Skip to content

feat: Add ParseWeibo authentication helper#466

Open
mohkg1017 wants to merge 3 commits into
parse-community:mainfrom
mohkg1017:add-parse-weibo-auth
Open

feat: Add ParseWeibo authentication helper#466
mohkg1017 wants to merge 3 commits into
parse-community:mainfrom
mohkg1017:add-parse-weibo-auth

Conversation

@mohkg1017

@mohkg1017 mohkg1017 commented May 12, 2026

Copy link
Copy Markdown

New Pull Request Checklist

Issue Description

Closes: #55

Adds a ParseWeibo helper for Parse Server's Weibo auth adapter so Parse-Swift users can log in and link users with Weibo credentials.

Approach

  • Add ParseWeibo with secure code and redirect_uri auth data support.
  • Preserve compatibility with the deprecated insecure id and access_token auth data shape.
  • Add callback, async/await, and Combine helper APIs matching the existing third-party auth helper structure.
  • Add focused unit tests for auth data generation, key validation, login, linking, invalid auth data, and legacy auth data.
  • Add a changelog entry for the new helper.
  • Address CodeRabbit feedback by making the internal auth data helpers static.

TODOs before merging

  • Add tests
  • Add entry to changelog
  • Add changes to documentation (guides, repository pages, in-code descriptions)

Tests

  • swift test --filter ParseWeiboTests

@parse-github-assistant

parse-github-assistant Bot commented May 12, 2026

Copy link
Copy Markdown

🚀 Thanks for opening this pull request! We appreciate your effort in improving the project. Please let us know once your pull request is ready for review.

Tip

  • Keep pull requests small. Large PRs will be rejected. Break complex features into smaller, incremental PRs.
  • Use Test Driven Development. Write failing tests before implementing functionality. Ensure tests pass.
  • Group code into logical blocks. Add a short comment before each block to explain its purpose.
  • We offer conceptual guidance. Coding is up to you. PRs must be merge-ready for human review.
  • Our review focuses on concept, not quality. PRs with code issues will be rejected. Use an AI agent.
  • Human review time is precious. Avoid review ping-pong. Inspect and test your AI-generated code.

Note

Please respond to review comments from AI agents just like you would to comments from a human reviewer. Let the reviewer resolve their own comments, unless they have reviewed and accepted your commit, or agreed with your explanation for why the feedback was incorrect.

Caution

Pull requests must be written using an AI agent with human supervision. Pull requests written entirely by a human will likely be rejected, because of lower code quality, higher review effort and the higher risk of introducing bugs. Please note that AI review comments on this pull request alone do not satisfy this requirement. Our CI and AI review are safeguards, not development tools. If many issues are flagged, rethink your development approach. Invest more effort in planning and design rather than using review cycles to fix low-quality code.

@coderabbitai

coderabbitai Bot commented May 12, 2026

Copy link
Copy Markdown
📝 Walkthrough

Walkthrough

This PR introduces complete Weibo OAuth authentication to the Parse-Swift SDK, adding a new ParseWeibo type with callback-based, async/await, and Combine publisher APIs for login and link operations, supported by comprehensive test coverage.

Changes

Weibo OAuth Authentication Support

Layer / File(s) Summary
Core Weibo authentication implementation
Sources/ParseSwift/Authentication/3rd Party/ParseWeibo/ParseWeibo.swift
ParseWeibo<AuthenticatedUser> struct defines internal helpers to build and validate authData for secure (code/redirectURI) and insecure (id/accessToken) credential flows. Public login and link methods accept credential variants, validate required keys, and delegate to AuthenticatedUser.login/link. Extensions to ParseUser provide static and instance weibo convenience accessors.
Async/await API layer
Sources/ParseSwift/Authentication/3rd Party/ParseWeibo/ParseWeibo+async.swift
Six async/await overloads (three for login, three for link) bridge the callback-based implementations via withCheckedThrowingContinuation, enabling natural async/await usage across all credential input forms.
Combine publisher API layer
Sources/ParseSwift/Authentication/3rd Party/ParseWeibo/ParseWeibo+combine.swift
Six Combine publisher overloads (loginPublisher, linkPublisher) return Future<AuthenticatedUser, ParseError>, wrapping callback implementations and resolving through promise for reactive composition.
Comprehensive test suite
Tests/ParseSwiftTests/ParseWeiboTests.swift
Tests verify authentication dictionary generation, required-key validation, successful login/link with mocked server responses, error handling for missing credentials, and correct linked-state tracking across secure and insecure authentication flows.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

