RCORE-2110 Remove references to stitch in access token parsing (#7769)

realm · Jun 4, 2024 · 0f69c38 · 0f69c38
1 parent ab1361f
commit 0f69c38
Show file tree

Hide file tree

Showing 5 changed files with 2 additions and 105 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,15 +9,15 @@
 * Fix some client resets (such as migrating to flexible sync) potentially failing with AutoClientResetFailed if a new client reset condition (such as rolling back a flexible sync migration) occurred before the first one completed. ([PR #7542](https://github.com/realm/realm-core/pull/7542), since v13.11.0)
 
 ### Breaking changes
-* None.
+* Any `stitch_` prefixed fields in the `BsonDocument` returned from `app::User::custom_data()` are being renamed on the server to have a `baas_` prefix instead ([PR #7769](https://github.com/realm/realm-core/pull/7769)).
 
 ### Compatibility
 * Fileformat: Generates files with format v24. Reads and automatically upgrade from fileformat v10. If you want to upgrade from an earlier file format version you will have to use RealmCore v13.x.y or earlier.
 
 -----------
 
 ### Internals
-* None.
+* Removed references to `stitch_` fields in access tokens in sync unit tests ([PR #7769](https://github.com/realm/realm-core/pull/7769)).
 
 ----------------------------------------------
 

diff --git a/src/realm/sync/noinst/server/access_token.cpp b/src/realm/sync/noinst/server/access_token.cpp
@@ -55,9 +55,6 @@ struct AccessTokenParser {
                 else if (escaped_key == "path") {
                     state_stack.push(await_path);
                 }
-                else if (escaped_key == "stitch_data") {
-                    state_stack.push(await_stitchdata);
-                }
                 else if (escaped_key == "sync_label" || escaped_key == "syncLabel") {
                     state_stack.push(await_sync_label);
                 }
@@ -81,34 +78,6 @@ struct AccessTokenParser {
                 }
                 break;
             }
-            case await_stitchdata: {
-                if (event.type != JSONEvent::object_begin) {
-                    return JSONError::unexpected_token;
-                }
-                state_stack.pop();
-                state_stack.push(await_stitchdata_object);
-                break;
-            }
-            case await_stitchdata_object: {
-                if (event.type == JSONEvent::object_end) {
-                    state_stack.pop();
-                    break; // End of object
-                }
-                StringData escaped_key = event.escaped_string_value();
-                if (escaped_key == "realm_sync_label") {
-                    state_stack.push(await_sync_label);
-                }
-                else if (escaped_key == "realm_path") {
-                    state_stack.push(await_path);
-                }
-                else if (escaped_key == "realm_access") {
-                    state_stack.push(await_access);
-                }
-                else {
-                    state_stack.push(skip_value);
-                }
-                break;
-            }
             case await_identity: {
                 if (event.type != JSONEvent::string) {
                     return JSONError::unexpected_token;
@@ -202,8 +171,6 @@ struct AccessTokenParser {
 private:
     enum parser_state {
         toplevel,
-        await_stitchdata,
-        await_stitchdata_object,
         await_identity,
         await_admin,
         await_timestamp,

diff --git a/test/stitch_private.pem b/test/stitch_private.pem
diff --git a/test/stitch_public.pem b/test/stitch_public.pem
diff --git a/test/test_sync_auth.cpp b/test/test_sync_auth.cpp
@@ -47,40 +47,6 @@ TEST(Sync_Auth_JWTAccessToken)
     CHECK_EQUAL(tok.sync_label, "default");
 }
 
-
-TEST(Sync_Auth_JWTAccessTokenStitchFields)
-{
-    AccessToken tok;
-    AccessToken::ParseError error = AccessToken::ParseError::none;
-
-    PKey pk1 = PKey::load_public(test_util::get_test_resource_path() + "stitch_public.pem");
-    AccessControl ctrl(std::move(pk1));
-
-    AccessToken::Verifier& verifier = ctrl.verifier();
-    auto exampleJWT =
-        "eyJhbGciOiJSUzI1NiIsImtpZCI6IjVkYTY0NzI2NTM5NWM0ZmY0NzE2ZmE4NyIsInR5cCI6IkpXVCJ9."
-        "eyJhdWQiOiJyZWFsbSIsImV4cCI6NDU3MTE3ODYzOSwiaWF0Ijo0NTcxMTc4Mjc5LCJpc3MiOiJyZWFsbSIsInN0aXRjaF9kYXRhIjp7InJl"
-        "YWxtX2FjY2VzcyI6WyJkb3dubG9hZCIsInVwbG9hZCIsIm1hbmFnZSJdLCJyZWFsbV9wYXRoIjoiLzVkYTY0NzI3NTM5NWM0ZmY0NzE2ZmE5"
-        "My9leGFtcGxlIiwicmVhbG1fc3luY19sYWJlbCI6ImRlZmF1bHQifSwic3RpdGNoX2RldklkIjoiMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw"
-        "Iiwic3RpdGNoX2RvbWFpbklkIjoiNWRhNjQ3MjY1Mzk1YzRmZjQ3MTZmYTg2Iiwic3ViIjoiNWRhNjQ3Mjc1Mzk1YzRmZjQ3MTZmYTkzIiwi"
-        "dHlwIjoiYWNjZXNzIiwidXNlcl9kYXRhIjpudWxsfQ."
-        "dgoKeww6xSjvhmZ69muDOJGOkk1sFxq9sfdFF2ufq3z1oTFujp3g6AIaKy66qcx6zbHEx4Zv7Fy4ytGpIW30truAiTvEks2z_"
-        "s6WHHUO2PEOygUruhnIHms2-Bw3MlTVn1cQHdIYK7F4AqT35Ds-9OVKWYPBMZnZt2AvIaBeESTNF-gOXKT0teAeM7PHkVzTow9I_"
-        "G6aCTRZhBRLrGdlaScXoVTNUhZf-"
-        "oxI7fmCcQYdZ4grulQgs40LxOnpGOxjnc9xiwoIsVsjsvju3qzqUt0Gg0tNjCAQtgdxn4XKXmx2THPnClxyeF67mn5IQ0QQy33EqLsETxgUD"
-        "cZ17h62JQ";
-    auto result = AccessToken::parseJWT(StringData(exampleJWT), tok, error, &verifier);
-
-    CHECK(result);
-    CHECK(error == AccessToken::ParseError::none);
-    CHECK_EQUAL(tok.expires, 4571178639);
-    CHECK_EQUAL(tok.sync_label, "default");
-    CHECK_EQUAL(tok.path, "/5da647275395c4ff4716fa93/example");
-    std::uint_least32_t admin_access =
-        Privilege::Download | Privilege::Upload | Privilege::ModifySchema | Privilege::SetPermissions;
-    CHECK_EQUAL(tok.access, admin_access);
-}
-
 #endif // !REALM_MOBILE
 
 } // unnamed namespace