joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: remove deprecated url.parse() method (#7751)

Browse Source
This commit is contained in:
Corey
2022-01-06 09:26:00 -05:00
committed by GitHub
parent a43638f300
commit a5ffb95022
9 changed files with 74 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
spec/AuthenticationAdapters.spec.js
View File

@@ -1707,6 +1707,24 @@ describe('Apple Game Center Auth adapter', () => {
expect(e.message).toBe('Apple Game Center - invalid publicKeyUrl: invalid.com'); expect(e.message).toBe('Apple Game Center - invalid publicKeyUrl: invalid.com');
} }
}); });
it('validateAuthData invalid public key http url', async () => {
const authData = {
id: 'G:1965586982',
publicKeyUrl: 'http://static.gc.apple.com/public-key/gc-prod-4.cer',
timestamp: 1565257031287,
signature: '1234',
salt: 'DzqqrQ==',
bundleId: 'cloud.xtralife.gamecenterauth',
};
try {
await gcenter.validateAuthData(authData);
fail();
} catch (e) {
expect(e.message).toBe('Apple Game Center - invalid publicKeyUrl: http://static.gc.apple.com/public-key/gc-prod-4.cer');
}
});
}); });
describe('phant auth adapter', () => { describe('phant auth adapter', () => {

22
spec/batch.spec.js
View File

@@ -111,6 +111,28 @@ describe('batch', () => {
expect(internalURL).toEqual('/classes/Object'); expect(internalURL).toEqual('/classes/Object');
}); });
it('should return the proper url with bad url provided', () => {
const originalURL = '/parse/batch';
const internalURL = batch.makeBatchRoutingPathFunction(
originalURL,
'badurl.com',
publicServerURL
)('/parse/classes/Object');
expect(internalURL).toEqual('/classes/Object');
});
it('should return the proper url with bad public url provided', () => {
const originalURL = '/parse/batch';
const internalURL = batch.makeBatchRoutingPathFunction(
originalURL,
serverURLNaked,
'badurl.com'
)('/parse/classes/Object');
expect(internalURL).toEqual('/classes/Object');
});
it('should handle a batch request without transaction', async () => { it('should handle a batch request without transaction', async () => {
spyOn(databaseAdapter, 'createObject').and.callThrough(); spyOn(databaseAdapter, 'createObject').and.callThrough();

19
src/Adapters/Auth/gcenter.js
View File

@@ -14,20 +14,23 @@ const authData = {
const { Parse } = require('parse/node'); const { Parse } = require('parse/node');
const crypto = require('crypto'); const crypto = require('crypto');
const https = require('https'); const https = require('https');
const url = require('url');
const cache = {}; // (publicKey -> cert) cache const cache = {}; // (publicKey -> cert) cache
function verifyPublicKeyUrl(publicKeyUrl) { function verifyPublicKeyUrl(publicKeyUrl) {
const parsedUrl = url.parse(publicKeyUrl); try {
if (parsedUrl.protocol !== 'https:') { const parsedUrl = new URL(publicKeyUrl);
if (parsedUrl.protocol !== 'https:') {
return false;
}
const hostnameParts = parsedUrl.hostname.split('.');
const length = hostnameParts.length;
const domainParts = hostnameParts.slice(length - 2, length);
const domain = domainParts.join('.');
return domain === 'apple.com';
} catch(error) {
return false; return false;
} }
const hostnameParts = parsedUrl.hostname.split('.');
const length = hostnameParts.length;
const domainParts = hostnameParts.slice(length - 2, length);
const domain = domainParts.join('.');
return domain === 'apple.com';
} }
function convertX509CertToPEM(X509Cert) { function convertX509CertToPEM(X509Cert) {

