updated apple auth to have multiple client ids, & also more checks added #6394
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Fix: aggregate not matching null values * Exclude Postgres from this new test - it does not even support and is not working correctly - should be addressed separately
parse-community#6028) * Stream video with GridFSBucketAdapter (implements byte-range requests) Closes: parse-community#5834 Similar to parse-community#2437 I ran into this issue while trying to view a mov file in safari from the dashboard. * Rename getFileStream to handleFileStream
* feat: add allowHeaders to Options This allows developers to use custom headers in their API requests, and they will be accepted by their mounted app. * refactor: convert allowCrossDomain to generator to add appId in scope This is necessary as the middleware may run in OPTIONS request that do not contain the appId within the header. * chore: update Definitions and docs * fix: update test to use new allowCrossDomain params * chore: add tests for allowCustomDomain middleware re: allowHeadrs
* 3.9.0 * Update s3-files-adapter
* fix(package): update graphql to version 14.5.5 * chore(package): update lockfile package-lock.json
* chore(package): update eslint to version 6.4.0 * chore(package): update lockfile package-lock.json
* fix(package): update graphql to version 14.5.6 * chore(package): update lockfile package-lock.json
* chore(package): update cross-env to version 6.0.0 * chore(package): update lockfile package-lock.json
* chore(package): update flow-bin to version 0.108.0 * chore(package): update lockfile package-lock.json
The script uses double square brackets, which are a non-standard extension to `[]`. Some shells (e.g. dash, the default shell under Debian) do not support double square brackets. The shebang line should reflect that.
* fix(package): update node-rsa to version 1.0.6 * chore(package): update lockfile package-lock.json
The script currently writes a package.json with a dependency on parse-server version 2.2. This should probably always be automatically updated to the latest version using some CI magic.
* fix(package): update graphql to version 14.5.7 * chore(package): update lockfile package-lock.json
* chore(package): update jasmine to version 3.5.0 * chore(package): update lockfile package-lock.json
* chore(package): update lint-staged to version 9.3.0 * chore(package): update lockfile package-lock.json
* chore(package): update @babel/cli to version 7.6.2 * chore(package): update @babel/core to version 7.6.2 * chore(package): update @babel/plugin-proposal-object-rest-spread to version 7.6.2 * chore(package): update @babel/preset-env to version 7.6.2 * chore(package): update lockfile package-lock.json
* fix(package): update graphql to version 14.5.8 * chore(package): update lockfile package-lock.json
* fix(package): update commander to version 3.0.2 * chore(package): update lockfile package-lock.json
Bumps [apollo-server-express](https://github.com/apollographql/apollo-server) from 2.9.3 to 2.9.4. - [Release notes](https://github.com/apollographql/apollo-server/releases) - [Changelog](https://github.com/apollographql/apollo-server/blob/master/CHANGELOG.md) - [Commits](https://github.com/apollographql/apollo-server/compare/apollo-server-express@2.9.3...apollo-server-express@2.9.4) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Bumps [lint-staged](https://github.com/okonet/lint-staged) from 9.3.0 to 9.4.0. - [Release notes](https://github.com/okonet/lint-staged/releases) - [Commits](lint-staged/lint-staged@v9.3.0...v9.4.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* add microsoft graph auth * change mail to id * add graph user id and email * add microsoft graph auth test case * remove validating auth data using mail * add test case to AuthenticationAdapters * fix indentation * fix httpsRequest and fakeClaim not found * add newline eof last * fix test in auth adapter * fix unhandled promise rejection
* fix(package): update pg-promise to version 9.2.0 * chore(package): update lockfile package-lock.json
Bumps [pg-promise](https://github.com/vitaly-t/pg-promise) from 9.1.4 to 9.2.1. - [Release notes](https://github.com/vitaly-t/pg-promise/releases) - [Commits](vitaly-t/pg-promise@9.1.4...9.2.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* chore(package): update husky to version 3.0.6 * chore(package): update lockfile package-lock.json
* chore(package): update eslint to version 6.5.0 * chore(package): update lockfile package-lock.json
Bumps [husky](https://github.com/typicode/husky) from 3.0.6 to 3.0.7. - [Release notes](https://github.com/typicode/husky/releases) - [Changelog](https://github.com/typicode/husky/blob/master/CHANGELOG.md) - [Commits](typicode/husky@v3.0.6...v3.0.7) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* chore(package): update lint-staged to version 9.4.1 * chore(package): update lockfile package-lock.json
Bumps [eslint](https://github.com/eslint/eslint) from 6.5.0 to 6.5.1. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/master/CHANGELOG.md) - [Commits](eslint/eslint@v6.5.0...v6.5.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
…arse-community#6469) * bump version * add the special note * remove new version & add note about indexes to 4.0.2 & 4.0.0 * Update package-lock.json * Update package.json * add line break * remove double space Co-authored-by: Tom Fox <13188249+TomWFox@users.noreply.github.com>
|
