fix: Add objectParser for ObjectTypeAnnotation (e.g. PARSE_SERVER_AUTH_PROVIDERS)

[mattia1208]

Pull Request

• Report security issues confidentially.
• Any contribution is under this license.
• Link this pull request to an issue.

Issue

https://github.com/parse-community/parse-server/issues/9907

The issue occurs because the mapperFor function in buildConfigDefinitions.js did not include a specific case for the ObjectTypeAnnotation type in Flow definitions.
As a result, configuration options defined as Flow objects - such as:
auth: ?{ [string]: AuthAdapter };
were not mapped to the appropriate parser (objectParser) when generating CLI definitions.

This caused environment variables like PARSE_SERVER_AUTH_PROVIDERS to be treated as raw strings instead of being parsed as JSON objects.
In practice, this broke the built-in Microsoft authentication adapter (and any other adapter relying on object-type auth configs), throwing errors such as:
Error: Microsoft options are required.
The missing objectParser action in the generated definitions.js file prevented the environment variable from being correctly parsed into an object structure.

Approach

• Updated the mapperFor function in buildConfigDefinitions.js to handle ObjectTypeAnnotation by mapping it to the objectParser, ensuring object types are parsed correctly.
• Added the objectParser action to the auth option in ParseServerOptions in Definitions.js, enabling proper parsing of the auth configuration as an object.

Tasks

• Add fix for ObjectTypeAnnotation handling in mapperFor
• Regenerate CLI definitions
• Add objectParser action for auth option
• Add tests

Summary by CodeRabbit

• Bug Fixes
  • Improved parsing of authentication provider configuration to properly deserialize JSON object inputs from environment variables.

[parse-github-assistant]

I will reformat the title to use the proper commit message syntax.

[parse-github-assistant]

🚀 Thanks for opening this pull request!

[coderabbitai]

📝 Walkthrough

Walkthrough

Two files are modified to add support for parsing object-type configuration values. The build configuration is updated to handle ObjectTypeAnnotation type mappings by returning the objectParser, and the ParseServerOptions.auth configuration is updated to include the objectParser action for environment variable deserialization.

Changes

Cohort / File(s)	Summary
Build Configuration resources/buildConfigDefinitions.js	Added case for ObjectTypeAnnotation in mapperFor function to return objectParser, aligning with existing AnyTypeAnnotation handling
Options Definition src/Options/Definitions.js	Added action: parsers.objectParser to ParseServerOptions.auth configuration to enable proper parsing of stringified JSON from PARSE_SERVER_AUTH_PROVIDERS environment variable

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

• Both changes follow consistent patterns for adding object parser support
• Minimal logic density; straightforward configuration additions
• Changes are isolated to type mapping and parser action assignment

Possibly related issues

• PARSE_SERVER_AUTH_PROVIDERS is passed as string instead of object — built-in adapters (e.g. Microsoft) throw “options are required” #9907 — This PR directly implements the objectParser support for object-type config mappings (including ParseServerOptions.auth), addressing the root cause where PARSE_SERVER_AUTH_PROVIDERS remained unparsed due to missing objectParser action.

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: adding objectParser support for ObjectTypeAnnotation with a concrete example of the affected configuration.
Description check	✅ Passed	The description follows the required template structure with Issue, Approach, and Tasks sections. The Issue section clearly explains the problem with environment variable parsing, and the Approach outlines the solution. However, the Tests task remains incomplete.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[parseplatformorg]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

resources/buildConfigDefinitions.js (1)

176-242: Consider adding ObjectTypeAnnotation handling for future-proofing.

The parseDefaultValue function handles various type annotations but doesn't include a case for ObjectTypeAnnotation. While this isn't currently an issue (since the auth option likely doesn't have a default value), adding this handling would make the function more complete and prevent potential issues if default values are added to object-type fields in the future.

