Skip to content

Old bug still here: unwanted authData validation #6228

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
SebC99 opened this issue Nov 20, 2019 · 7 comments
Closed

Old bug still here: unwanted authData validation #6228

SebC99 opened this issue Nov 20, 2019 · 7 comments

Comments

@SebC99
Copy link
Contributor

SebC99 commented Nov 20, 2019

This bug #3867 is still here even with #3783 and #3872 fixes.
The reason why is in the RestWrite.js file:

if (!_.isEqual(providerData, userAuthData)) {
    mutatedAuthData[provider] = providerData;
}

When tested with facebook, the userAuthData comes from the saved user (MongoDB in my case), and it includes a token and an expiration date which is a Date object.
But the providerData which comes from the rest request from the SDK includes the same token and expiration date, but the expiration date is a string in that case. So we don't have equality of object.

There should be a conversion somewhere, but what's the best place to do it?
@dplewis
Copy link
Member

dplewis commented Nov 20, 2019

Probably on the server side. Can you write a test case?

@SebC99
Copy link
Contributor Author

SebC99 commented Nov 21, 2019

I don't see how, there's no test for this very internal process so I don't know how I would write it...

@dplewis
Copy link
Member

dplewis commented Nov 23, 2019
edited
Loading

@SebC99 What does your authData look like in mongo?

Mine is a string and it returns as a string when I query or debug RestWrite.js

"_auth_data_facebook": {
        "id": "...",
        "access_token": "...",
        "expiration_date": "2019-03-16T02:00:00.185Z"
    },

@SebC99
Copy link
Contributor Author

SebC99 commented Nov 23, 2019

@dplewis for most users, it's the same as yours, but for others (old ones) it's a date:

"_auth_data_facebook" : {
        "access_token" : "....", 
        "expiration_date" : ISODate("2016-06-04T22:31:38.412+0000"), 
        "id" : "..."
    }

@dplewis
Copy link
Member

dplewis commented Nov 23, 2019

There are 2 solutions for this

  1. you write a script that converts your Date objects into strings in your DB
  2. convert in RestWrite before checking isEqual

Which do you prefer? Your problem will be immediately solve with option 1. Option 2 is for this specific use case.

Open a PR we are more than welcome to review it.

Closing as this is an old issue.

@dplewis dplewis closed this as completed Nov 23, 2019
@SebC99
Copy link
Contributor Author

SebC99 commented Nov 24, 2019

I've patched the RestWrite, adding an equality method in Auth Adapters, but you're right, a script might be safer ;)
I'll do that!
Thanks a lot

@santiagosemhan
Copy link

I found this problem with my custom auth. Every time that I update the user object, auth data validation is triggered.

@mtrezza mtrezza mentioned this issue Dec 23, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@SebC99 @dplewis @santiagosemhan