🚥 Pre-merge checks | ✅ 6 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Engage In Review Feedback ⚠️ Warning Review feedback to refactor helper methods to be static was not engaged with. Methods remain as instance methods without renaming or updating call sites. Either implement the refactoring to make methods static with improved names and update call sites, or discuss with reviewer to justify keeping instance methods.
✅ Passed checks (6 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Security Check ✅ Passed No security vulnerabilities found. Code follows secure patterns: no hardcoded secrets, proper validation, no credential exposure, no dangerous operations.
Title check ✅ Passed The PR title 'feat: Add ParseWeibo authentication helper' uses the required 'feat:' prefix and clearly summarizes the main change of adding Weibo authentication support.
Description check ✅ Passed The PR description follows the template with all required sections completed: checklist items checked, issue reference provided, clear approach outlined, all TODOs marked complete, and test instructions included.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

  • Generate code and open pull requests
  • Plan features and break down work
  • Investigate incidents and troubleshoot customer tickets together
  • Automate recurring tasks and respond to alerts with triggers
  • Summarize progress and report instantly

Built for teams:

  • Shared memory across your entire org—no repeating context
  • Per-thread sandboxes to safely plan and execute work
  • Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started


Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@mohkg1017 mohkg1017 changed the title Add ParseWeibo authentication helper feat: add ParseWeibo authentication helper May 12, 2026
@parse-github-assistant

Copy link
Copy Markdown

I will reformat the title to use the proper commit message syntax.

@parse-github-assistant parse-github-assistant Bot changed the title feat: add ParseWeibo authentication helper feat: Add ParseWeibo authentication helper May 12, 2026

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (2)
Sources/ParseSwift/Authentication/3rd Party/ParseWeibo/ParseWeibo.swift (1)

89-107: ⚡ Quick win

Consider adding deprecation attributes to insecure auth methods.

The documentation describes these methods as "deprecated insecure" (lines 90, 152), but they lack @available deprecation attributes. Adding deprecation attributes would provide compile-time warnings to guide developers toward the secure code/redirectURI flow.

💡 Proposed addition of deprecation attributes

For the insecure login method:

     /**
      Login a `ParseUser` *asynchronously* using deprecated insecure Weibo authentication.
      - parameter id: The id from Weibo.
      - parameter accessToken: The access token from Weibo.
      - parameter options: A set of header options sent to the server. Defaults to an empty set.
      - parameter callbackQueue: The queue to return to after completion. Default value of .main.
      - parameter completion: The block to execute.
      */
+    `@available`(*, deprecated, message: "Use secure login(code:redirectURI:...) instead. This method sends credentials directly and is less secure.")
     func login(id: String,
                accessToken: String,
                options: API.Options = [],

Apply the same pattern to the insecure link method at line 151.

Also applies to: 151-169

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Sources/ParseSwift/Authentication/3rd` Party/ParseWeibo/ParseWeibo.swift
around lines 89 - 107, Add a deprecation attribute to the insecure Weibo auth
methods to surface compile-time warnings: annotate the
login(id:accessToken:options:callbackQueue:completion:) function and the
corresponding link(...) method (the insecure id/accessToken overloads) with
`@available`(*, deprecated, message: "Use the secure code/redirectURI OAuth flow
instead; the id/accessToken method is insecure and deprecated."). Ensure both
methods carry the same deprecation message so callers are directed to the secure
flow.
Tests/ParseSwiftTests/ParseWeiboTests.swift (1)

16-274: ⚡ Quick win

Consider adding test coverage for async/await and Combine variants.

