@openinc/parse-server-opendash 3.29.11 → 3.29.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -34,63 +34,18 @@ function getKey(header, callback) {
|
|
|
34
34
|
callback(null, key.getPublicKey());
|
|
35
35
|
});
|
|
36
36
|
}
|
|
37
|
-
/**
|
|
38
|
-
* Fetches the email address of the user from Microsoft Graph API.
|
|
39
|
-
* @param accessToken The access token to authenticate the request.
|
|
40
|
-
* @returns The email address of the user.
|
|
41
|
-
*/
|
|
42
|
-
async function getUserMail(accessToken, userid) {
|
|
43
|
-
console.log("Fetching Microsoft user info for user ID:", userid, "with token:", accessToken);
|
|
44
|
-
const response = await fetch(`https://graph.microsoft.com/v1.0/me`, {
|
|
45
|
-
method: "GET",
|
|
46
|
-
headers: {
|
|
47
|
-
Authorization: `Bearer ${accessToken}`,
|
|
48
|
-
Accept: "application/json",
|
|
49
|
-
},
|
|
50
|
-
});
|
|
51
|
-
if (!response.ok) {
|
|
52
|
-
console.error(`Failed to fetch user info: ${response.status} ${response.statusText}`);
|
|
53
|
-
return null;
|
|
54
|
-
}
|
|
55
|
-
const data = (await response.json());
|
|
56
|
-
console.log("Fetched Microsoft user data:", data);
|
|
57
|
-
if (data.mail) {
|
|
58
|
-
return data.mail;
|
|
59
|
-
}
|
|
60
|
-
else if (data.userPrincipalName) {
|
|
61
|
-
return data.userPrincipalName;
|
|
62
|
-
}
|
|
63
|
-
else {
|
|
64
|
-
return null;
|
|
65
|
-
}
|
|
66
|
-
}
|
|
67
37
|
async function init(name) {
|
|
68
38
|
Parse.Cloud.define(name, async (request) => {
|
|
69
39
|
const token = request.params.token;
|
|
70
40
|
const account = request.params.account;
|
|
71
41
|
console.log(JSON.stringify(request.params));
|
|
42
|
+
console.log("Account: ", JSON.stringify(account));
|
|
72
43
|
if (!token) {
|
|
73
44
|
throw new Parse.Error(Parse.Error.INVALID_JSON, "Token missing");
|
|
74
45
|
}
|
|
75
46
|
if (!tenantId || !appId) {
|
|
76
47
|
throw new Parse.Error(Parse.Error.INVALID_JSON, "Microsoft authentication not properly configured");
|
|
77
48
|
}
|
|
78
|
-
// DEBUGGING: Decode token without verification to see what we're dealing with
|
|
79
|
-
console.log("=== DEBUGGING TOKEN ===");
|
|
80
|
-
try {
|
|
81
|
-
const tokenParts = token.split(".");
|
|
82
|
-
const payload = JSON.parse(Buffer.from(tokenParts[1], "base64").toString());
|
|
83
|
-
console.log("Token audience (aud):", payload.aud);
|
|
84
|
-
console.log("Token issuer (iss):", payload.iss);
|
|
85
|
-
console.log("Expected audience:", appId);
|
|
86
|
-
console.log("Expected issuer:", `https://login.microsoftonline.com/${tenantId}/v2.0`);
|
|
87
|
-
console.log("Audience match:", payload.aud === appId);
|
|
88
|
-
console.log("Issuer match:", payload.iss === `https://login.microsoftonline.com/${tenantId}/v2.0`);
|
|
89
|
-
}
|
|
90
|
-
catch (e) {
|
|
91
|
-
console.error("Failed to decode token:", e);
|
|
92
|
-
}
|
|
93
|
-
console.log("=== END DEBUGGING ===");
|
|
94
49
|
const verifiedPayload = await new Promise((resolve, reject) => {
|
|
95
50
|
jsonwebtoken_1.default.verify(token, getKey, {
|
|
96
51
|
audience: appId,
|
|
@@ -105,10 +60,6 @@ async function init(name) {
|
|
|
105
60
|
});
|
|
106
61
|
});
|
|
107
62
|
console.log("Payload: ", JSON.stringify(verifiedPayload));
|
|
108
|
-
let usermail = null;
|
|
109
|
-
if (verifiedPayload.oid) {
|
|
110
|
-
usermail = await getUserMail(token, verifiedPayload.oid);
|
|
111
|
-
}
|
|
112
63
|
const defaultTenant = await new Parse.Query(types_1.Tenant)
|
|
113
64
|
.ascending("createdAt")
|
|
114
65
|
.first({ useMasterKey: true });
|
|
@@ -121,8 +72,6 @@ async function init(name) {
|
|
|
121
72
|
.first({ useMasterKey: true }));
|
|
122
73
|
if (!user && !oldUser) {
|
|
123
74
|
user = new Parse.User();
|
|
124
|
-
user.set("username", account.username);
|
|
125
|
-
user.set("email", usermail ?? account.username);
|
|
126
75
|
user.set("password", (0, crypto_1.randomBytes)(16).toString("hex"));
|
|
127
76
|
user.set("microsoftId", verifiedPayload.oid);
|
|
128
77
|
user.set("name", verifiedPayload.name || verifiedPayload.preferred_username);
|
|
@@ -134,10 +83,13 @@ async function init(name) {
|
|
|
134
83
|
// Migrate legacy account that used the oid as username to a modern record keyed by microsoftId.
|
|
135
84
|
user = oldUser;
|
|
136
85
|
user.set("microsoftId", verifiedPayload.oid);
|
|
137
|
-
user.set("username", account.username);
|
|
138
|
-
user.set("email", usermail ?? account.username);
|
|
139
86
|
user = await user.save(null, { useMasterKey: true });
|
|
140
87
|
}
|
|
88
|
+
// Update user info on each login
|
|
89
|
+
user.set("username", verifiedPayload.name ??
|
|
90
|
+
verifiedPayload.preferred_username ??
|
|
91
|
+
account.username);
|
|
92
|
+
user.set("email", verifiedPayload.email ?? verifiedPayload.preferred_username);
|
|
141
93
|
const sessionToken = "r:" + (0, crypto_1.randomBytes)(16).toString("hex");
|
|
142
94
|
const session = new Parse.Object("_Session");
|
|
143
95
|
session.set("user", user);
|