From e390680e8b1ae532f43546344aada4e44f71469c Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 21 May 2023 14:54:22 +0000 Subject: [PATCH 1/7] feat: upgrade mongodb from 4.10.0 to 5.3.0 Snyk has created this PR to upgrade mongodb from 4.10.0 to 5.3.0. See this package in npm: https://www.npmjs.com/package/mongodb See this project in Snyk: https://app.snyk.io/org/acinader/project/21343059-02d9-4182-87d7-718a44b181ef?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 91 ++++++++++++++++++++++++----------------------- package.json | 2 +- 2 files changed, 47 insertions(+), 46 deletions(-) diff --git a/package-lock.json b/package-lock.json index 98435f92dc..48cd93c7ae 100644 --- a/package-lock.json +++ b/package-lock.json @@ -37,7 +37,7 @@ "lodash": "4.17.21", "lru-cache": "7.12.0", "mime": "3.0.0", - "mongodb": "4.10.0", + "mongodb": "^5.3.0", "mustache": "4.2.0", "parse": "4.0.1", "path-to-regexp": "0.1.7", @@ -75,7 +75,7 @@ "all-node-versions": "11.3.0", "apollo-upload-client": "17.0.0", "bcrypt-nodejs": "0.0.3", - "clean-jsdoc-theme": "^4.2.7", + "clean-jsdoc-theme": "4.2.7", "cross-env": "7.0.2", "deep-diff": "1.0.2", "eslint": "8.26.0", @@ -4270,6 +4270,7 @@ "version": "1.5.1", "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==", + "dev": true, "funding": [ { "type": "github", @@ -4469,20 +4470,18 @@ } }, "node_modules/bson": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/bson/-/bson-4.7.0.tgz", - "integrity": "sha512-VrlEE4vuiO1WTpfof4VmaVolCVYkYTgB9iWgYNOrVlnifpME/06fhFRmONgBhClD5pFC1t9ZWqFUQEQAzY43bA==", - "dependencies": { - "buffer": "^5.6.0" - }, + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/bson/-/bson-5.3.0.tgz", + "integrity": "sha512-ukmCZMneMlaC5ebPHXIkP8YJzNl5DC41N5MAIvKDqLggdao342t4McltoJBQfQya/nHBWAcSsYRqlXPoQkTJag==", "engines": { - "node": ">=6.9.0" + "node": ">=14.20.1" } }, "node_modules/buffer": { "version": "5.7.1", "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.7.1.tgz", "integrity": "sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ==", + "dev": true, "funding": [ { "type": "github", @@ -5963,14 +5962,6 @@ "resolved": "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz", "integrity": "sha512-bd2L678uiWATM6m5Z1VzNCErI3jiGzt6HGY8OVICs40JQq/HALfbyNJmp0UDakEY4pMMaN0Ly5om/B1VI/+xfQ==" }, - "node_modules/denque": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/denque/-/denque-2.1.0.tgz", - "integrity": "sha512-HVQE3AAb/pxF8fQAoiqpvg9i3evqug3hoiwakOyZAwJm+6vZehbkYXZ0l4JxS+I3QxM97v5aaRNhj8v5oBhekw==", - "engines": { - "node": ">=0.10" - } - }, "node_modules/depd": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", @@ -9128,6 +9119,7 @@ "version": "1.2.1", "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz", "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==", + "dev": true, "funding": [ { "type": "github", @@ -11675,20 +11667,35 @@ } }, "node_modules/mongodb": { - "version": "4.10.0", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-4.10.0.tgz", - "integrity": "sha512-My2QxLTw0Cc1O9gih0mz4mqo145Jq4rLAQx0Glk/Ha9iYBzYpt4I2QFNRIh35uNFNfe8KFQcdwY1/HKxXBkinw==", + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-5.3.0.tgz", + "integrity": "sha512-Wy/sbahguL8c3TXQWXmuBabiLD+iVmz+tOgQf+FwkCjhUIorqbAxRbbz00g4ZoN4sXIPwpAlTANMaGRjGGTikQ==", "dependencies": { - "bson": "^4.7.0", - "denque": "^2.1.0", - "mongodb-connection-string-url": "^2.5.3", - "socks": "^2.7.0" + "bson": "^5.2.0", + "mongodb-connection-string-url": "^2.6.0", + "socks": "^2.7.1" }, "engines": { - "node": ">=12.9.0" + "node": ">=14.20.1" }, "optionalDependencies": { "saslprep": "^1.0.3" + }, + "peerDependencies": { + "@aws-sdk/credential-providers": "^3.201.0", + "mongodb-client-encryption": ">=2.3.0 <3", + "snappy": "^7.2.2" + }, + "peerDependenciesMeta": { + "@aws-sdk/credential-providers": { + "optional": true + }, + "mongodb-client-encryption": { + "optional": true + }, + "snappy": { + "optional": true + } } }, "node_modules/mongodb-connection-string-url": { @@ -23734,7 +23741,8 @@ "base64-js": { "version": "1.5.1", "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", - "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==" + "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==", + "dev": true }, "bcrypt-nodejs": { "version": "0.0.3", @@ -23894,17 +23902,15 @@ } }, "bson": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/bson/-/bson-4.7.0.tgz", - "integrity": "sha512-VrlEE4vuiO1WTpfof4VmaVolCVYkYTgB9iWgYNOrVlnifpME/06fhFRmONgBhClD5pFC1t9ZWqFUQEQAzY43bA==", - "requires": { - "buffer": "^5.6.0" - } + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/bson/-/bson-5.3.0.tgz", + "integrity": "sha512-ukmCZMneMlaC5ebPHXIkP8YJzNl5DC41N5MAIvKDqLggdao342t4McltoJBQfQya/nHBWAcSsYRqlXPoQkTJag==" }, "buffer": { "version": "5.7.1", "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.7.1.tgz", "integrity": "sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ==", + "dev": true, "requires": { "base64-js": "^1.3.1", "ieee754": "^1.1.13" @@ -25045,11 +25051,6 @@ "resolved": "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz", "integrity": "sha512-bd2L678uiWATM6m5Z1VzNCErI3jiGzt6HGY8OVICs40JQq/HALfbyNJmp0UDakEY4pMMaN0Ly5om/B1VI/+xfQ==" }, - "denque": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/denque/-/denque-2.1.0.tgz", - "integrity": "sha512-HVQE3AAb/pxF8fQAoiqpvg9i3evqug3hoiwakOyZAwJm+6vZehbkYXZ0l4JxS+I3QxM97v5aaRNhj8v5oBhekw==" - }, "depd": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", @@ -27500,7 +27501,8 @@ "ieee754": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz", - "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==" + "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==", + "dev": true }, "ignore": { "version": "5.2.4", @@ -29493,15 +29495,14 @@ "integrity": "sha512-5LC9SOxjSc2HF6vO2CyuTDNivEdoz2IvyJJGj6X8DJ0eFyfszE0QiEd+iXmBvUP3WHxSjFH/vIsA0EN00cgr8w==" }, "mongodb": { - "version": "4.10.0", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-4.10.0.tgz", - "integrity": "sha512-My2QxLTw0Cc1O9gih0mz4mqo145Jq4rLAQx0Glk/Ha9iYBzYpt4I2QFNRIh35uNFNfe8KFQcdwY1/HKxXBkinw==", + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-5.3.0.tgz", + "integrity": "sha512-Wy/sbahguL8c3TXQWXmuBabiLD+iVmz+tOgQf+FwkCjhUIorqbAxRbbz00g4ZoN4sXIPwpAlTANMaGRjGGTikQ==", "requires": { - "bson": "^4.7.0", - "denque": "^2.1.0", - "mongodb-connection-string-url": "^2.5.3", + "bson": "^5.2.0", + "mongodb-connection-string-url": "^2.6.0", "saslprep": "^1.0.3", - "socks": "^2.7.0" + "socks": "^2.7.1" } }, "mongodb-connection-string-url": { diff --git a/package.json b/package.json index 8a0338e441..fde528c939 100644 --- a/package.json +++ b/package.json @@ -46,7 +46,7 @@ "lodash": "4.17.21", "lru-cache": "7.12.0", "mime": "3.0.0", - "mongodb": "4.10.0", + "mongodb": "5.3.0", "mustache": "4.2.0", "parse": "4.0.1", "path-to-regexp": "0.1.7", From 43f9b4f090f49c9d11ced12f01bae0b19b41ab62 Mon Sep 17 00:00:00 2001 From: dblythy Date: Mon, 22 May 2023 15:12:27 +1000 Subject: [PATCH 2/7] refactor: Upgrade mongodb from 4.10.0 to 5.3.0 --- package-lock.json | 4 ++-- src/Adapters/Storage/Mongo/MongoCollection.js | 16 ++++------------ .../Storage/Mongo/MongoStorageAdapter.js | 9 ++------- 3 files changed, 8 insertions(+), 21 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2f2b455ac9..9d4afd1833 100644 --- a/package-lock.json +++ b/package-lock.json @@ -11,7 +11,7 @@ "license": "Apache-2.0", "dependencies": { "@babel/eslint-parser": "7.19.1", - "@graphql-tools/merge": "^8.4.1", + "@graphql-tools/merge": "8.4.1", "@graphql-tools/schema": "9.0.4", "@graphql-tools/utils": "8.12.0", "@graphql-yoga/node": "2.6.0", @@ -37,7 +37,7 @@ "lodash": "4.17.21", "lru-cache": "7.12.0", "mime": "3.0.0", - "mongodb": "^5.3.0", + "mongodb": "5.3.0", "mustache": "4.2.0", "parse": "4.0.1", "path-to-regexp": "0.1.7", diff --git a/src/Adapters/Storage/Mongo/MongoCollection.js b/src/Adapters/Storage/Mongo/MongoCollection.js index f3f089f0f1..48de677c2e 100644 --- a/src/Adapters/Storage/Mongo/MongoCollection.js +++ b/src/Adapters/Storage/Mongo/MongoCollection.js @@ -160,18 +160,10 @@ export default class MongoCollection { } _ensureSparseUniqueIndexInBackground(indexRequest) { - return new Promise((resolve, reject) => { - this._mongoCollection.createIndex( - indexRequest, - { unique: true, background: true, sparse: true }, - error => { - if (error) { - reject(error); - } else { - resolve(); - } - } - ); + return this._mongoCollection.createIndex(indexRequest, { + unique: true, + background: true, + sparse: true, }); } diff --git a/src/Adapters/Storage/Mongo/MongoStorageAdapter.js b/src/Adapters/Storage/Mongo/MongoStorageAdapter.js index 78833a026b..985863c576 100644 --- a/src/Adapters/Storage/Mongo/MongoStorageAdapter.js +++ b/src/Adapters/Storage/Mongo/MongoStorageAdapter.js @@ -686,13 +686,8 @@ export class MongoStorageAdapter implements StorageAdapter { }; return this._adaptiveCollection(className) - .then( - collection => - new Promise((resolve, reject) => - collection._mongoCollection.createIndex(indexCreationRequest, indexOptions, error => - error ? reject(error) : resolve() - ) - ) + .then(collection => + collection._mongoCollection.createIndex(indexCreationRequest, indexOptions) ) .catch(err => this.handleError(err)); } From 8cbcd5b1c0a2cac95b342b41c54b2e72b88f843d Mon Sep 17 00:00:00 2001 From: dblythy Date: Mon, 22 May 2023 15:49:32 +1000 Subject: [PATCH 3/7] Update AuthenticationAdapters.spec.js --- spec/AuthenticationAdapters.spec.js | 51 +++++++++++++++++++---------- 1 file changed, 34 insertions(+), 17 deletions(-) diff --git a/spec/AuthenticationAdapters.spec.js b/spec/AuthenticationAdapters.spec.js index bb89596cef..2f8f8d998a 100644 --- a/spec/AuthenticationAdapters.spec.js +++ b/spec/AuthenticationAdapters.spec.js @@ -1517,7 +1517,7 @@ describe('apple signin auth adapter', () => { const fakeGetSigningKeyAsyncFunction = () => { return { kid: '123', rsaPublicKey: 'the_rsa_public_key' }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); const result = await apple.validateAuthData( { id: 'the_user_id', token: 'the_token' }, @@ -1525,6 +1525,7 @@ describe('apple signin auth adapter', () => { ); expect(result).toEqual(fakeClaim); expect(jwt.verify.calls.first().args[2].algorithms).toEqual(fakeDecodedToken.header.alg); + spy.and.callThrough(); }); it('should not verify invalid id_token', async () => { @@ -1533,7 +1534,7 @@ describe('apple signin auth adapter', () => { const fakeGetSigningKeyAsyncFunction = () => { return { kid: '123', rsaPublicKey: 'the_rsa_public_key' }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); try { await apple.validateAuthData( @@ -1544,6 +1545,7 @@ describe('apple signin auth adapter', () => { } catch (e) { expect(e.message).toBe('jwt malformed'); } + spy.and.callThrough(); }); it('(using client id as array) should not verify invalid id_token', async () => { @@ -1570,7 +1572,7 @@ describe('apple signin auth adapter', () => { const fakeGetSigningKeyAsyncFunction = () => { return { kid: '123', rsaPublicKey: 'the_rsa_public_key' }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); spyOn(jwt, 'verify').and.callFake(() => fakeClaim); const result = await apple.validateAuthData( @@ -1578,6 +1580,7 @@ describe('apple signin auth adapter', () => { { clientId: 'secret' } ); expect(result).toEqual(fakeClaim); + spy.and.callThrough(); }); it('(using client id as array) should verify id_token', async () => { @@ -1592,7 +1595,7 @@ describe('apple signin auth adapter', () => { const fakeGetSigningKeyAsyncFunction = () => { return { kid: '123', rsaPublicKey: 'the_rsa_public_key' }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); spyOn(jwt, 'verify').and.callFake(() => fakeClaim); const result = await apple.validateAuthData( @@ -1600,6 +1603,7 @@ describe('apple signin auth adapter', () => { { clientId: ['secret'] } ); expect(result).toEqual(fakeClaim); + spy.and.callThrough(); }); it('(using client id as array with multiple items) should verify id_token', async () => { @@ -1614,7 +1618,7 @@ describe('apple signin auth adapter', () => { const fakeGetSigningKeyAsyncFunction = () => { return { kid: '123', rsaPublicKey: 'the_rsa_public_key' }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); spyOn(jwt, 'verify').and.callFake(() => fakeClaim); const result = await apple.validateAuthData( @@ -1622,6 +1626,7 @@ describe('apple signin auth adapter', () => { { clientId: ['secret', 'secret 123'] } ); expect(result).toEqual(fakeClaim); + spy.and.callThrough(); }); it('(using client id as string) should throw error with with invalid jwt issuer', async () => { @@ -1634,7 +1639,7 @@ describe('apple signin auth adapter', () => { const fakeGetSigningKeyAsyncFunction = () => { return { kid: '123', rsaPublicKey: 'the_rsa_public_key' }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); spyOn(jwt, 'verify').and.callFake(() => fakeClaim); try { @@ -1648,6 +1653,7 @@ describe('apple signin auth adapter', () => { 'id token not issued by correct OpenID provider - expected: https://appleid.apple.com | from: https://not.apple.com' ); } + spy.and.callThrough(); }); // TODO: figure out a way to generate our own apple signed tokens, perhaps with a parse apple account @@ -1691,7 +1697,7 @@ describe('apple signin auth adapter', () => { const fakeGetSigningKeyAsyncFunction = () => { return { kid: '123', rsaPublicKey: 'the_rsa_public_key' }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); spyOn(jwt, 'verify').and.callFake(() => fakeClaim); try { @@ -1708,6 +1714,7 @@ describe('apple signin auth adapter', () => { 'id token not issued by correct OpenID provider - expected: https://appleid.apple.com | from: https://not.apple.com' ); } + spy.and.callThrough(); }); // TODO: figure out a way to generate our own apple signed tokens, perhaps with a parse apple account @@ -1763,7 +1770,7 @@ describe('apple signin auth adapter', () => { const fakeGetSigningKeyAsyncFunction = () => { return { kid: '123', rsaPublicKey: 'the_rsa_public_key' }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); spyOn(jwt, 'verify').and.callFake(() => fakeClaim); try { @@ -1775,6 +1782,7 @@ describe('apple signin auth adapter', () => { } catch (e) { expect(e.message).toBe('auth data is invalid for this user.'); } + spy.and.callThrough(); }); }); @@ -2097,7 +2105,7 @@ describe('facebook limited auth adapter', () => { rsaPublicKey: 'the_rsa_public_key', }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); const result = await facebook.validateAuthData( { id: 'the_user_id', token: 'the_token' }, @@ -2105,6 +2113,7 @@ describe('facebook limited auth adapter', () => { ); expect(result).toEqual(fakeClaim); expect(jwt.verify.calls.first().args[2].algorithms).toEqual(fakeDecodedToken.header.alg); + spy.and.callThrough(); }); it('should not verify invalid id_token', async () => { @@ -2118,7 +2127,7 @@ describe('facebook limited auth adapter', () => { rsaPublicKey: 'the_rsa_public_key', }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); try { await facebook.validateAuthData( @@ -2129,6 +2138,7 @@ describe('facebook limited auth adapter', () => { } catch (e) { expect(e.message).toBe('jwt malformed'); } + spy.and.callThrough(); }); it('(using client id as array) should not verify invalid id_token', async () => { @@ -2160,7 +2170,7 @@ describe('facebook limited auth adapter', () => { rsaPublicKey: 