diff --git a/spec/AuthenticationAdapters.spec.js b/spec/AuthenticationAdapters.spec.js index 30410de574..4ba75eb081 100644 --- a/spec/AuthenticationAdapters.spec.js +++ b/spec/AuthenticationAdapters.spec.js @@ -5,6 +5,7 @@ const defaultColumns = require('../lib/Controllers/SchemaController') const authenticationLoader = require('../lib/Adapters/Auth'); const path = require('path'); const responses = { + gpgames: { playerId: 'userId' }, instagram: { data: { id: 'userId' } }, janrainengage: { stat: 'ok', profile: { identifier: 'userId' } }, janraincapture: { stat: 'ok', result: 'userId' }, @@ -22,6 +23,7 @@ describe('AuthenticationProviders', function() { [ 'apple', 'gcenter', + 'gpgames', 'facebook', 'facebookaccountkit', 'github', @@ -648,6 +650,37 @@ describe('google auth adapter', () => { }); }); +describe('google play games service auth', () => { + const gpgames = require('../lib/Adapters/Auth/gpgames'); + const httpsRequest = require('../lib/Adapters/Auth/httpsRequest'); + + it('validateAuthData should pass validation', async () => { + spyOn(httpsRequest, 'get').and.callFake(() => { + return Promise.resolve({ playerId: 'userId' }); + }); + await gpgames.validateAuthData({ + id: 'userId', + access_token: 'access_token', + }); + }); + + it('validateAuthData should throw error', async () => { + spyOn(httpsRequest, 'get').and.callFake(() => { + return Promise.resolve({ playerId: 'invalid' }); + }); + try { + await gpgames.validateAuthData({ + id: 'userId', + access_token: 'access_token', + }); + } catch (e) { + expect(e.message).toBe( + 'Google Play Games Services - authData is invalid for this user.' + ); + } + }); +}); + describe('oauth2 auth adapter', () => { const oauth2 = require('../lib/Adapters/Auth/oauth2'); const httpsRequest = require('../lib/Adapters/Auth/httpsRequest'); diff --git a/src/Adapters/Auth/gcenter.js b/src/Adapters/Auth/gcenter.js index c6ecc50a94..767f302afa 100644 --- a/src/Adapters/Auth/gcenter.js +++ b/src/Adapters/Auth/gcenter.js @@ -107,7 +107,10 @@ function verifySignature(publicKey, authData) { // Returns a promise that fulfills if this user id is valid. async function validateAuthData(authData) { if (!authData.id) { - return Promise.reject('Apple Game Center - authData id missing'); + throw new Parse.Error( + Parse.Error.OBJECT_NOT_FOUND, + 'Apple Game Center - authData id missing' + ); } authData.playerId = authData.id; const publicKey = await getAppleCertificate(authData.publicKeyUrl); diff --git a/src/Adapters/Auth/gpgames.js b/src/Adapters/Auth/gpgames.js new file mode 100644 index 0000000000..4462a7897d --- /dev/null +++ b/src/Adapters/Auth/gpgames.js @@ -0,0 +1,33 @@ +/* Google Play Game Services +https://developers.google.com/games/services/web/api/players/get + +const authData = { + id: 'playerId', + access_token: 'token', +}; +*/ +const { Parse } = require('parse/node'); +const httpsRequest = require('./httpsRequest'); + +// Returns a promise that fulfills if this user id is valid. +async function validateAuthData(authData) { + const response = await httpsRequest.get( + `https://www.googleapis.com/games/v1/players/${authData.id}?access_token=${authData.access_token}` + ); + if (!(response && response.playerId === authData.id)) { + throw new Parse.Error( + Parse.Error.OBJECT_NOT_FOUND, + 'Google Play Games Services - authData is invalid for this user.' + ); + } +} + +// Returns a promise that fulfills if this app id is valid. +function validateAppId() { + return Promise.resolve(); +} + +module.exports = { + validateAppId, + validateAuthData, +}; diff --git a/src/Adapters/Auth/index.js b/src/Adapters/Auth/index.js index b6d9c911da..07c956cebc 100755 --- a/src/Adapters/Auth/index.js +++ b/src/Adapters/Auth/index.js @@ -2,6 +2,7 @@ import loadAdapter from '../AdapterLoader'; const apple = require('./apple'); const gcenter = require('./gcenter'); +const gpgames = require('./gpgames'); const facebook = require('./facebook'); const facebookaccountkit = require('./facebookaccountkit'); const instagram = require('./instagram'); @@ -35,6 +36,7 @@ const anonymous = { const providers = { apple, gcenter, + gpgames, facebook, facebookaccountkit, instagram,