => {
@@ -1653,13 +1574,13 @@ describe('microsoft graph auth adapter', () => {
     });
   });
 
-  it('should fail to validate Microsoft Graph auth with bad token', (done) => {
+  it('should fail to validate Microsoft Graph auth with bad token', done => {
     const authData = {
       id: 'fake-id',
       mail: 'fake@mail.com',
       access_token: 'very.long.bad.token',
     };
-    microsoft.validateAuthData(authData).then(done.fail, (err) => {
+    microsoft.validateAuthData(authData).then(done.fail, err => {
       expect(err.code).toBe(101);
       expect(err.message).toBe(
         'Microsoft Graph auth is invalid for this user.'

src/Adapters/Auth/facebookaccountkit.js

@@ -1,60 +0,0 @@
-const crypto = require('crypto');
-const httpsRequest = require('./httpsRequest');
-const Parse = require('parse/node').Parse;
-
-const graphRequest = path => {
-  return httpsRequest.get(`https://graph.accountkit.com/v1.1/${path}`);
-};
-
-function getRequestPath(authData, options) {
-  const access_token = authData.access_token,
-    appSecret = options && options.appSecret;
-  if (appSecret) {
-    const appsecret_proof = crypto
-      .createHmac('sha256', appSecret)
-      .update(access_token)
-      .digest('hex');
-    return `me?access_token=${access_token}&appsecret_proof=${appsecret_proof}`;
-  }
-  return `me?access_token=${access_token}`;
-}
-
-function validateAppId(appIds, authData, options) {
-  if (!appIds.length) {
-    return Promise.reject(
-      new Parse.Error(
-        Parse.Error.OBJECT_NOT_FOUND,
-        'Facebook app id for Account Kit is not configured.'
-      )
-    );
-  }
-  return graphRequest(getRequestPath(authData, options)).then(data => {
-    if (data && data.application && appIds.indexOf(data.application.id) != -1) {
-      return;
-    }
-    throw new Parse.Error(
-      Parse.Error.OBJECT_NOT_FOUND,
-      'Facebook app id for Account Kit is invalid for this user.'
-    );
-  });
-}
-
-function validateAuthData(authData, options) {
-  return graphRequest(getRequestPath(authData, options)).then(data => {
-    if (data && data.error) {
-      throw data.error;
-    }
-    if (data && data.id == authData.id) {
-      return;
-    }
-    throw new Parse.Error(
-      Parse.Error.OBJECT_NOT_FOUND,
-      'Facebook Account Kit auth is invalid for this user.'
-    );
-  });
-}
-
-module.exports = {
-  validateAppId,
-  validateAuthData,
-};

src/Adapters/Auth/index.js

@@ -4,7 +4,6 @@ const apple = require('./apple');
 const gcenter = require('./gcenter');
 const gpgames = require('./gpgames');
 const facebook = require('./facebook');
-const facebookaccountkit = require('./facebookaccountkit');
 const instagram = require('./instagram');
 const linkedin = require('./linkedin');
 const meetup = require('./meetup');
@@ -39,7 +38,6 @@ const providers = {
   gcenter,
   gpgames,
   facebook,
-  facebookaccountkit,
   instagram,
   linkedin,
   meetup,
@@ -62,7 +60,7 @@ const providers = {
 };
 
 function authDataValidator(adapter, appIds, options) {
-  return function(authData) {
+  return function (authData) {
     return adapter.validateAuthData(authData, options).then(() => {
       if (appIds) {
         return adapter.validateAppId(appIds, authData, options);
@@ -117,13 +115,13 @@ function loadAuthAdapter(provider, authOptions) {
   return { adapter, appIds, providerOptions };
 }
 
-module.exports = function(authOptions = {}, enableAnonymousUsers = true) {
+module.exports = function (authOptions = {}, enableAnonymousUsers = true) {
   let _enableAnonymousUsers = enableAnonymousUsers;
-  const setEnableAnonymousUsers = function(enable) {
+  const setEnableAnonymousUsers = function (enable) {
     _enableAnonymousUsers = enable;
   };
   // To handle the test cases on configuration
-  const getValidatorForProvider = function(provider) {
+  const getValidatorForProvider = function (provider) {
     if (provider === 'anonymous' && !_enableAnonymousUsers) {
       return;
     }