Consider adding after line 214:

  } else if (t.isBooleanTypeAnnotation(elt)) {
    literalValue = t.booleanLiteral(parsers.booleanParser(value));
+ } else if (t.isObjectTypeAnnotation(elt)) {
+   const object = parsers.objectParser(value);
+   const props = Object.keys(object).map(key => {
+     const val = object[key];
+     if (typeof val === 'string') {
+       return t.objectProperty(t.identifier(key), t.stringLiteral(val));
+     } else if (typeof val === 'number') {
+       return t.objectProperty(t.identifier(key), t.numericLiteral(val));
+     } else if (typeof val === 'boolean') {
+       return t.objectProperty(t.identifier(key), t.booleanLiteral(val));
+     } else {
+       return t.objectProperty(t.identifier(key), t.identifier('undefined'));
+     }
+   });
+   literalValue = t.objectExpression(props);
  } else if (t.isGenericTypeAnnotation(elt)) {

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4124069 and 996205b.

📒 Files selected for processing (2)

• resources/buildConfigDefinitions.js (1 hunks)
• src/Options/Definitions.js (1 hunks)

🧰 Additional context used

🧠 Learnings (1)

📚 Learning: 2025-08-27T09:08:34.252Z

Learnt from: EmpiDev
Repo: parse-community/parse-server PR: 9770
File: src/triggers.js:446-454
Timestamp: 2025-08-27T09:08:34.252Z
Learning: When analyzing function signature changes in Parse Server codebase, verify that call sites are actually incorrect before flagging them. Passing tests are a strong indicator that function calls are already properly aligned with new signatures.

Applied to files:

• src/Options/Definitions.js

🧬 Code graph analysis (1)

src/Options/Definitions.js (1)

resources/buildConfigDefinitions.js (1)

• parsers (12-12)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (14)

• GitHub Check: Node 20
• GitHub Check: Node 22
• GitHub Check: MongoDB 6, ReplicaSet
• GitHub Check: Node 18
• GitHub Check: MongoDB 8, ReplicaSet
• GitHub Check: PostgreSQL 16, PostGIS 3.5
• GitHub Check: Redis Cache
• GitHub Check: PostgreSQL 18, PostGIS 3.6
• GitHub Check: MongoDB 7, ReplicaSet
• GitHub Check: PostgreSQL 15, PostGIS 3.4
• GitHub Check: PostgreSQL 17, PostGIS 3.5
• GitHub Check: PostgreSQL 15, PostGIS 3.3
• GitHub Check: PostgreSQL 15, PostGIS 3.5
• GitHub Check: Docker Build

🔇 Additional comments (2)

src/Options/Definitions.js (1)

110-115: LGTM! Generated code correctly adds objectParser action.

The addition of action: parsers.objectParser to the auth option is consistent with other object-type configuration options throughout this file (e.g., accountLockout, customPages, fileUpload). This ensures that the PARSE_SERVER_AUTH_PROVIDERS environment variable is properly parsed as a JSON object rather than treated as a raw string, which directly addresses the PR objective.

Note: This is generated code. The actual source changes are in src/Options/index.js and the generator script resources/buildConfigDefinitions.js.

resources/buildConfigDefinitions.js (1)

156-157: LGTM! ObjectTypeAnnotation handling correctly added.

The addition of ObjectTypeAnnotation handling in mapperFor is correct and consistent with the existing AnyTypeAnnotation handling. This ensures Flow object types (e.g., ?{ [string]: AuthAdapter }) are properly mapped to objectParser.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 93.06%. Comparing base (9776386) to head (996205b).
⚠️ Report is 8 commits behind head on alpha.

Additional details and impacted files

@@            Coverage Diff             @@
##            alpha    #9912      +/-   ##
==========================================
+ Coverage   93.04%   93.06%   +0.01%     
==========================================
  Files         187      187              
  Lines       15160    15187      +27     
  Branches      177      177              
==========================================
+ Hits        14106    14134      +28     
+ Misses       1042     1041       -1     
  Partials       12       12              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.