Merge branch 'alpha' into dot-notation-array

Author: mtrezza

changelogs/CHANGELOG_alpha.md

@@ -1,3 +1,17 @@
+# [7.1.0-alpha.8](https://github.com/parse-community/parse-server/compare/7.1.0-alpha.7...7.1.0-alpha.8) (2024-05-16)
+
+
+### Features
+
+* Upgrade to @parse/push-adapter 6.2.0 ([#9127](https://github.com/parse-community/parse-server/issues/9127)) ([ca20496](https://github.com/parse-community/parse-server/commit/ca20496f28e5ec1294a7a23c8559df82b79b2a04))
+
+# [7.1.0-alpha.7](https://github.com/parse-community/parse-server/compare/7.1.0-alpha.6...7.1.0-alpha.7) (2024-05-16)
+
+
+### Bug Fixes
+
+* Facebook Limited Login not working due to incorrect domain in JWT validation ([#9122](https://github.com/parse-community/parse-server/issues/9122)) ([9d0bd2b](https://github.com/parse-community/parse-server/commit/9d0bd2badd6e5f7429d1af00b118225752e5d86a))
+
 # [7.1.0-alpha.6](https://github.com/parse-community/parse-server/compare/7.1.0-alpha.5...7.1.0-alpha.6) (2024-04-14)
 
 

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "parse-server",
-  "version": "7.1.0-alpha.6",
+  "version": "7.1.0-alpha.8",
   "description": "An express module providing a Parse-compatible API server",
   "main": "lib/index.js",
   "repository": {
@@ -25,7 +25,7 @@
     "@graphql-tools/schema": "10.0.3",
     "@graphql-tools/utils": "8.12.0",
     "@parse/fs-files-adapter": "3.0.0",
-    "@parse/push-adapter": "6.0.0",
+    "@parse/push-adapter": "6.2.0",
     "bcryptjs": "2.4.3",
     "body-parser": "1.20.2",
     "commander": "12.0.0",

package.json

@@ -142,6 +142,25 @@ describe('AdapterLoader', () => {
     }).not.toThrow();
   });
 
+  it('should load custom database adapter from config', done => {
+    const adapterPath = require('path').resolve('./spec/support/MockDatabaseAdapter');
+    const options = {
+      databaseURI: 'oracledb://user:password@localhost:1521/freepdb1',
+      collectionPrefix: '',
+    };
+    const databaseAdapterOptions = {
+      adapter: adapterPath,
+      options,
+    };
+    expect(() => {
+      const databaseAdapter = loadAdapter(databaseAdapterOptions);
+      expect(databaseAdapter).not.toBe(undefined);
+      expect(databaseAdapter.options).toEqual(options);
+      expect(databaseAdapter.getDatabaseURI()).toEqual(options.databaseURI);
+    }).not.toThrow();
+    done();
+  });
+
   it('should load file adapter from direct passing', done => {
     spyOn(console, 'warn').and.callFake(() => {});
     const mockFilesAdapter = new MockFilesAdapter('key', 'secret', 'bucket');

spec/AdapterLoader.spec.js

@@ -2047,7 +2047,7 @@ describe('facebook limited auth adapter', () => {
 
   it('should use algorithm from key header to verify id_token', async () => {
     const fakeClaim = {
-      iss: 'https://facebook.com',
+      iss: 'https://www.facebook.com',
       aud: 'secret',
       exp: Date.now(),
       sub: 'the_user_id',
@@ -2097,7 +2097,7 @@ describe('facebook limited auth adapter', () => {
 
   it('(using client id as string) should verify id_token', async () => {
     const fakeClaim = {
-      iss: 'https://facebook.com',
+      iss: 'https://www.facebook.com',
       aud: 'secret',
       exp: Date.now(),
       sub: 'the_user_id',
@@ -2117,7 +2117,7 @@ describe('facebook limited auth adapter', () => {
 
