From b26283624a850a5d5763608a91d01959812dfed2 Mon Sep 17 00:00:00 2001 From: Eugene Antropov Date: Tue, 18 Oct 2016 17:13:58 +0300 Subject: [PATCH 1/3] Change users.get to secure.checkToken You can't get user info by client token due vk restrictions. You must check token via secure.checkToken. --- src/authDataManager/vkontakte.js | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) diff --git a/src/authDataManager/vkontakte.js b/src/authDataManager/vkontakte.js index 46fd7e8466..33a3710c84 100644 --- a/src/authDataManager/vkontakte.js +++ b/src/authDataManager/vkontakte.js @@ -5,13 +5,20 @@ var https = require('https'); var Parse = require('parse/node').Parse; // Returns a promise that fulfills iff this user id is valid. -function validateAuthData(authData) { - return request("users.get?v=V&access_token=" + authData.access_token).then(function (response) { - if (response && response.response && response.response[0].uid == authData.id) { - return; - } - throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk auth is invalid for this user.'); - }); +function validateAuthData(authData, params) { + return request("oauth.vk.com", "access_token?client_id=" + params.appIds + "&client_secret=" + params.appSecret + "&v=5.59&grant_type=client_credentials") + .then(function (response) { + if (response && response && response.access_token) { + return request("api.vk.com", "method/secure.checkToken?token=" + authData.access_token + "&client_secret=" + params.appSecret + "&access_token=" + response.access_token) + .then(function (response) { + if (response && response.response && response.response.user_id == authData.id) { + return ; + } + throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk auth is invalid for this user.'); + }); + } + throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk auth is disabled for app.'); + }); } // Returns a promise that fulfills iff this app id is valid. @@ -20,9 +27,9 @@ function validateAppId() { } // A promisey wrapper for api requests -function request(path) { +function request(host,path) { return new Promise(function (resolve, reject) { - https.get("https://api.vk.com/method/" + path, function (res) { + https.get("https://"+host + "/" + path, function (res) { var data = ''; res.on('data', function (chunk) { data += chunk; From 2bdc3abbfa45de407cb69c91fe261890ff6dd2bc Mon Sep 17 00:00:00 2001 From: Eugene Antropov Date: Tue, 18 Oct 2016 20:15:32 +0300 Subject: [PATCH 2/3] Configuration checks for vk auth. --- src/authDataManager/vkontakte.js | 36 ++++++++++++++++++-------------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/src/authDataManager/vkontakte.js b/src/authDataManager/vkontakte.js index 33a3710c84..a9e73f2470 100644 --- a/src/authDataManager/vkontakte.js +++ b/src/authDataManager/vkontakte.js @@ -1,24 +1,28 @@ 'use strict'; // Helper functions for accessing the vkontakte API. + var https = require('https'); var Parse = require('parse/node').Parse; // Returns a promise that fulfills iff this user id is valid. function validateAuthData(authData, params) { - return request("oauth.vk.com", "access_token?client_id=" + params.appIds + "&client_secret=" + params.appSecret + "&v=5.59&grant_type=client_credentials") - .then(function (response) { - if (response && response && response.access_token) { - return request("api.vk.com", "method/secure.checkToken?token=" + authData.access_token + "&client_secret=" + params.appSecret + "&access_token=" + response.access_token) - .then(function (response) { - if (response && response.response && response.response.user_id == authData.id) { - return ; - } - throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk auth is invalid for this user.'); - }); - } - throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk auth is disabled for app.'); - }); + if (!params || !params.appIds || !params.appIds.length || !params.appSecret || !params.appSecret.length ) { + throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk auth is not configured. Missing appIds or appSecret.'); + } + return request("oauth.vk.com", "access_token?client_id=" + params.appIds + "&client_secret=" + params.appSecret + "&v=5.59&grant_type=client_credentials").then(function (response) { + console.log(response) + if (response && response && response.access_token) { + return request("api.vk.com", "method/secure.checkToken?token=" + authData.access_token + "&client_secret=" + params.appSecret + "&access_token=" + response.access_token).then(function (response) { + console.log(response) + if (response && response.response && response.response.user_id == authData.id) { + return; + } + throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk auth is invalid for this user.'); + }); + } + throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk appIds or appSecret is incorrect.'); + }); } // Returns a promise that fulfills iff this app id is valid. @@ -27,9 +31,9 @@ function validateAppId() { } // A promisey wrapper for api requests -function request(host,path) { +function request(host, path) { return new Promise(function (resolve, reject) { - https.get("https://"+host + "/" + path, function (res) { + https.get("https://" + host + "/" + path, function (res) { var data = ''; res.on('data', function (chunk) { data += chunk; @@ -47,4 +51,4 @@ function request(host,path) { module.exports = { validateAppId: validateAppId, validateAuthData: validateAuthData -}; +}; \ No newline at end of file From 0c80f5db52091b1080751cdd4115c2fe8531e0d8 Mon Sep 17 00:00:00 2001 From: Eugene Antropov Date: Wed, 19 Oct 2016 14:10:27 +0300 Subject: [PATCH 3/3] Move config check to promise, remove debug log, add message to logger on error. --- src/authDataManager/vkontakte.js | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/src/authDataManager/vkontakte.js b/src/authDataManager/vkontakte.js index a9e73f2470..01f1f89607 100644 --- a/src/authDataManager/vkontakte.js +++ b/src/authDataManager/vkontakte.js @@ -4,27 +4,35 @@ var https = require('https'); var Parse = require('parse/node').Parse; +var logger = require('../logger').default; // Returns a promise that fulfills iff this user id is valid. -function validateAuthData(authData, params) { - if (!params || !params.appIds || !params.appIds.length || !params.appSecret || !params.appSecret.length ) { - throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk auth is not configured. Missing appIds or appSecret.'); - } - return request("oauth.vk.com", "access_token?client_id=" + params.appIds + "&client_secret=" + params.appSecret + "&v=5.59&grant_type=client_credentials").then(function (response) { - console.log(response) +function validateAuthData(authData, params) { + return vkOAuth2Request(params).then(function (response) { if (response && response && response.access_token) { return request("api.vk.com", "method/secure.checkToken?token=" + authData.access_token + "&client_secret=" + params.appSecret + "&access_token=" + response.access_token).then(function (response) { - console.log(response) if (response && response.response && response.response.user_id == authData.id) { return; } throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk auth is invalid for this user.'); }); } + logger.error('Vk Auth', 'Vk appIds or appSecret is incorrect.'); throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk appIds or appSecret is incorrect.'); }); } +function vkOAuth2Request(params) { + var promise = new Parse.Promise(); + return promise.then(function(){ + if (!params || !params.appIds || !params.appIds.length || !params.appSecret || !params.appSecret.length ) { + logger.error('Vk Auth', 'Vk auth is not configured. Missing appIds or appSecret.'); + throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Vk auth is not configured. Missing appIds or appSecret.'); + } + return request("oauth.vk.com", "access_token?client_id=" + params.appIds + "&client_secret=" + params.appSecret + "&v=5.59&grant_type=client_credentials") + }) +} + // Returns a promise that fulfills iff this app id is valid. function validateAppId() { return Promise.resolve();