'the_rsa_public_key', }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); spyOn(jwt, 'verify').and.callFake(() => fakeClaim); const result = await facebook.validateAuthData( @@ -2168,6 +2178,7 @@ describe('facebook limited auth adapter', () => { { clientId: 'secret' } ); expect(result).toEqual(fakeClaim); + spy.and.callThrough(); }); it('(using client id as array) should verify id_token', async () => { @@ -2187,7 +2198,7 @@ describe('facebook limited auth adapter', () => { rsaPublicKey: 'the_rsa_public_key', }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); spyOn(jwt, 'verify').and.callFake(() => fakeClaim); const result = await facebook.validateAuthData( @@ -2195,6 +2206,7 @@ describe('facebook limited auth adapter', () => { { clientId: ['secret'] } ); expect(result).toEqual(fakeClaim); + spy.and.callThrough(); }); it('(using client id as array with multiple items) should verify id_token', async () => { @@ -2214,7 +2226,7 @@ describe('facebook limited auth adapter', () => { rsaPublicKey: 'the_rsa_public_key', }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); spyOn(jwt, 'verify').and.callFake(() => fakeClaim); const result = await facebook.validateAuthData( @@ -2222,6 +2234,7 @@ describe('facebook limited auth adapter', () => { { clientId: ['secret', 'secret 123'] } ); expect(result).toEqual(fakeClaim); + spy.and.callThrough(); }); it('(using client id as string) should throw error with with invalid jwt issuer', async () => { @@ -2239,7 +2252,7 @@ describe('facebook limited auth adapter', () => { rsaPublicKey: 'the_rsa_public_key', }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); spyOn(jwt, 'verify').and.callFake(() => fakeClaim); try { @@ -2253,6 +2266,7 @@ describe('facebook limited auth adapter', () => { 'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com' ); } + spy.and.callThrough(); }); // TODO: figure out a way to generate our own facebook signed tokens, perhaps with a parse facebook account @@ -2272,7 +2286,7 @@ describe('facebook limited auth adapter', () => { rsaPublicKey: 'the_rsa_public_key', }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); spyOn(jwt, 'verify').and.callFake(() => fakeClaim); try { @@ -2289,6 +2303,7 @@ describe('facebook limited auth adapter', () => { 'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com' ); } + spy.and.callThrough(); }); it('(using client id as string) should throw error with with invalid jwt issuer', async () => { @@ -2306,7 +2321,7 @@ describe('facebook limited auth adapter', () => { rsaPublicKey: 'the_rsa_public_key', }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); spyOn(jwt, 'verify').and.callFake(() => fakeClaim); try { @@ -2323,6 +2338,7 @@ describe('facebook limited auth adapter', () => { 'id token not issued by correct OpenID provider - expected: https://facebook.com | from: https://not.facebook.com' ); } + spy.and.callThrough(); }); // TODO: figure out a way to generate our own facebook signed tokens, perhaps with a parse facebook account @@ -2392,7 +2408,7 @@ describe('facebook limited auth adapter', () => { rsaPublicKey: 'the_rsa_public_key', }; }; - spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); + const spy = spyOn(util, 'promisify').and.callFake(() => fakeGetSigningKeyAsyncFunction); spyOn(jwt, 'verify').and.callFake(() => fakeClaim); try { @@ -2404,5 +2420,6 @@ describe('facebook limited auth adapter', () => { } catch (e) { expect(e.message).toBe('auth data is invalid for this user.'); } + spy.and.callThrough(); }); }); From 6f43cc70e87ced2974f79b0b811b242ae8a19c7a Mon Sep 17 00:00:00 2001 From: dblythy Date: Mon, 22 May 2023 16:54:59 +1000 Subject: [PATCH 4/7] wip --- package-lock.json | 4 ++-- src/Adapters/Storage/Mongo/MongoTransform.js | 9 +++++++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/package-lock.json b/package-lock.json