   it('(using client id as array) should verify id_token', async () => {
     const fakeClaim = {
-      iss: 'https://facebook.com',
+      iss: 'https://www.facebook.com',
       aud: 'secret',
       exp: Date.now(),
       sub: 'the_user_id',
@@ -2137,7 +2137,7 @@ describe('facebook limited auth adapter', () => {
 
   it('(using client id as array with multiple items) should verify id_token', async () => {
     const fakeClaim = {
-      iss: 'https://facebook.com',
+      iss: 'https://www.facebook.com',
       aud: 'secret',
       exp: Date.now(),
       sub: 'the_user_id',
@@ -2174,7 +2174,7 @@ describe('facebook limited auth adapter', () => {
       fail();
     } catch (e) {
       expect(e.message).toBe(
-        'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com'
+        'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com'
       );
     }
   });
@@ -2203,7 +2203,7 @@ describe('facebook limited auth adapter', () => {
       fail();
     } catch (e) {
       expect(e.message).toBe(
-        'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com'
+        'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com'
       );
     }
   });
@@ -2230,7 +2230,7 @@ describe('facebook limited auth adapter', () => {
       fail();
     } catch (e) {
       expect(e.message).toBe(
-        'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com'
+        'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com'
       );
     }
   });
@@ -2288,7 +2288,7 @@ describe('facebook limited auth adapter', () => {
 
   it('should throw error with with invalid user id', async () => {
     const fakeClaim = {
-      iss: 'https://facebook.com',
+      iss: 'https://www.facebook.com',
       aud: 'invalid_client_id',
       sub: 'a_different_user_id',
     };

spec/AuthenticationAdapters.spec.js

@@ -35,6 +35,7 @@ process.noDeprecation = true;
 const cache = require('../lib/cache').default;
 const defaults = require('../lib/defaults').default;
 const ParseServer = require('../lib/index').ParseServer;
+const loadAdapter = require('../lib/Adapters/AdapterLoader').loadAdapter;
 const path = require('path');
 const TestUtils = require('../lib/TestUtils');
 const GridFSBucketAdapter = require('../lib/Adapters/Files/GridFSBucketAdapter')
@@ -53,7 +54,10 @@ let databaseAdapter;
 let databaseURI;
 // need to bind for mocking mocha
 
-if (process.env.PARSE_SERVER_TEST_DB === 'postgres') {
+if (process.env.PARSE_SERVER_DATABASE_ADAPTER) {
+  databaseAdapter = JSON.parse(process.env.PARSE_SERVER_DATABASE_ADAPTER);
+  databaseAdapter = loadAdapter(databaseAdapter);
+} else if (process.env.PARSE_SERVER_TEST_DB === 'postgres') {
   databaseURI = process.env.PARSE_SERVER_TEST_DATABASE_URI || postgresURI;
   databaseAdapter = new PostgresStorageAdapter({
     uri: databaseURI,

spec/helper.js

@@ -0,0 +1,9 @@
+module.exports = function (options) {
+  return {
+    options: options,
+    send: function () {},
+    getDatabaseURI: function () {
+      return options.databaseURI;
+    },
+  };
+};

spec/support/MockDatabaseAdapter.js

@@ -6,7 +6,7 @@ const jwt = require('jsonwebtoken');
 const httpsRequest = require('./httpsRequest');
 const authUtils = require('./utils');
 
-const TOKEN_ISSUER = 'https://facebook.com';
+const TOKEN_ISSUER = 'https://www.facebook.com';
 
 function getAppSecretPath(authData, options = {}) {
   const appSecret = options.appSecret;

src/Adapters/Auth/facebook.js

@@ -6,6 +6,7 @@ function logStartupOptions(options) {
   }
   // Keys that may include sensitive information that will be redacted in logs
   const keysToRedact = [
+    'databaseAdapter',
     'databaseURI',
     'masterKey',
     'maintenanceKey',