BREAKING CHANGE: Authentication adapters are disabled by default; to use an authentication adapter it needs to be explicitly enabled in the Parse Server authentication adapter option `auth.<provider>.enabled: true`
BREAKING CHANGE: `Parse.Query` no longer supports the BSON type `code`; although this feature was never officially documented, its removal is announced as a breaking change to protect deployments where it might be in use.
* Fix for authenticating with instagram
* Change tests for instagram authentication
* Instagram authentication for the case when data child object is presented in the response
* updated defaultURL to allow new insta API access
* updated defaultURL to allow new insta API access
* updates tests for new instagram API url
Co-authored-by: Tim Talbot <tim@dyingmethod.com>
* Updated TOKEN_ISSUER to 'accounts.google.com'
Hi, I was getting this issue from today morning parse-server/Adapters/Auth/google.js was expecting the TOKEN_ISSUER to be prefixed with https:// but on debugging the original value was not having the prefix, removing https:// from TOKEN_ISSUER solved this bug. This issue is introduced in 4.3.0 as in 4.2.0 it is working fine currently I have downgraded the version to 4.2.0 for it to work properly and suggesting the changes please merge this PR.
* Update google.js
* Update AuthenticationAdapters.spec.js
* Update google.js
* Update google.js
* Update instagram.js
Instagram API was updated.
* Update instagram.js
Instagram API was updated and is not allowing anymore to setup new projects to use the old style but it is still working for the ones that have it already setup.
New docs are listed here: https://developers.facebook.com/docs/instagram-basic-display-api/
I've added support for both old and new API
To use new API just add new field "api_type" = "new_api" in client side.
For old API just no changes needed.
* support api url
Co-authored-by: Diamond Lewis <findlewis@gmail.com>
* updated 2 files for allowing multiple client ids
* updated tests that fail due to user inputting data in code, added todo comment to them stating what we need to do to fix them
* use token and algo from jwt header
* change node-rsa out for jwks-rsa, reflect change in tests and add one test for coverage
* remove superfluous cache, allow jwks cache parameters to be passed to validateAuthData
* remove package lock
* regenerate package lock
* try fixing package-lock with copy from master
* manual changes for merge conflict
* whitespace
* pass options as object
* fix inconsistent variable name
* Install graphql-relay
* Add relayNodeInterface to ParseGraphQLSchema
* Add support to global id
* Add support to global id in other operations
* Fix sort by glboal id
* Fix where by global id
* Introduce IdWhereInput
* Add Relay object identification tests
* Client mutation id on createFile mutation
* Client mutation id on callCloudCode mutation
* Client mutation id on signUp mutation
* Client mutation id on logIn mutation
* Client mutation id on logOut mutation
* Client mutation id on createClass mutation
* Client mutation id on updateClass mutation
* Client mutation id on deleteClass mutation
* Client mutation id on create object mutation
* Improve Viewer type
* Client mutation id on update object mutation
* Client mutation id on delete object mutation
* Introducing connections
* Fix tests
* Add pagination test
* Fix file location
* Fix postgres tests
* Add comments
* Tests to calculateSkipAndLimit
* add microsoft graph auth
* change mail to id
* add graph user id and email
* add microsoft graph auth test case
* remove validating auth data using mail
* add test case to AuthenticationAdapters
* fix indentation
* fix httpsRequest and fakeClaim not found
* add newline eof last
* fix test in auth adapter
* fix unhandled promise rejection
* GraphQL Object constraints
Implements the GraphQL Object constraints, which allows us to filter queries results using the `$eq`, `$lt`, `$gt`, `$in`, and other Parse supported constraints.
Example:
```
query objects {
findMyClass(where: {
objField: {
_eq: {
key: 'foo.bar',
value: 'hello'
},
_gt: {
key: 'foo.number',
value: 10
},
_lt: {
key: 'anotherNumber',
value: 5
}
}
}) {
results {
objectId
}
}
}
```
In the example above, we have the `findMyClass` query (automatically generated for the `MyClass` class), and a field named `objField` whose type is Object. The object below represents a valid `objField` value and would satisfy all constraints:
```
{
"foo": {
"bar": "hello",
"number": 11
},
"anotherNumber": 4
}
```
The Object constraint is applied only when using Parse class object type queries. When using "generic" queries such as `get` and `find`, this type of constraint is not available.
* Objects constraints not working on Postgres
Fixes the $eq, $ne, $gt, and $lt constraints when applied on an Object type field.
* Fix object constraint field name
* Fix Postgres constraints indexes
* fix: Object type composed constraints not working
* fix: Rename key and value fields
* refactor: Object constraints for generic queries
* fix: Object constraints not working on Postgres
* added an RFC 7662 compliant OAuth2 auth adapter
* forgot to add the actual auth adapter to the previous commit
* fixed lint errors
* * added test coverage
* changed option names in auth adapter from snake case to camel case
* added underscore prefix to helper function names
* merged consecutive logger calls into one call and use JSON.stringify() to convert JSON objects to strings
* changed error handling (ParseErrors are no longer thrown, but returned)
* added description of the "debug" option and added this option to the tests too
* added a check of the "debug" option to the unittests and replaced require() of the logger with an import (the former does not work correctly)
* added AuthAdapter based auth adapter runtime validation to src/Adapters/Auth/index.js, added capability to define arbitrary providernames with an "adapter" property in auth config, replaced various "var" keywords with "const" in oauth2.js
* incorporated changes requested by flovilmart (mainly that oauth2 is now not a standalone adapter, but can be selected by setting the "oauth2" property to true in auth config
* modified oauth2 adapter as requested by flovilmart
* bugfix: defaultAdapter can be null in loadAuthAdapter() of index.js (my change broke the tests)
* added TODO on need for a validateAdapter() to validate auth adapters
* test cases and cleanup
* removes from emailverificationtoken spec
* updates winston
* Updates ValidationAndPasswordsReset
* Use local request in schemas
* Removes request in rest.spec
* Removes request from PushRouter0
* removes request from public API
* removes request from index.spec
* Removes request form parse.push spec
* removes request from ParseInstallation spec
* Removes from ParseHooks
* removes request from ParseGlobalConfig.spec
* Removes request from ParseAPI.spec.js
* removes request from LogsRouter
* removes in features
* Filters undefined headers instead of crashing
* Removes request from ParseUser spec
* Removes usage of request in ParseFile.spec.js
* Removes request from AuthAdapters.js
* removes request-promise from ParseGeoPoint.spec
* Removes request-promise from ParseQuery spec
* remove request-promise from UserPII
* removes request-promise from EnableExpressErrorHandler
* Updates RevocableSessionUpgrade spec
* Update RestQuery
* Removes read preferenceOptionM
* ensure we forward auth from URL
* use request in CloudCode.spec.js
* Removes request-promise from JobSchedule.spec
* Removes rp from VerifyUserPassword.spec.js
* Removes rp from PasswordPolicy spec
* Removes rp from ParsePolygon spec
* Removes rp from fullTextSearch spec
* Removes rp from PArseQuery.Aggregate
* Ensure we properly forward errors
* Removes request and request-promise
* Use the correct function when validating google auth tokens
httpsRequest.request expects the param postData and has no default value
or validation to check if it is missing before using it. As a result, an
error `TypeError: First argument must be a string or Buffer` is
thrown when an attempt is made to authenticate with Google.
A quick check on the LinkedIn, FB, and twitter authentication adapters
shows they are using httpsRequest.get for their validation calls.
* Correct google auth adapter tests
