Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Throw error on user disabled and check revoked set true #1401

Merged
merged 18 commits into from
Aug 16, 2021
Merged

fix: Throw error on user disabled and check revoked set true #1401

Changes from 1 commit
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
c5dbbb5
fix: Throw error on user disabled and check revoked set true
xil222 Aug 4, 2021
ae944f4
Merge branch 'master' into verifyIdToken
xil222 Aug 5, 2021
d7703f0
resolve 2 calls on getUser(), improve tests and lints
xil222 Aug 10, 2021
45a7316
Merge branch 'verifyIdToken' of https://github.com/firebase/firebase-…
xil222 Aug 10, 2021
d361bf1
Merge branch 'master' into verifyIdToken
xil222 Aug 10, 2021
f03333e
remove currentUser.reload
xil222 Aug 10, 2021
1aab944
Merge branch 'verifyIdToken' of https://github.com/firebase/firebase-…
xil222 Aug 10, 2021
b03bcff
add return
xil222 Aug 10, 2021
40a6ab6
Tweak tests
xil222 Aug 13, 2021
72f20d5
small fix
xil222 Aug 13, 2021
b85651f
Use async and await instead of chain in integration test and change C…
xil222 Aug 13, 2021
a8ee801
retry
xil222 Aug 13, 2021
c508523
Add special case of authEmulator
xil222 Aug 14, 2021
6175c59
fix emulator on issue
xil222 Aug 14, 2021
1a687fb
remove firebase-tool version changes
xil222 Aug 16, 2021
43e3664
useMockIdToken for unit test
xil222 Aug 16, 2021
50c33d8
fix typos
xil222 Aug 16, 2021
cf49852
Merge branch 'master' into verifyIdToken
xil222 Aug 16, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
37 changes: 14 additions & 23 deletions test/unit/auth/auth.spec.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -507,22 +507,18 @@ AUTH_CONFIGS.forEach((testConfig) => {
expectedAccountInfoResponseUserDisabled.users[0].disabled = true;
const expectedUserRecordDisabled = getValidUserRecord(expectedAccountInfoResponseUserDisabled);
const validSince = new Date(expectedUserRecordDisabled.tokensValidAfterTime!);
// Restore verifyIdToken stub.
stub.restore();
// One second before validSince.
const oneSecBeforeValidSince = Math.floor(validSince.getTime() / 1000 - 1);
const oneSecBeforeValidSince = new Date(validSince.getTime() - 1000);
stub = sinon.stub(FirebaseTokenVerifier.prototype, 'verifyJWT')
.resolves(getDecodedIdToken(expectedUserRecordDisabled.uid, oneSecBeforeValidSince));
stubs.push(stub);
const getUserStub = sinon.stub(testConfig.Auth.prototype, 'getUser')
.resolves(expectedUserRecordDisabled);
expect(expectedUserRecordDisabled.disabled).to.be.equal(true);
stubs.push(getUserStub);

const unsignedToken = mocks.generateIdToken({
algorithm: 'none',
subject: expectedUserRecordDisabled.uid,
}, {
iat: oneSecBeforeValidSince,
auth_time: oneSecBeforeValidSince, // eslint-disable-line @typescript-eslint/camelcase
});

return auth.verifyIdToken(unsignedToken, true)
return auth.verifyIdToken(mockIdToken, true)
.then(() => {
throw new Error('Unexpected success');
}, (error) => {
Expand Down Expand Up @@ -914,23 +910,18 @@ AUTH_CONFIGS.forEach((testConfig) => {
expectedAccountInfoResponseUserDisabled.users[0].disabled = true;
const expectedUserRecordDisabled = getValidUserRecord(expectedAccountInfoResponseUserDisabled);
const validSince = new Date(expectedUserRecordDisabled.tokensValidAfterTime!);
// Restore verifyIdToken stub.
xil222 marked this conversation as resolved.
Show resolved Hide resolved
stub.restore();
// One second before validSince.
const oneSecBeforeValidSince = Math.floor(validSince.getTime() / 1000 - 1);
const oneSecBeforeValidSince = new Date(validSince.getTime() - 1000);
stub = sinon.stub(FirebaseTokenVerifier.prototype, 'verifyJWT')
.resolves(getDecodedIdToken(expectedUserRecordDisabled.uid, oneSecBeforeValidSince));
stubs.push(stub);
const getUserStub = sinon.stub(testConfig.Auth.prototype, 'getUser')
.resolves(expectedUserRecordDisabled);
expect(expectedUserRecordDisabled.disabled).to.be.equal(true);
stubs.push(getUserStub);

const unsignedToken = mocks.generateIdToken({
algorithm: 'none',
subject: expectedUserRecordDisabled.uid,
issuer: 'https://session.firebase.google.com/' + mocks.projectId,
}, {
iat: oneSecBeforeValidSince,
auth_time: oneSecBeforeValidSince, // eslint-disable-line @typescript-eslint/camelcase
});

return auth.verifySessionCookie(unsignedToken, true)
return auth.verifySessionCookie(mockSessionCookie, true)
.then(() => {
throw new Error('Unexpected success');
}, (error) => {
Expand Down