The test suite provides comprehensive coverage for the callback-based APIs. While the async and Combine variants in ParseWeibo+async.swift and ParseWeibo+combine.swift are thin wrappers using standard patterns (withCheckedThrowingContinuation and Future), adding at least one test per variant would increase confidence and catch potential integration issues.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Tests/ParseSwiftTests/ParseWeiboTests.swift` around lines 16 - 274, Add tests
exercising the async/await and Combine wrappers for ParseWeibo to mirror the
existing callback tests: create async versions of testLogin,
testLoginWithInsecureAuthData, and one linking test that call the async methods
(e.g., User.weibo.login(code:redirectURI:) async) using mocked network
responses, and add Combine tests that subscribe to the publisher variants (e.g.,
User.weibo.loginPublisher(...)) asserting success/failure and state changes;
reference the wrapper files ParseWeibo+async.swift and ParseWeibo+combine.swift
and the wrapper entry points (async login/link methods and publisher methods)
when adding these new test cases so they use the same mocked MockURLProtocol
responses and expectations as the callback tests.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@Sources/ParseSwift/Authentication/3rd` Party/ParseWeibo/ParseWeibo.swift:
- Around line 31-56: The helper methods makeDictionary(code:redirectURI:),
makeDictionary(id:accessToken:), and verifyMandatoryKeys(authData:) on
AuthenticationKeys should be converted from instance methods to static methods
on the AuthenticationKeys type because they don't use self; change their
declarations to static and update all call sites that currently call them on an
enum case (e.g., AuthenticationKeys.code.makeDictionary(...),
AuthenticationKeys.id.verifyMandatoryKeys(...)) to call them as static functions
(e.g., AuthenticationKeys.makeDictionary(...),
AuthenticationKeys.verifyMandatoryKeys(...)) so usage is clear and idiomatic.

---

Nitpick comments:
In `@Sources/ParseSwift/Authentication/3rd` Party/ParseWeibo/ParseWeibo.swift:
- Around line 89-107: Add a deprecation attribute to the insecure Weibo auth
methods to surface compile-time warnings: annotate the
login(id:accessToken:options:callbackQueue:completion:) function and the
corresponding link(...) method (the insecure id/accessToken overloads) with
`@available`(*, deprecated, message: "Use the secure code/redirectURI OAuth flow
instead; the id/accessToken method is insecure and deprecated."). Ensure both
methods carry the same deprecation message so callers are directed to the secure
flow.

In `@Tests/ParseSwiftTests/ParseWeiboTests.swift`:
- Around line 16-274: Add tests exercising the async/await and Combine wrappers
for ParseWeibo to mirror the existing callback tests: create async versions of
testLogin, testLoginWithInsecureAuthData, and one linking test that call the
async methods (e.g., User.weibo.login(code:redirectURI:) async) using mocked
network responses, and add Combine tests that subscribe to the publisher
variants (e.g., User.weibo.loginPublisher(...)) asserting success/failure and
state changes; reference the wrapper files ParseWeibo+async.swift and
ParseWeibo+combine.swift and the wrapper entry points (async login/link methods
and publisher methods) when adding these new test cases so they use the same
mocked MockURLProtocol responses and expectations as the callback tests.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 77f3e097-a09d-470a-8910-6c6d5efc0424

📥 Commits

Reviewing files that changed from the base of the PR and between 645180e and 103ae29.

📒 Files selected for processing (4)
  • Sources/ParseSwift/Authentication/3rd Party/ParseWeibo/ParseWeibo+async.swift
  • Sources/ParseSwift/Authentication/3rd Party/ParseWeibo/ParseWeibo+combine.swift
  • Sources/ParseSwift/Authentication/3rd Party/ParseWeibo/ParseWeibo.swift
  • Tests/ParseSwiftTests/ParseWeiboTests.swift

Comment thread Sources/ParseSwift/Authentication/3rd Party/ParseWeibo/ParseWeibo.swift Outdated
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Adding Support for more 3rd Party Authentication SDK's

1 participant