@openinc/parse-server-opendash 3.29.10 → 3.29.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -34,61 +34,18 @@ function getKey(header, callback) {
|
|
|
34
34
|
callback(null, key.getPublicKey());
|
|
35
35
|
});
|
|
36
36
|
}
|
|
37
|
-
/**
|
|
38
|
-
* Fetches the email address of the user from Microsoft Graph API.
|
|
39
|
-
* @param accessToken The access token to authenticate the request.
|
|
40
|
-
* @returns The email address of the user.
|
|
41
|
-
*/
|
|
42
|
-
async function getUserMail(accessToken, userid) {
|
|
43
|
-
const response = await fetch(`https://graph.microsoft.com/v1.0/users/${userid}`, {
|
|
44
|
-
method: "GET",
|
|
45
|
-
headers: {
|
|
46
|
-
Authorization: `Bearer ${accessToken}`,
|
|
47
|
-
Accept: "application/json",
|
|
48
|
-
},
|
|
49
|
-
});
|
|
50
|
-
if (!response.ok) {
|
|
51
|
-
console.error(`Failed to fetch user info: ${response.status} ${response.statusText}`);
|
|
52
|
-
return null;
|
|
53
|
-
}
|
|
54
|
-
const data = (await response.json());
|
|
55
|
-
console.log("Fetched Microsoft user data:", data);
|
|
56
|
-
if (data.mail) {
|
|
57
|
-
return data.mail;
|
|
58
|
-
}
|
|
59
|
-
else if (data.userPrincipalName) {
|
|
60
|
-
return data.userPrincipalName;
|
|
61
|
-
}
|
|
62
|
-
else {
|
|
63
|
-
return null;
|
|
64
|
-
}
|
|
65
|
-
}
|
|
66
37
|
async function init(name) {
|
|
67
38
|
Parse.Cloud.define(name, async (request) => {
|
|
68
39
|
const token = request.params.token;
|
|
69
40
|
const account = request.params.account;
|
|
41
|
+
console.log(JSON.stringify(request.params));
|
|
42
|
+
console.log("Account: ", JSON.stringify(account));
|
|
70
43
|
if (!token) {
|
|
71
44
|
throw new Parse.Error(Parse.Error.INVALID_JSON, "Token missing");
|
|
72
45
|
}
|
|
73
46
|
if (!tenantId || !appId) {
|
|
74
47
|
throw new Parse.Error(Parse.Error.INVALID_JSON, "Microsoft authentication not properly configured");
|
|
75
48
|
}
|
|
76
|
-
// DEBUGGING: Decode token without verification to see what we're dealing with
|
|
77
|
-
console.log("=== DEBUGGING TOKEN ===");
|
|
78
|
-
try {
|
|
79
|
-
const tokenParts = token.split(".");
|
|
80
|
-
const payload = JSON.parse(Buffer.from(tokenParts[1], "base64").toString());
|
|
81
|
-
console.log("Token audience (aud):", payload.aud);
|
|
82
|
-
console.log("Token issuer (iss):", payload.iss);
|
|
83
|
-
console.log("Expected audience:", appId);
|
|
84
|
-
console.log("Expected issuer:", `https://login.microsoftonline.com/${tenantId}/v2.0`);
|
|
85
|
-
console.log("Audience match:", payload.aud === appId);
|
|
86
|
-
console.log("Issuer match:", payload.iss === `https://login.microsoftonline.com/${tenantId}/v2.0`);
|
|
87
|
-
}
|
|
88
|
-
catch (e) {
|
|
89
|
-
console.error("Failed to decode token:", e);
|
|
90
|
-
}
|
|
91
|
-
console.log("=== END DEBUGGING ===");
|
|
92
49
|
const verifiedPayload = await new Promise((resolve, reject) => {
|
|
93
50
|
jsonwebtoken_1.default.verify(token, getKey, {
|
|
94
51
|
audience: appId,
|
|
@@ -102,10 +59,7 @@ async function init(name) {
|
|
|
102
59
|
resolve(decoded);
|
|
103
60
|
});
|
|
104
61
|
});
|
|
105
|
-
|
|
106
|
-
if (verifiedPayload.oid) {
|
|
107
|
-
usermail = await getUserMail(token, verifiedPayload.oid);
|
|
108
|
-
}
|
|
62
|
+
console.log("Payload: ", JSON.stringify(verifiedPayload));
|
|
109
63
|
const defaultTenant = await new Parse.Query(types_1.Tenant)
|
|
110
64
|
.ascending("createdAt")
|
|
111
65
|
.first({ useMasterKey: true });
|
|
@@ -116,11 +70,8 @@ async function init(name) {
|
|
|
116
70
|
let oldUser = (await new Parse.Query(Parse.User)
|
|
117
71
|
.equalTo("username", verifiedPayload.oid)
|
|
118
72
|
.first({ useMasterKey: true }));
|
|
119
|
-
console.log("Payload: ", JSON.stringify(verifiedPayload), "account:", JSON.stringify(account));
|
|
120
73
|
if (!user && !oldUser) {
|
|
121
74
|
user = new Parse.User();
|
|
122
|
-
user.set("username", account.username);
|
|
123
|
-
user.set("email", usermail ?? account.username);
|
|
124
75
|
user.set("password", (0, crypto_1.randomBytes)(16).toString("hex"));
|
|
125
76
|
user.set("microsoftId", verifiedPayload.oid);
|
|
126
77
|
user.set("name", verifiedPayload.name || verifiedPayload.preferred_username);
|
|
@@ -132,10 +83,13 @@ async function init(name) {
|
|
|
132
83
|
// Migrate legacy account that used the oid as username to a modern record keyed by microsoftId.
|
|
133
84
|
user = oldUser;
|
|
134
85
|
user.set("microsoftId", verifiedPayload.oid);
|
|
135
|
-
user.set("username", account.username);
|
|
136
|
-
user.set("email", usermail ?? account.username);
|
|
137
86
|
user = await user.save(null, { useMasterKey: true });
|
|
138
87
|
}
|
|
88
|
+
// Update user info on each login
|
|
89
|
+
user.set("username", verifiedPayload.name ??
|
|
90
|
+
verifiedPayload.preferred_username ??
|
|
91
|
+
account.username);
|
|
92
|
+
user.set("email", verifiedPayload.email ?? verifiedPayload.preferred_username);
|
|
139
93
|
const sessionToken = "r:" + (0, crypto_1.randomBytes)(16).toString("hex");
|
|
140
94
|
const session = new Parse.Object("_Session");
|
|
141
95
|
session.set("user", user);
|