3
src/Adapters/Auth/oauth2.js
View File

@@ -54,7 +54,6 @@
*/ */
const Parse = require('parse/node').Parse; const Parse = require('parse/node').Parse;
const url = require('url');
const querystring = require('querystring'); const querystring = require('querystring');
const httpsRequest = require('./httpsRequest'); const httpsRequest = require('./httpsRequest');
@@ -112,7 +111,7 @@ function requestTokenInfo(options, access_token) {
if (!options || !options.tokenIntrospectionEndpointUrl) { if (!options || !options.tokenIntrospectionEndpointUrl) {
throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, MISSING_URL); throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, MISSING_URL);
} }
const parsedUrl = url.parse(options.tokenIntrospectionEndpointUrl); const parsedUrl = new URL(options.tokenIntrospectionEndpointUrl);
const postData = querystring.stringify({ const postData = querystring.stringify({
token: access_token, token: access_token,
}); });

10
src/Adapters/Storage/Postgres/PostgresConfigParser.js
View File

@@ -1,18 +1,16 @@
const url = require('url');
const fs = require('fs'); const fs = require('fs');
function getDatabaseOptionsFromURI(uri) { function getDatabaseOptionsFromURI(uri) {
const databaseOptions = {}; const databaseOptions = {};
const parsedURI = url.parse(uri); const parsedURI = new URL(uri);
const queryParams = parseQueryParams(parsedURI.query); const queryParams = parseQueryParams(parsedURI.searchParams.toString());
const authParts = parsedURI.auth ? parsedURI.auth.split(':') : [];
databaseOptions.host = parsedURI.hostname || 'localhost'; databaseOptions.host = parsedURI.hostname || 'localhost';
databaseOptions.port = parsedURI.port ? parseInt(parsedURI.port) : 5432; databaseOptions.port = parsedURI.port ? parseInt(parsedURI.port) : 5432;
databaseOptions.database = parsedURI.pathname ? parsedURI.pathname.substr(1) : undefined; databaseOptions.database = parsedURI.pathname ? parsedURI.pathname.substr(1) : undefined;
databaseOptions.user = authParts.length > 0 ? authParts[0] : ''; databaseOptions.user = parsedURI.username;
databaseOptions.password = authParts.length > 1 ? authParts[1] : ''; databaseOptions.password = parsedURI.password;
if (queryParams.ssl && queryParams.ssl.toLowerCase() === 'true') { if (queryParams.ssl && queryParams.ssl.toLowerCase() === 'true') {
databaseOptions.ssl = true; databaseOptions.ssl = true;

12
src/Controllers/LoggerController.js
View File

@@ -1,7 +1,6 @@
import { Parse } from 'parse/node'; import { Parse } from 'parse/node';
import AdaptableController from './AdaptableController'; import AdaptableController from './AdaptableController';
import { LoggerAdapter } from '../Adapters/Logger/LoggerAdapter'; import { LoggerAdapter } from '../Adapters/Logger/LoggerAdapter';
import url from 'url';
const MILLISECONDS_IN_A_DAY = 24 * 60 * 60 * 1000; const MILLISECONDS_IN_A_DAY = 24 * 60 * 60 * 1000;
const LOG_STRING_TRUNCATE_LENGTH = 1000; const LOG_STRING_TRUNCATE_LENGTH = 1000;
@@ -38,15 +37,16 @@ export class LoggerController extends AdaptableController {
}); });
} }
maskSensitiveUrl(urlString) { maskSensitiveUrl(path) {
const urlObj = url.parse(urlString, true); const urlString = 'http://localhost' + path; // prepend dummy string to make a real URL
const query = urlObj.query; const urlObj = new URL(urlString);
const query = urlObj.searchParams;
let sanitizedQuery = '?'; let sanitizedQuery = '?';
for (const key in query) { for (const [key, value] of query) {
if (key !== 'password') { if (key !== 'password') {
// normal value // normal value
sanitizedQuery += key + '=' + query[key] + '&'; sanitizedQuery += key + '=' + value + '&';
} else { } else {
// password value, redact it // password value, redact it
sanitizedQuery += key + '=' + '********' + '&'; sanitizedQuery += key + '=' + '********' + '&';