index 003e91f599..04c1e422cb 100644 --- a/package-lock.json +++ b/package-lock.json @@ -45,14 +45,14 @@ "pg-promise": "11.3.0", "pluralize": "8.0.0", "rate-limit-redis": "3.0.1", - "redis": "^4.6.6", + "redis": "4.6.6", "semver": "7.3.8", "subscriptions-transport-ws": "0.11.0", "tv4": "1.3.0", "uuid": "9.0.0", "winston": "3.8.1", "winston-daily-rotate-file": "4.7.1", - "ws": "^8.13.0" + "ws": "8.13.0" }, "bin": { "parse-server": "bin/parse-server" diff --git a/src/Adapters/Storage/Mongo/MongoTransform.js b/src/Adapters/Storage/Mongo/MongoTransform.js index 6f6811cec3..b52133a9bd 100644 --- a/src/Adapters/Storage/Mongo/MongoTransform.js +++ b/src/Adapters/Storage/Mongo/MongoTransform.js @@ -457,6 +457,15 @@ const parseObjectKeyValueToMongoObjectKeyValue = (restKey, restValue, schema) => ); } value = mapValues(restValue, transformInteriorValue); + + if ( + typeof value === 'object' && + '_bsontype' in value && + !value[Symbol.for('@@mdb.bson.version')] + ) { + value[Symbol.for('@@mdb.bson.version')] = 5.0; + } + return { key: restKey, value }; }; From 7b69dc34998c378d96e37e865e2494ab11d9b2d9 Mon Sep 17 00:00:00 2001 From: dblythy Date: Mon, 22 May 2023 17:51:39 +1000 Subject: [PATCH 5/7] Update AudienceRouter.spec.js --- spec/AudienceRouter.spec.js | 71 +++++++++++++++---------------------- 1 file changed, 29 insertions(+), 42 deletions(-) diff --git a/spec/AudienceRouter.spec.js b/spec/AudienceRouter.spec.js index 9f0f77896a..29df34a72b 100644 --- a/spec/AudienceRouter.spec.js +++ b/spec/AudienceRouter.spec.js @@ -317,54 +317,41 @@ describe('AudiencesRouter', () => { ); }); - it_exclude_dbs(['postgres'])('should support legacy parse.com audience fields', done => { + it_exclude_dbs(['postgres'])('should support legacy parse.com audience fields', async () => { const database = Config.get(Parse.applicationId).database.adapter.database; const now = new Date(); - Parse._request( + let audience = await Parse._request( 'POST', 'push_audiences', { name: 'My Audience', query: JSON.stringify({ deviceType: 'ios' }) }, { useMasterKey: true } - ).then(audience => { - database - .collection('test__Audience') - .updateOne( - { _id: audience.objectId }, - { - $set: { - times_used: 1, - _last_used: now, - }, - } - ) - .then(result => { - expect(result).toBeTruthy(); - database - .collection('test__Audience') - .find({ _id: audience.objectId }) - .toArray((error, rows) => { - expect(error).toEqual(undefined); - expect(rows[0]['times_used']).toEqual(1); - expect(rows[0]['_last_used']).toEqual(now); - Parse._request( - 'GET', - 'push_audiences/' + audience.objectId, - {}, - { useMasterKey: true } - ) - .then(audience => { - expect(audience.name).toEqual('My Audience'); - expect(audience.query.deviceType).toEqual('ios'); - expect(audience.timesUsed).toEqual(1); - expect(audience.lastUsed).toEqual(now.toISOString()); - done(); - }) - .catch(error => { - done.fail(error); - }); - }); - }); - }); + ); + const result = await database.collection('test__Audience').updateOne( + { _id: audience.objectId }, + { + $set: { + times_used: 1, + _last_used: now, + }, + } + ); + expect(result).toBeTruthy(); + const rows = await database + .collection('test__Audience') + .find({ _id: audience.objectId }) + .toArray(); + expect(rows[0]['times_used']).toEqual(1); + expect(rows[0]['_last_used']).toEqual(now); + audience = await Parse._request( + 'GET', + 'push_audiences/' + audience.objectId, + {}, + { useMasterKey: true } + ); + expect(audience.name).toEqual('My Audience'); + expect(audience.query.deviceType).toEqual('ios'); + expect(audience.timesUsed).toEqual(1); + expect(audience.lastUsed).toEqual(now.toISOString()); }); it('should be able to search on audiences', done => { From a1bccfdf3f0c0d806b0eb9a4715a1136a94fef1b Mon Sep 17 00:00:00 2001 From: dblythy Date: Thu, 8 Jun 2023 12:08:59 +1000 