fix: Facebook Limited Login not working due to incorrect domain in JW…

…T validation (#9122)
parse-community · May 16, 2024 · 9d0bd2b · 9d0bd2b
1 parent eba9dff
commit 9d0bd2b
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 9 deletions.
diff --git a/spec/AuthenticationAdapters.spec.js b/spec/AuthenticationAdapters.spec.js
@@ -2047,7 +2047,7 @@ describe('facebook limited auth adapter', () => {
 
  it('should use algorithm from key header to verify id_token', async () => {
  const fakeClaim = {
- iss: 'https://facebook.com',
+ iss: 'https://www.facebook.com',
  aud: 'secret',
  exp: Date.now(),
  sub: 'the_user_id',
@@ -2097,7 +2097,7 @@ describe('facebook limited auth adapter', () => {
 
  it('(using client id as string) should verify id_token', async () => {
  const fakeClaim = {
- iss: 'https://facebook.com',
+ iss: 'https://www.facebook.com',
  aud: 'secret',
  exp: Date.now(),
  sub: 'the_user_id',
@@ -2117,7 +2117,7 @@ describe('facebook limited auth adapter', () => {
 
  it('(using client id as array) should verify id_token', async () => {
  const fakeClaim = {
- iss: 'https://facebook.com',
+ iss: 'https://www.facebook.com',
  aud: 'secret',
  exp: Date.now(),
  sub: 'the_user_id',
@@ -2137,7 +2137,7 @@ describe('facebook limited auth adapter', () => {
 
  it('(using client id as array with multiple items) should verify id_token', async () => {
  const fakeClaim = {
- iss: 'https://facebook.com',
+ iss: 'https://www.facebook.com',
  aud: 'secret',
  exp: Date.now(),
  sub: 'the_user_id',
@@ -2174,7 +2174,7 @@ describe('facebook limited auth adapter', () => {
  fail();
  } catch (e) {
  expect(e.message).toBe(
- 'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com'
+ 'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com'
  );
  }
  });
@@ -2203,7 +2203,7 @@ describe('facebook limited auth adapter', () => {
  fail();
  } catch (e) {
  expect(e.message).toBe(
- 'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com'
+ 'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com'
  );
  }
  });
@@ -2230,7 +2230,7 @@ describe('facebook limited auth adapter', () => {
  fail();
  } catch (e) {
  expect(e.message).toBe(
- 'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com'
+ 'id token not issued by correct OpenID provider - expected: https://www.facebook.com | from: https://not.facebook.com'
  );
  }
  });
@@ -2288,7 +2288,7 @@ describe('facebook limited auth adapter', () => {
 
  it('should throw error with with invalid user id', async () => {
  const fakeClaim = {
- iss: 'https://facebook.com',
+ iss: 'https://www.facebook.com',
  aud: 'invalid_client_id',
  sub: 'a_different_user_id',
  };

diff --git a/src/Adapters/Auth/facebook.js b/src/Adapters/Auth/facebook.js
@@ -6,7 +6,7 @@ const jwt = require('jsonwebtoken');
 const httpsRequest = require('./httpsRequest');
 const authUtils = require('./utils');
 
-const TOKEN_ISSUER = 'https://facebook.com';
+const TOKEN_ISSUER = 'https://www.facebook.com';
 
 function getAppSecretPath(authData, options = {}) {
  const appSecret = options.appSecret;