@UnderratedDev Thanks for the PR. I've discovered a better way to handle your multiple client ID issue. |
That's a great idea, thanks @dplewis, I will implement that & update the PR |
|
I think it would be better to wait for #6416 since it will create a conflict. |
|
Sure, I'll wait for that be approved. 👍 |
* fix(package): update ws to version 7.2.2 * chore(package): update lockfile package-lock.json Co-authored-by: greenkeeper[bot] <23040076+greenkeeper[bot]@users.noreply.github.com>
…nity#6483) * Group aggregation supports multiple columns for postgres * Group aggregation supports multiple columns for postgres * Group aggregation supports multiple columns for postgres * Group aggregation supports multiple columns for postgres
* fix(package): update ws to version 7.2.3 * chore(package): update lockfile package-lock.json Co-authored-by: greenkeeper[bot] <23040076+greenkeeper[bot]@users.noreply.github.com>
…munity#6487) Snyk has created this PR to upgrade winston-daily-rotate-file from 4.4.0 to 4.4.2. See this package in NPM: https://www.npmjs.com/package/winston-daily-rotate-file See this project in Snyk: https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
) Snyk has created this PR to upgrade follow-redirects from 1.9.1 to 1.10.0. See this package in NPM: https://www.npmjs.com/package/follow-redirects See this project in Snyk: https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
Snyk has created this PR to upgrade redis from 3.0.0 to 3.0.2. See this package in NPM: https://www.npmjs.com/package/redis See this project in Snyk: https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
…res once Update .travis.yml (parse-community#6490) * Update .travis.yml testing error to see what happens... * Update .travis.yml Attempting to resolve postgres in CL by installing postgis via sudo instead of through apt/packages * Update .travis.yml * Update .travis.yml * Update .travis.yml Removed extra lines of postgres that were under "services" and "addons". I believe the "postgresql" line under "services" was installing the default of 9.6 and "addons" was installing postgres 11. My guess is the fail was occurring due to 9.6 being called sometimes and it never had postgis installed. If this is true, the solution is to only install one version of postgres, which is version 11 with postgis 2.5.
Snyk has created this PR to upgrade uuid from 3.3.3 to 3.4.0. See this package in NPM: https://www.npmjs.com/package/uuid See this project in Snyk: https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
* Fix Unknow type bug on overloaded types * check args too
* use token and algo from jwt header * change node-rsa out for jwks-rsa, reflect change in tests and add one test for coverage * remove superfluous cache, allow jwks cache parameters to be passed to validateAuthData * remove package lock * regenerate package lock * try fixing package-lock with copy from master * manual changes for merge conflict * whitespace * pass options as object * fix inconsistent variable name
* fix(package): update mongodb to version 3.5.5 * chore(package): update lockfile package-lock.json Co-authored-by: greenkeeper[bot] <23040076+greenkeeper[bot]@users.noreply.github.com>
Bumps [acorn](https://github.com/acornjs/acorn) from 7.1.0 to 7.1.1. - [Release notes](https://github.com/acornjs/acorn/releases) - [Commits](acornjs/acorn@7.1.0...7.1.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Snyk has created this PR to upgrade graphql-tools from 4.0.6 to 4.0.7. See this package in NPM: https://www.npmjs.com/package/graphql-tools See this project in Snyk: https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr
* fix(package): update commander to version 5.0.0 * chore(package): update lockfile package-lock.json Co-authored-by: greenkeeper[bot] <23040076+greenkeeper[bot]@users.noreply.github.com>
|
Just bumping here since #6416 is now merged! :) Thank you @UnderratedDev! |
* Attempting to fix Postgres issue
* Attempting to fix Postgres issue
trying to stop loop
* Attempting to fix Postgres
isolating postgres calls
* Attempting to fix Postgres issue
Separating jobs
* Attempting to fix postgres
* Attempting to fix postgres
* Attempting to fix postgres
Separating builds again
* Attempting to fix postgres
* Attempting to fix postgres
* Attempting to fix postgres
Just added back version 10, just in case it gets called
* Attempting to fix postgres
* Attempting to fix postgres
* Attempting to fix postgres
* Attempting to fix postgres
* Attempting to fix postgres
* Attempting to fix postgres
* Attempting to fix postgres
* Attempting to fix postgres
* Attempting to fix postgres
* Attempting to fix postgres
* Update .travis.yml
* Attempting to fix postgres
Removed postgres installs from unneeded test cases. Added the ability to test Postgres 10 and 11
* Attempting to fix postgres
* Attempting to fix postgres
* Attempting to fix postgres
* Attempting to fix postgres
Added test for postgres 12 that's allowed to fail
* Attempting to fix postgres
* Attempting to fix postgres
Second round to see if it fails eventually
* Attempting to fix postgres
Round 3
* Attempting to fix postgres
Allowing all postgres to fail since it seems to occur randomly
* Temporary fix: separated mongo and postgres in travis
Now the mongo and postgres scripts are independent of each other to prevent the `ERROR: could not access file "$libdir/postgis-2.4": No such file or directory` of showing up in the rest of the builds.
