From 0e9d08dc5ea7a43a861ffa4153c5ae4b51297d9f Mon Sep 17 00:00:00 2001 From: Chris Borg Date: Tue, 7 May 2024 08:33:37 +0200 Subject: [PATCH 1/2] fix: Changes facebook auth host to resolve JWT validation issue --- src/Adapters/Auth/facebook.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Adapters/Auth/facebook.js b/src/Adapters/Auth/facebook.js index 737657c8bd..871374de24 100644 --- a/src/Adapters/Auth/facebook.js +++ b/src/Adapters/Auth/facebook.js @@ -7,7 +7,7 @@ const jwt = require('jsonwebtoken'); const httpsRequest = require('./httpsRequest'); const authUtils = require('./utils'); -const TOKEN_ISSUER = 'https://facebook.com'; +const TOKEN_ISSUER = 'https://www.facebook.com'; function getAppSecretPath(authData, options = {}) { const appSecret = options.appSecret; From 00262ba01a704a364757adb11ac21a3b440714f3 Mon Sep 17 00:00:00 2001 From: Chris Borg Date: Wed, 8 May 2024 09:57:53 +0200 Subject: [PATCH 2/2] fix: Changes facebook limited login host on unit tests --- spec/AuthenticationAdapters.spec.js | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/spec/AuthenticationAdapters.spec.js b/spec/AuthenticationAdapters.spec.js index 4a93ace3a3..81f2993486 100644 --- a/spec/AuthenticationAdapters.spec.js +++ b/spec/AuthenticationAdapters.spec.js @@ -2081,7 +2081,7 @@ describe('facebook limited auth adapter', () => { it('should use algorithm from key header to verify id_token', async () => { const fakeClaim = { - iss: 'https://facebook.com', + iss: 'https://www.facebook.com', aud: 'secret', exp: Date.now(), sub: 'the_user_id', @@ -2145,7 +2145,7 @@ describe('facebook limited auth adapter', () => { it('(using client id as string) should verify id_token', async () => { const fakeClaim = { - iss: 'https://facebook.com', + iss: 'https://www.facebook.com', aud: 'secret', exp: Date.now(), sub: 'the_user_id', @@ -2172,7 +2172,7 @@ describe('facebook limited auth adapter', () => { it('(using client id as array) should verify id_token', async () => { const fakeClaim = { - iss: 'https://facebook.com', + iss: 'https://www.facebook.com', aud: 'secret', exp: Date.now(), sub: 'the_user_id', @@ -2199,7 +2199,7 @@ describe('facebook limited auth adapter', () => { it('(using client id as array with multiple items) should verify id_token', async () => { const fakeClaim = { - iss: 'https://facebook.com', + iss: 'https://www.facebook.com', aud: 'secret', exp: Date.now(), sub: 'the_user_id', @@ -2250,7 +2250,7 @@ describe('facebook limited auth adapter', () => { fail(); } catch (e) { expect(e.message).toBe( - 'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com' + 'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com' ); } }); @@ -2286,7 +2286,7 @@ describe('facebook limited auth adapter', () => { fail(); } catch (e) { expect(e.message).toBe( - 'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com' + 'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com' ); } }); @@ -2320,7 +2320,7 @@ describe('facebook limited auth adapter', () => { fail(); } catch (e) { expect(e.message).toBe( - 'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com' + 'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com' ); } }); @@ -2378,7 +2378,7 @@ describe('facebook limited auth adapter', () => { it('should throw error with with invalid user id', async () => { const fakeClaim = { - iss: 'https://facebook.com', + iss: 'https://www.facebook.com', aud: 'invalid_client_id', sub: 'a_different_user_id', };