3
src/Controllers/index.js
View File

@@ -2,7 +2,6 @@ import authDataManager from '../Adapters/Auth';
import { ParseServerOptions } from '../Options'; import { ParseServerOptions } from '../Options';
import { loadAdapter } from '../Adapters/AdapterLoader'; import { loadAdapter } from '../Adapters/AdapterLoader';
import defaults from '../defaults'; import defaults from '../defaults';
import url from 'url';
// Controllers // Controllers
import { LoggerController } from './LoggerController'; import { LoggerController } from './LoggerController';
import { FilesController } from './FilesController'; import { FilesController } from './FilesController';
@@ -220,7 +219,7 @@ export function getAuthDataManager(options: ParseServerOptions) {
export function getDatabaseAdapter(databaseURI, collectionPrefix, databaseOptions) { export function getDatabaseAdapter(databaseURI, collectionPrefix, databaseOptions) {
let protocol; let protocol;
try { try {
const parsedURI = url.parse(databaseURI); const parsedURI = new URL(databaseURI);
protocol = parsedURI.protocol ? parsedURI.protocol.toLowerCase() : null; protocol = parsedURI.protocol ? parsedURI.protocol.toLowerCase() : null;
} catch (e) { } catch (e) {
/* */ /* */

7
src/ParseServerRESTController.js
View File

@@ -1,7 +1,6 @@
const Config = require('./Config'); const Config = require('./Config');
const Auth = require('./Auth'); const Auth = require('./Auth');
const RESTController = require('parse/lib/node/RESTController'); const RESTController = require('parse/lib/node/RESTController');
const URL = require('url');
const Parse = require('parse/node'); const Parse = require('parse/node');
function getSessionToken(options) { function getSessionToken(options) {
@@ -38,9 +37,9 @@ function ParseServerRESTController(applicationId, router) {
if (!config) { if (!config) {
config = Config.get(applicationId); config = Config.get(applicationId);
} }
const serverURL = URL.parse(config.serverURL); const serverURL = new URL(config.serverURL);
if (path.indexOf(serverURL.path) === 0) { if (path.indexOf(serverURL.pathname) === 0) {
path = path.slice(serverURL.path.length, path.length); path = path.slice(serverURL.pathname.length, path.length);
} }
if (path[0] !== '/') { if (path[0] !== '/') {

16
src/batch.js
View File

@@ -1,5 +1,4 @@
const Parse = require('parse/node').Parse; const Parse = require('parse/node').Parse;
const url = require('url');
const path = require('path'); const path = require('path');
// These methods handle batch requests. // These methods handle batch requests.
const batchPath = '/batch'; const batchPath = '/batch';
@@ -11,11 +10,12 @@ function mountOnto(router) {
}); });
} }
function parseURL(URL) { function parseURL(urlString) {
if (typeof URL === 'string') { try {
return url.parse(URL); return new URL(urlString);
} catch(error) {
return undefined;
} }
return undefined;
} }
function makeBatchRoutingPathFunction(originalUrl, serverURL, publicServerURL) { function makeBatchRoutingPathFunction(originalUrl, serverURL, publicServerURL) {
@@ -33,9 +33,9 @@ function makeBatchRoutingPathFunction(originalUrl, serverURL, publicServerURL) {
return path.posix.join('/', requestPath.slice(apiPrefix.length)); return path.posix.join('/', requestPath.slice(apiPrefix.length));
}; };
if (serverURL && publicServerURL && serverURL.path != publicServerURL.path) { if (serverURL && publicServerURL && serverURL.pathname != publicServerURL.pathname) {
const localPath = serverURL.path; const localPath = serverURL.pathname;
const publicPath = publicServerURL.path; const publicPath = publicServerURL.pathname;
// Override the api prefix // Override the api prefix
apiPrefix = localPath; apiPrefix = localPath;