Skip to content

Fix: Linking with Apple Auth #5755

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jul 3, 2019
Merged

Fix: Linking with Apple Auth #5755

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 9 additions & 9 deletions spec/AuthenticationAdapters.spec.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ const responses = {

describe('AuthenticationProviders', function() {
[
'apple-signin',
'apple',
'facebook',
'facebookaccountkit',
'github',
Expand Down Expand Up @@ -51,7 +51,7 @@ describe('AuthenticationProviders', function() {
});

it(`should provide the right responses for adapter ${providerName}`, async () => {
if (providerName === 'twitter' || providerName === 'apple-signin') {
if (providerName === 'twitter' || providerName === 'apple') {
return;
}
spyOn(require('../lib/Adapters/Auth/httpsRequest'), 'get').and.callFake(
Expand Down Expand Up @@ -1087,22 +1087,22 @@ describe('oauth2 auth adapter', () => {
});

describe('apple signin auth adapter', () => {
const apple = require('../lib/Adapters/Auth/apple-signin');
const apple = require('../lib/Adapters/Auth/apple');
const jwt = require('jsonwebtoken');

it('should throw error with missing id_token', async () => {
try {
await apple.validateAuthData({}, { client_id: 'secret' });
fail();
} catch (e) {
expect(e.message).toBe('id_token is invalid for this user.');
expect(e.message).toBe('id token is invalid for this user.');
}
});

it('should not verify invalid id_token', async () => {
try {
await apple.validateAuthData(
{ id_token: 'the_token' },
{ id: 'the_token' },
{ client_id: 'secret' }
);
fail();
Expand All @@ -1120,7 +1120,7 @@ describe('apple signin auth adapter', () => {
spyOn(jwt, 'verify').and.callFake(() => fakeClaim);

const result = await apple.validateAuthData(
{ id_token: 'the_token' },
{ id: 'the_token' },
{ client_id: 'secret' }
);
expect(result).toEqual(fakeClaim);
Expand All @@ -1134,13 +1134,13 @@ describe('apple signin auth adapter', () => {

try {
await apple.validateAuthData(
{ id_token: 'the_token' },
{ id: 'the_token' },
{ client_id: 'secret' }
);
fail();
} catch (e) {
expect(e.message).toBe(
'id_token not issued by correct OpenID provider - expected: https://appleid.apple.com | from: https://not.apple.com'
'id token not issued by correct OpenID provider - expected: https://appleid.apple.com | from: https://not.apple.com'
);
}
});
Expand All @@ -1154,7 +1154,7 @@ describe('apple signin auth adapter', () => {

try {
await apple.validateAuthData(
{ id_token: 'the_token' },
{ id: 'the_token' },
{ client_id: 'secret' }
);
fail();
Expand Down
12 changes: 6 additions & 6 deletions src/Adapters/Auth/apple-signin.js → src/Adapters/Auth/apple.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ const verifyIdToken = async (token, clientID) => {
if (!token) {
throw new Parse.Error(
Parse.Error.OBJECT_NOT_FOUND,
'id_token is invalid for this user.'
'id token is invalid for this user.'
);
}
const applePublicKey = await getApplePublicKey();
Expand All @@ -30,7 +30,7 @@ const verifyIdToken = async (token, clientID) => {
if (jwtClaims.iss !== TOKEN_ISSUER) {
throw new Parse.Error(
Parse.Error.OBJECT_NOT_FOUND,
`id_token not issued by correct OpenID provider - expected: ${TOKEN_ISSUER} | from: ${jwtClaims.iss}`
`id token not issued by correct OpenID provider - expected: ${TOKEN_ISSUER} | from: ${jwtClaims.iss}`
);
}
if (clientID !== undefined && jwtClaims.aud !== clientID) {
Expand All @@ -42,9 +42,9 @@ const verifyIdToken = async (token, clientID) => {
return jwtClaims;
};

// Returns a promise that fulfills if this id_token is valid
// Returns a promise that fulfills if this id token is valid
function validateAuthData(authData, options = {}) {
return verifyIdToken(authData.id_token, options.client_id);
return verifyIdToken(authData.id, options.client_id);
}

// Returns a promise that fulfills if this app id is valid.
Expand All @@ -53,6 +53,6 @@ function validateAppId() {
}

module.exports = {
validateAppId: validateAppId,
validateAuthData: validateAuthData,
validateAppId,
validateAuthData,
};
2 changes: 2 additions & 0 deletions src/Adapters/Auth/index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
import loadAdapter from '../AdapterLoader';

const apple = require('./apple');
const facebook = require('./facebook');
const facebookaccountkit = require('./facebookaccountkit');
const instagram = require('./instagram');
Expand Down Expand Up @@ -28,6 +29,7 @@ const anonymous = {
};

const providers = {
apple,
facebook,
facebookaccountkit,
instagram,
Expand Down