Skip to content

Add back a google verification for old access_token #6992

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: alpha
Choose a base branch
from
Open

Add back a google verification for old access_token #6992

wants to merge 5 commits into from

Conversation

SebC99
Copy link
Contributor

@SebC99 SebC99 commented Nov 3, 2020

(#6849 )

@ghost
Copy link

ghost commented Nov 3, 2020
edited by ghost
Loading

Warnings
⚠️ Please add a changelog entry for your changes.

Generated by 🚫 dangerJS

@mtrezza mtrezza marked this pull request as draft November 3, 2020 09:01
@codecov
Copy link

codecov bot commented Nov 3, 2020
edited
Loading

Codecov Report

Attention: Patch coverage is 42.85714% with 8 lines in your changes missing coverage. Please review.

Project coverage is 93.89%. Comparing base (c8e822b) to head (b7430eb).
Report is 1015 commits behind head on alpha.

Files Patch % Lines
src/Adapters/Auth/google.js 42.85% 8 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##            alpha    #6992      +/-   ##
==========================================
- Coverage   93.92%   93.89%   -0.04%     
==========================================
  Files         181      181              
  Lines       13267    13279      +12     
==========================================
+ Hits        12461    12468       +7     
- Misses        806      811       +5

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@mtrezza mtrezza mentioned this pull request Dec 22, 2020
Open
@dplewis
Copy link
Member

dplewis commented Apr 15, 2021

@SebC99 Can you update from master for the CI? Is this still a draft? Looks good so far.

@SebC99 SebC99 force-pushed the features/googleAuth branch from 940c8ab to 262f12e Compare April 20, 2021 07:33
@SebC99
Copy link
Contributor Author

SebC99 commented Apr 20, 2021

@dplewis I have no ideas why it fails

@dplewis
Copy link
Member

dplewis commented Apr 22, 2021

Does the failing test pass locally?

@SebC99 SebC99 mentioned this pull request Jul 26, 2021
Open
SebC99 added 4 commits July 26, 2021 12:39
@SebC99
Merge branch 'master' into features/googleAuth
8a68d2c 
* master: (55 commits)
  Accept context via header X-Parse-Cloud-Context (parse-community#7437)
  [Snyk] Upgrade ws from 7.4.6 to 7.5.3 (parse-community#7457)
  fix: upgrade @apollographql/graphql-playground-html from 1.6.28 to 1.6.29 (parse-community#7473)
  fix: upgrade @apollographql/graphql-playground-html from 1.6.27 to 1.6.28 (parse-community#7411)
  fix: upgrade graphql from 15.5.0 to 15.5.1 (parse-community#7462)
  [Snyk] Security upgrade parse from 3.2.0 to 3.3.0 (parse-community#7464)
  fix: upgrade apollo-server-express from 2.25.1 to 2.25.2 (parse-community#7465)
  fix: upgrade graphql-tag from 2.12.4 to 2.12.5 (parse-community#7466)
  fix: upgrade graphql-relay from 0.7.0 to 0.8.0 (parse-community#7467)
  Add MongoDB 5.0 support + bump CI env (parse-community#7469)
  changed twitter API endpoint for oauth test (parse-community#7472)
  add runtime deprecation warning (parse-community#7451)
  bumped node (parse-community#7452)
  fix: upgrade apollo-server-express from 2.25.0 to 2.25.1 (parse-community#7449)
  fix: upgrade subscriptions-transport-ws from 0.9.19 to 0.10.0 (parse-community#7450)
  fix: upgrade mongodb from 3.6.8 to 3.6.9 (parse-community#7445)
  fix: upgrade mongodb from 3.6.7 to 3.6.8 (parse-community#7430)
  fix: upgrade apollo-server-express from 2.24.1 to 2.25.0 (parse-community#7435)
  fix: upgrade ldapjs from 2.2.4 to 2.3.0 (parse-community#7436)
  fix: upgrade graphql-relay from 0.6.0 to 0.7.0 (parse-community#7443)
  ...
@SebC99
Ignore JWT sub test if user id is not provided
70862fd
@SebC99
Fix missing token test
c0d9002
@SebC99
Add a promise reject instead of a throw
b7430eb
@SebC99
Copy link
Contributor Author

SebC99 commented Aug 18, 2021

@mtrezza do you have any idea how to make it passes the tests?

@mtrezza
Copy link
Member

mtrezza commented Aug 18, 2021

You are only referring to the coverage, right?

@SebC99
Copy link
Contributor Author

SebC99 commented Aug 18, 2021

I think it's the only ones failing yes, but I have no idea of new tests to add (I'm very very bad at writing tests...)

@mtrezza
Copy link
Member

mtrezza commented Sep 3, 2021

⚠️ Important change for merging PRs from Parse Server 5.0 onwards!

We are planning to release the first beta version of Parse Server 5.0 in October 2021.

If a PR contains a breaking change and is not merged before the beta release of Parse Server 5.0, it cannot be merged until the end of 2022. Instead it has to follow the Deprecation Policy and phase-in breaking changes to be merged during the course of 2022.

One of the most voiced community feedbacks was the demand for predictability in breaking changes to make it easy to upgrade Parse Server. We have made a first step towards this by introducing the Deprecation Policy in February 2021 that assists to phase-in breaking changes, giving developers time to adapt. We will follow-up with the introduction of Release Automation and a branch model that will allow breaking changes only with a new major release, scheduled for the beginning of each calendar year.

We understand that some PRs are a long time in the making and we very much appreciate your contribution. We want to make it easy for PRs that contain a breaking change and were created before the introduction of the Deprecation Policy. These PRs can be merged with a breaking change without being phased-in before the beta release of Parse Server 5.0. We are making this exception because we appreciate that this is a time of transition that requires additional effort from contributors to adapt. We encourage everyone to prepare their PRs until the end of September and account for review time and possible adaptions.

If a PR contains a breaking change and should be merged before the beta release, please mention @parse-community/server-maintenance and we will coordinate with you to merge the PR.

Thanks for your contribution and support during this transition to Parse Server release automation!

@SebC99
Copy link
Contributor Author

SebC99 commented Sep 5, 2021

@parse-community/server-maintenance I think this one should be merged :)

@mtrezza
Copy link
Member

mtrezza commented Sep 5, 2021
edited
Loading

Yes, I agree. Can you rebase this on master please and add a changelog entry? And is this a breaking change?

@sadortun
Copy link
Contributor

sadortun commented Feb 6, 2023
edited
Loading

@SebC99 @mtrezza Still interested in merging this ?

If so, can it be added to 5.4.x ? Or you prefer alpha ?

@mtrezza mtrezza marked this pull request as ready for review February 6, 2023 13:25
@mtrezza
Copy link
Member

mtrezza commented Feb 6, 2023

Sure, we could add this to alpha.

It seems that @SebC99 didn't allow this PR to be edited. Either they rebase it or you could open a new PR to get this ready for merge.

@sadortun
Copy link
Contributor

@mtrezza

I was giving this a 2nd thought, and i think we should split this into google.js and googleAccessToken.js

I am not sure giving the unsecure client the option between providing either an id token or an access token is great.

I'm not knowledgeable enough in oauth2 to know if this should be enforced by the backend (via 2 auth adapters) or if a single auth adapter as suggested in this PR is a good idea.

It would be a simpler implementation to have two adapters each validating their own token. I dont think they should be used interchangeably.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@SebC99 @dplewis @mtrezza @sadortun