New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
test: Add test for email verification not applying to auth sign-up #8740
base: alpha
Are you sure you want to change the base?
test: Add test for email verification not applying to auth sign-up #8740
Conversation
…p to test error 206 raised in parse-community#6511
Thanks for opening this pull request! |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## alpha #8740 +/- ##
==========================================
+ Coverage 94.13% 94.32% +0.18%
==========================================
Files 186 186
Lines 14687 14773 +86
==========================================
+ Hits 13826 13934 +108
+ Misses 861 839 -22 ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What's the difference between your new test and this existing test?
parse-server/spec/rest.spec.js
Lines 371 to 379 in 5954f0f
it('test facebook signup and login', done => { | |
const data = { | |
authData: { | |
facebook: { | |
id: '8675309', | |
access_token: 'jenny', | |
}, | |
}, | |
}; |
I guess i was supposed to add test to ParseUser.spec.js. Can you please check whether this is correct? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we can using the newer jasmine syntax; I didn't test this, just wrote it as a comment, so it may not be fully correct.
The test still seems to contain some unnecessary code, like
signedUpUser.set('social_id', provider.authData.id);
signedUpUser.set('account_status', 'active');
In any case, the test passes, so we would need to get it to fail. Since you are using the JS SDK methods, there may be a difference to what the Parse iOS SDK sends. To know what the iOS SDK sends to the server you could:
- look at the incoming request on the server side (may be easiest)
- look at the source code of the iOS SDK
Once you know the request that is sent to the server is the same, and you cannot get the test to fail, I suggest you look into your custom Parse Server code as a possible source of the issue.
I ran the CI here, but it failed in all environments, so it's not necessary to run the CI for now. You can execute the test in your local development environment and see whether it fails. Once it fails, it can help to run it on the CI to get more insight.
Co-authored-by: Manuel <5673677+mtrezza@users.noreply.github.com> Signed-off-by: Ashish Naik <naik.ashu@gmail.com>
… This causes test to fail with error 206.
The test you corrected didn't generate error so i tried to add email adaptor parameters that i have in my index.js. Test log is as below
|
Great, as a next step, remove all custom configuration that is not needed for the test to fail. For example you have
|
I wanted to replicate my actual code. Removed now. I was able to identify that combination of these two set to true causes the error. Doesn't fail for any other combination.
|
Yes, that's good. We don't see the error logged anymore, but we know what it is anyway. The next step would be to analyze whether this is expected behavior. |
Signed-off-by: Manuel <5673677+mtrezza@users.noreply.github.com>
Signed-off-by: Manuel <5673677+mtrezza@users.noreply.github.com>
Signed-off-by: Manuel <5673677+mtrezza@users.noreply.github.com>
Signed-off-by: Manuel <5673677+mtrezza@users.noreply.github.com>
You can just reset your local branch to the head of the remote branch. Or delete your local branch and pull the branch from the remote. |
Let's recap: you are signing up a user with Facebook auth, but saving the user afterwards fails if Error 206 means:
So it's possible that a user sign-up is not completed until the email address is verified, even if the user signed up with auth. That could be expected behavior, even though I didn't find anything in the docs. However, it would be logical to assume that if a user is authenticated via a third-party provider, the email verification requirement would be bypassed, since the third-party provider has already done its own verification. As a next step you could look at the Parse Server code. Since we know it's related to |
You wrote previously:
Were you able to determine the exact Parse Server version where this issue started to occur? From your comment above it seems like somewhere between > 3.9.0 and <= 4.0.2. If we know the version, it should be easy to find the change that caused this and we may get a better understanding if this change was intentionally. |
preventLoginWithUnverifiedEmail
should not apply to auth sign-up
preventLoginWithUnverifiedEmail
should not apply to auth sign-uppreventLoginWithUnverifiedEmail
to not apply to auth sign-up
I came across this in 3.9.0 but not sure it worked before that or not. I may not have tested signup after upgrading server version. By the way, it is combination of both verifyUserEmails and preventLoginWithUnverifiedEmail set to true causes the issue. |
preventLoginWithUnverifiedEmail
to not apply to auth sign-up
I've corrected the PR title. What's the range of versions we know as of now - what's the latest version where the issue did not occur and the earliest version where the issue did occur? It would be helpful if you could test this out with more versions in between, so we can narrow it down to the exact version where this first started to occur. |
…e.authProvider early to test.
…e.authProvider early to test
Tried to fix the issue. i updated handleAuthData function with
This resolved the issue and also ran the test with success.
I found that version 2.6.1 introduced this check.
In latest version this check is bit different
|
* commit 'b1e1bf6708f5d32b2846e66de40f48fb0ec1dc86': chore(release): 6.4.0-beta.1 [skip ci] release chore(release): 6.3.0 [skip ci] release chore(release): 6.3.0-alpha.9 [skip ci] perf: Improve performance of recursive pointer iterations (parse-community#8741) refactor: Parse Pointer allows to access internal Parse Server classes and circumvent `beforeFind` query trigger (parse-community#8734) chore(release): 6.2.2 [skip ci] fix: Parse Pointer allows to access internal Parse Server classes and circumvent `beforeFind` query trigger; fixes security vulnerability [GHSA-fcv6-fg5r-jm9q](GHSA-fcv6-fg5r-jm9q) refactor: Remote code execution via MongoDB BSON parser through prototype pollution; fixes security vulnerability [GHSA-462x-c3jw-7vr6](GHSA-462x-c3jw-7vr6) (parse-community#8677) chore(release): 6.2.1 [skip ci] fix: Remote code execution via MongoDB BSON parser through prototype pollution; fixes security vulnerability [GHSA-462x-c3jw-7vr6](GHSA-462x-c3jw-7vr6) (parse-community#8674) refactor: Add option to convert `Parse.Object` to instance in Cloud Function payload (parse-community#8656)
…B-signup-error206 into Facebook-signup-error206
Reproducing error using test it('log in with Facebook and save signed up User with verifyUserEmails=true and preventLoginWithUnverifiedEmail=true' Under ParseUser.spec.js. Signed-off-by: Ashish Naik <naik.ashu@gmail.com>
@mtrezza i have again tried to reproduce with latest version and it is still failing. Below is the test log. This solution still works. In meantime, i have added a workaround in beforeLogin trigger to handle this issue.
Test result
I feel i have made some mistake merging my branch. |
I will reformat the title to use the proper commit message syntax. |
Now that we have a test case, it should be easy to debug and find out want's going on inside Parse Server. |
Pull Request
This PR is to test Facebook signup error 206 describe in #6511
Closes: #6511
Approach
Added test case for Facebook signup and login.
Calling from iOS Objective-C SDK, saving new PFUser created from Facebook signup fails with error 206.
Was first reported in PS version 5.x.x and observed in v6.2.1 also.
Tasks
[x ] Add tests