Skip to content

Commit c0d9002

Browse files
SebC99SebC99
committed
Fix missing token test
1 parent 70862fd commit c0d9002

File tree

2 files changed

+19
-29
lines changed

2 files changed

+19
-29
lines changed

spec/AuthenticationAdapters.spec.js

Lines changed: 2 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -523,12 +523,12 @@ describe('google auth adapter', () => {
523523
const google = require('../lib/Adapters/Auth/google');
524524
const jwt = require('jsonwebtoken');
525525

526-
it('should throw error with missing id_token', async () => {
526+
it('should throw error with missing id_token or access_token', async () => {
527527
try {
528528
await google.validateAuthData({}, {});
529529
fail();
530530
} catch (e) {
531-
expect(e.message).toBe('id token is invalid for this user.');
531+
expect(e.message).toBe('id_token or access_token is missing for this user.');
532532
}
533533
});
534534

@@ -541,20 +541,6 @@ describe('google auth adapter', () => {
541541
}
542542
});
543543

544-
// it('should throw error if public key used to encode token is not available', async () => {
545-
// const fakeDecodedToken = { header: { kid: '789', alg: 'RS256' } };
546-
// try {
547-
// spyOn(jwt, 'decode').and.callFake(() => fakeDecodedToken);
548-
549-
// await google.validateAuthData({ id: 'the_user_id', id_token: 'the_token' }, {});
550-
// fail();
551-
// } catch (e) {
552-
// expect(e.message).toBe(
553-
// `Unable to find matching key for Key ID: ${fakeDecodedToken.header.kid}`
554-
// );
555-
// }
556-
// });
557-
558544
it('(using client id as string) should verify id_token', async () => {
559545
const fakeClaim = {
560546
iss: 'https://accounts.google.com',

src/Adapters/Auth/google.js

Lines changed: 17 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ function getGoogleKeyByKeyId(keyId) {
2626
data += chunk.toString('utf8');
2727
});
2828
res.on('end', () => {
29-
const {keys} = JSON.parse(data);
29+
const { keys } = JSON.parse(data);
3030
const pems = keys.reduce(
3131
(pems, { n: modulus, e: exposant, kid }) =>
3232
Object.assign(pems, {
@@ -53,7 +53,7 @@ function getGoogleKeyByKeyId(keyId) {
5353
}
5454

5555
function getHeaderFromToken(token) {
56-
const decodedToken = jwt.decode(token, {complete: true});
56+
const decodedToken = jwt.decode(token, { complete: true });
5757

5858
if (!decodedToken) {
5959
throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, `provided token does not decode as JWT`);
@@ -62,7 +62,7 @@ function getHeaderFromToken(token) {
6262
return decodedToken.header;
6363
}
6464

65-
async function verifyIdToken({id_token: token, id}, {clientId}) {
65+
async function verifyIdToken({ id_token: token, id }, { clientId }) {
6666
if (!token) {
6767
throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, `id token is invalid for this user.`);
6868
}
@@ -88,7 +88,7 @@ async function verifyIdToken({id_token: token, id}, {clientId}) {
8888
);
8989
}
9090

91-
if (typeof id != "undefined" && jwtClaims.sub !== id) {
91+
if (typeof id != 'undefined' && jwtClaims.sub !== id) {
9292
throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, `auth data is invalid for this user.`);
9393
}
9494

@@ -103,30 +103,35 @@ async function verifyIdToken({id_token: token, id}, {clientId}) {
103103
}
104104

105105
// Old way to validate an auth_token, only used for development purpose
106-
function validateAuthToken({id,access_token}) {
106+
function validateAuthToken({ id, access_token }) {
107107
return googleRequest('tokeninfo?access_token=' + access_token).then(response => {
108108
if (response && (response.sub == id || response.user_id == id)) {
109109
return;
110110
}
111-
throw new Parse.Error(
112-
Parse.Error.OBJECT_NOT_FOUND, 'Google auth is invalid for this user.');
111+
throw new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Google auth is invalid for this user.');
113112
});
114113
}
115114

116115
// Returns a promise that fulfills if this user id is valid.
117-
function validateAuthData({id, id_token, access_token}, options) {
116+
function validateAuthData({ id, id_token, access_token }, options) {
117+
if (!id_token && !access_token) {
118+
throw new Parse.Error(
119+
Parse.Error.OBJECT_NOT_FOUND,
120+
`id_token or access_token is missing for this user.`
121+
);
122+
}
118123
// Returns a promise that fulfills if this user id is valid.
119124
if (id_token) {
120-
return verifyIdToken({id, id_token}, options);
125+
return verifyIdToken({ id, id_token }, options);
121126
} else {
122-
return validateAuthToken({id, access_token}).then(
127+
return validateAuthToken({ id, access_token }).then(
123128
() => {
124129
// Validation with auth token worked
125130
return;
126131
},
127132
() => {
128133
// Try with the id_token param
129-
return verifyIdToken({id, id_token: access_token}, options);
134+
return verifyIdToken({ id, id_token: access_token }, options);
130135
}
131136
);
132137
}
@@ -139,10 +144,9 @@ function validateAppId() {
139144

140145
module.exports = {
141146
validateAppId: validateAppId,
142-
validateAuthData: validateAuthData
147+
validateAuthData: validateAuthData,
143148
};
144149

145-
146150
// Helpers functions to convert the RSA certs to PEM (from jwks-rsa)
147151
function rsaPublicKeyToPEM(modulusB64, exponentB64) {
148152
const modulus = new Buffer(modulusB64, 'base64');

0 commit comments

Comments
 (0)