In addition, a test for postgres-12 has been added for future compatibility. Both the postgres-11 and postgres-12 have been added to `allow_failures` because the aforementioned error still creeps up. Important note is that the error has nothing to do with compatibility with postgres, but rather seems to be an error of how postgres (or really postgis) is being referenced in the respective travis distribution. Lastly, this error, if truly random should appear less than before as the postgres scripts aren't being run for every build as it previously was running.
* Allowing all postgres to fail
* Allowing multiple names to fail
* Removing preinstalled versions of postgres from list
Seeing if this gets rid of the random error
* Use postgres made for dist
* Second round
* Round 3
* Round 4
* Round 5
* Fixed issue with random postgres fail
Removing the native postgres builds at the right time seems to have fixed the random error from before.
The postgres tests are now not allowed to fail.
* Added back postgres 11 and 12 to allow_failures
The actual problem is fixed, but it seems there are some instability with some of the test cases for postgres that need to be addressed at another time.
The issues that pop up are:
- Postgres-11
```Failures:
1) Cloud Code cloud jobs should set the message / success on the job
Message:
Expected undefined to equal 'hello'.
Stack:
Error: Expected undefined to equal 'hello'.
at <Jasmine>
at req.message.then.then.jobStatus (/home/travis/build/parse-community/parse-server/spec/CloudCode.spec.js:1571:46)
at process._tickCallback (internal/process/next_tick.js:68:7)
```
- Postgres-12
```
Failures:
1) Cloud Code cloud jobs should set the message / success on the job
Message:
Expected undefined to equal 'hello'.
Stack:
Error: Expected undefined to equal 'hello'.
at <Jasmine>
at req.message.then.then.jobStatus (/home/travis/build/parse-community/parse-server/spec/CloudCode.spec.js:1571:46)
at process._tickCallback (internal/process/next_tick.js:68:7)
Message:
Expected 'running' to equal 'succeeded'.
Stack:
Error: Expected 'running' to equal 'succeeded'.
at <Jasmine>
at promise.then.then.jobStatus (/home/travis/build/parse-community/parse-server/spec/CloudCode.spec.js:1580:45)
at process._tickCallback (internal/process/next_tick.js:68:7)
```
* added travis scripts for postgres
* Setting up before_install and before_script
This should shrink the footprint of the file and and reduce the redundancy of calls for postgres.
Added support for testing of Postgres 9 and 10 in the scripts, not adding the tests though
* make scripts executable
* Update .travis.yml
* add sourcing in script
* trying to fix source
* fixing env var in script
* fixed ; near then
* Cleaning up travis file
removed old lines
* Finishing clean up
* Fixing allow_failures since "name" was removed
* Update .travis.yml
* Removed Postgres 11 from allow_failures
* I think using travis default postgres port of 5433 will allow us to not have to remove anything from the image
* Switching travis to postgres port 5433
* modifying script for test
* modifying script for test
* modifying script for test
* reverting back to working way with removing postgres from image
* Reverted back to removing postgres from image
* removing postgres 12
* removed postgres-12 from allow_failures
* chore(package): update @babel/core to version 7.9.0 * chore(package): update @babel/plugin-proposal-object-rest-spread to version 7.9.0 * chore(package): update @babel/plugin-transform-flow-strip-types to version 7.9.0 * chore(package): update @babel/preset-env to version 7.9.0 * chore(package): update lockfile package-lock.json Co-authored-by: greenkeeper[bot] <23040076+greenkeeper[bot]@users.noreply.github.com>
…ify works, however requires valid token from applegit add .
… token from apple
|
@dplewis I used your suggestion of using the jwt.verify function for the client ids. It works!!! After reading the docs, I also found you can use it for validating the subject, & issuer so I modified to do all of that in there as well! There is a problem however, that if you want to use the verify, you must pass in a token that can be decoded via one of apple's keys so it is really annoying to write tests & I tried to make it testable however I had to use my own apple client id, generated id's & tokens so I have placeholder text in the tests that have to be replaced if developers want to test apple sign in. If there is a better way, please let me know. Any advice is appreciated on this.
|
UnderratedDev
force-pushed
the
task/apple-adapter-improvements
branch
from
155f6f7 to
b4a2cbd
Compare
|
I ruined this branch locally & pushed so instead redid the changes in a new branch: #6523, 🤦♂ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Added multiple client ids since if you sign in with apple from the watch it uses a different client ID than if you signed in from the website. I could not find any way to make the watch sign in with apple match the client id of the website. I looked online & seems like this is the expected behaviour so I updated parse server to be able to use multiple client ids & verify against them. I also fixed an issue that the jwt claims verify was throwing a error so the server would throw that exception 10 times, I made it throw a parse error which fixed the issue.