Subject: [PATCH 6/7] Update MongoTransform.js --- src/Adapters/Storage/Mongo/MongoTransform.js | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/Adapters/Storage/Mongo/MongoTransform.js b/src/Adapters/Storage/Mongo/MongoTransform.js index b52133a9bd..0580447c99 100644 --- a/src/Adapters/Storage/Mongo/MongoTransform.js +++ b/src/Adapters/Storage/Mongo/MongoTransform.js @@ -3,6 +3,7 @@ import _ from 'lodash'; var mongodb = require('mongodb'); var Parse = require('parse/node').Parse; const Utils = require('../../../Utils'); +const bson = require('bson'); const transformKey = (className, fieldName, schema) => { // Check if the schema is known since it's a built-in field. @@ -458,12 +459,11 @@ const parseObjectKeyValueToMongoObjectKeyValue = (restKey, restValue, schema) => } value = mapValues(restValue, transformInteriorValue); - if ( - typeof value === 'object' && - '_bsontype' in value && - !value[Symbol.for('@@mdb.bson.version')] - ) { - value[Symbol.for('@@mdb.bson.version')] = 5.0; + if (typeof value === 'object' && '_bsontype' in value) { + const type = value._bsontype; + if (type === 'Code') { + value = new bson.Code(value.code); + } } return { key: restKey, value }; From a020911cce2a0b1d82413802363050bcfd3a14b0 Mon Sep 17 00:00:00 2001 From: dblythy Date: Thu, 8 Jun 2023 12:10:03 +1000 Subject: [PATCH 7/7] Update package-lock.json --- package-lock.json | 96 +++++++++++++++++++++++++---------------------- 1 file changed, 51 insertions(+), 45 deletions(-) diff --git a/package-lock.json b/package-lock.json index ae2c1bdf3c..af88b63885 100644 --- a/package-lock.json +++ b/package-lock.json @@ -37,7 +37,7 @@ "lodash": "4.17.21", "lru-cache": "9.1.1", "mime": "3.0.0", - "mongodb": "4.10.0", + "mongodb": "5.3.0", "mustache": "4.2.0", "parse": "4.1.0", "path-to-regexp": "6.2.1", @@ -46,7 +46,7 @@ "pluralize": "8.0.0", "rate-limit-redis": "3.0.2", "redis": "4.6.6", - "semver": "^7.5.1", + "semver": "7.5.1", "subscriptions-transport-ws": "0.11.0", "tv4": "1.3.0", "uuid": "9.0.0", @@ -4294,6 +4294,7 @@ "version": "1.5.1", "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==", + "dev": true, "funding": [ { "type": "github", @@ -4493,20 +4494,18 @@ } }, "node_modules/bson": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/bson/-/bson-4.7.0.tgz", - "integrity": "sha512-VrlEE4vuiO1WTpfof4VmaVolCVYkYTgB9iWgYNOrVlnifpME/06fhFRmONgBhClD5pFC1t9ZWqFUQEQAzY43bA==", - "dependencies": { - "buffer": "^5.6.0" - }, + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/bson/-/bson-5.3.0.tgz", + "integrity": "sha512-ukmCZMneMlaC5ebPHXIkP8YJzNl5DC41N5MAIvKDqLggdao342t4McltoJBQfQya/nHBWAcSsYRqlXPoQkTJag==", "engines": { - "node": ">=6.9.0" + "node": ">=14.20.1" } }, "node_modules/buffer": { "version": "5.7.1", "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.7.1.tgz", "integrity": "sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ==", + "dev": true, "funding": [ { "type": "github", @@ -5987,14 +5986,6 @@ "resolved": "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz", "integrity": "sha512-bd2L678uiWATM6m5Z1VzNCErI3jiGzt6HGY8OVICs40JQq/HALfbyNJmp0UDakEY4pMMaN0Ly5om/B1VI/+xfQ==" }, - "node_modules/denque": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/denque/-/denque-2.1.0.tgz", - "integrity": "sha512-HVQE3AAb/pxF8fQAoiqpvg9i3evqug3hoiwakOyZAwJm+6vZehbkYXZ0l4JxS+I3QxM97v5aaRNhj8v5oBhekw==", - "engines": { - "node": ">=0.10" - } - }, "node_modules/depd": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", @@ -9194,6 +9185,7 @@ "version": "1.2.1", "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz", "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==", + "dev": true, "funding": [ { "type": "github", @@ -11750,20 +11742,35 @@ } }, "node_modules/mongodb": { - "version": "4.10.0", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-4.10.0.tgz", - "integrity": "sha512-My2QxLTw0Cc1O9gih0mz4mqo145Jq4rLAQx0Glk/Ha9iYBzYpt4I2QFNRIh35uNFNfe8KFQcdwY1/HKxXBkinw==", + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-5.3.0.tgz", + "integrity": "sha512-Wy/sbahguL8c3TXQWXmuBabiLD+iVmz+tOgQf+FwkCjhUIorqbAxRbbz00g4ZoN4sXIPwpAlTANMaGRjGGTikQ==", "dependencies": { - "bson": "^4.7.0", - "denque": "^2.1.0", - "mongodb-connection-string-url": "^2.5.3", - "socks": "^2.7.0" + "bson": "^5.2.0", + "mongodb-connection-string-url": "^2.6.0", + "socks": "^2.7.1" }, "engines": { - "node": ">=12.9.0" + "node": ">=14.20.1" }, "optionalDependencies": { "saslprep": "^1.0.3" + }, + "peerDependencies": { + "@aws-sdk/credential-providers": "^3.201.0", + "mongodb-client-encryption": ">=2.3.0 <3", + "snappy": "^7.2.2" + }, + "peerDependenciesMeta": { + "@aws-sdk/credential-providers": { + "optional": true + }, + "mongodb-client-encryption": { + "optional": true + }, + "snappy": { + "optional": true + } } }, "node_modules/mongodb-connection-string-url": { @@ -15213,6 +15220,11 @@ "safer-buffer": "^2.0.2", "tweetnacl": "~0.14.0" }, + "bin": { + "sshpk-conv": "bin/sshpk-conv", + "sshpk-sign": "bin/sshpk-sign", + "sshpk-verify": "bin/sshpk-verify" + }, "engines": { "node": ">=0.10.0" } @@ -23807,7 +23819,8 @@ "base64-js": { "version": "1.5.1", "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", - "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==" + "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==", + "dev": true }, "bcrypt-nodejs": { "version": "0.0.3", @@ -23967,17 +23980,15 @@ } }, "bson": { - "version": "4.7.0", - "resolved": "https://registry.npmjs.org/bson/-/bson-4.7.0.tgz", - "integrity": "sha512-VrlEE4vuiO1WTpfof4VmaVolCVYkYTgB9iWgYNOrVlnifpME/06fhFRmONgBhClD5pFC1t9ZWqFUQEQAzY43bA==", - "requires": { - "buffer": "^5.6.0" - } + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/bson/-/bson-5.3.0.tgz", + "integrity": "sha512-ukmCZMneMlaC5ebPHXIkP8YJzNl5DC41N5MAIvKDqLggdao342t4McltoJBQfQya/nHBWAcSsYRqlXPoQkTJag==" }, "buffer": { "version": "5.7.1", "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.7.1.tgz", "integrity": "sha512-EHcyIPBQ4BSGlvjB16k5KgAJ27CIsHY/2JBmCRReo48y9rQ3MaUzWX3KVlBa4U7MyX02HdVj0K7C3WaB3ju7FQ==", + "dev": true, "requires": { "base64-js": "^1.3.1", "ieee754": "^1.1.13" @@ -25118,11 +25129,6 @@ "resolved": "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz", "integrity": "sha512-bd2L678uiWATM6m5Z1VzNCErI3jiGzt6HGY8OVICs40JQq/HALfbyNJmp0UDakEY4pMMaN0Ly5om/B1VI/+xfQ==" }, - "denque": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/denque/-/denque-2.1.0.tgz", - "integrity": "sha512-HVQE3AAb/pxF8fQAoiqpvg9i3evqug3hoiwakOyZAwJm+6vZehbkYXZ0l4JxS+I3QxM97v5aaRNhj8v5oBhekw==" - }, "depd": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", @@ -27608,7 +27614,8 @@ "ieee754": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz", - "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==" + "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==", + "dev": true }, "ignore": { "version": "5.2.4", @@ -29607,15 +29614,14 @@ "integrity": "sha512-5LC9SOxjSc2HF6vO2CyuTDNivEdoz2IvyJJGj6X8DJ0eFyfszE0QiEd+iXmBvUP3WHxSjFH/vIsA0EN00cgr8w==" }, "mongodb": { - "version": "4.10.0", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-4.10.0.tgz", - "integrity": "sha512-My2QxLTw0Cc1O9gih0mz4mqo145Jq4rLAQx0Glk/Ha9iYBzYpt4I2QFNRIh35uNFNfe8KFQcdwY1/HKxXBkinw==", + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-5.3.0.tgz", + "integrity": "sha512-Wy/sbahguL8c3TXQWXmuBabiLD+iVmz+tOgQf+FwkCjhUIorqbAxRbbz00g4ZoN4sXIPwpAlTANMaGRjGGTikQ==", "requires": { - "bson": "^4.7.0", - "denque": "^2.1.0", - "mongodb-connection-string-url": "^2.5.3", + "bson": "^5.2.0", + "mongodb-connection-string-url": "^2.6.0", "saslprep": "^1.0.3", - "socks": "^2.7.0" + "socks": "^2.7.1" } }, "mongodb-connection-string-url": {