mirror of
https://github.com/n8n-io/n8n.git
synced 2024-12-25 12:44:07 -08:00
fix(core): Handle credential in body for oauth2 refresh token (#9179)
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
This commit is contained in:
parent
0d7358807b
commit
c9855e3dce
|
@ -10,6 +10,7 @@ export interface ClientOAuth2TokenData extends Record<string, string | undefined
|
||||||
expires_in?: string;
|
expires_in?: string;
|
||||||
scope?: string | undefined;
|
scope?: string | undefined;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* General purpose client token generator.
|
* General purpose client token generator.
|
||||||
*/
|
*/
|
||||||
|
@ -74,18 +75,27 @@ export class ClientOAuth2Token {
|
||||||
|
|
||||||
if (!this.refreshToken) throw new Error('No refresh token');
|
if (!this.refreshToken) throw new Error('No refresh token');
|
||||||
|
|
||||||
|
const clientId = options.clientId;
|
||||||
|
const clientSecret = options.clientSecret;
|
||||||
|
const headers = { ...DEFAULT_HEADERS };
|
||||||
|
const body: Record<string, string> = {
|
||||||
|
refresh_token: this.refreshToken,
|
||||||
|
grant_type: 'refresh_token',
|
||||||
|
};
|
||||||
|
|
||||||
|
if (options.authentication === 'body') {
|
||||||
|
body.client_id = clientId;
|
||||||
|
body.client_secret = clientSecret;
|
||||||
|
} else {
|
||||||
|
headers.Authorization = auth(clientId, clientSecret);
|
||||||
|
}
|
||||||
|
|
||||||
const requestOptions = getRequestOptions(
|
const requestOptions = getRequestOptions(
|
||||||
{
|
{
|
||||||
url: options.accessTokenUri,
|
url: options.accessTokenUri,
|
||||||
method: 'POST',
|
method: 'POST',
|
||||||
headers: {
|
headers,
|
||||||
...DEFAULT_HEADERS,
|
body,
|
||||||
Authorization: auth(options.clientId, options.clientSecret),
|
|
||||||
},
|
|
||||||
body: {
|
|
||||||
refresh_token: this.refreshToken,
|
|
||||||
grant_type: 'refresh_token',
|
|
||||||
},
|
|
||||||
},
|
},
|
||||||
options,
|
options,
|
||||||
);
|
);
|
||||||
|
|
|
@ -130,8 +130,8 @@ describe('CredentialsFlow', () => {
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('#refresh', () => {
|
describe('#refresh', () => {
|
||||||
const mockRefreshCall = () =>
|
const mockRefreshCall = async () => {
|
||||||
nock(config.baseUrl)
|
const nockScope = nock(config.baseUrl)
|
||||||
.post(
|
.post(
|
||||||
'/login/oauth/access_token',
|
'/login/oauth/access_token',
|
||||||
({ refresh_token, grant_type }) =>
|
({ refresh_token, grant_type }) =>
|
||||||
|
@ -142,6 +142,15 @@ describe('CredentialsFlow', () => {
|
||||||
access_token: config.refreshedAccessToken,
|
access_token: config.refreshedAccessToken,
|
||||||
refresh_token: config.refreshedRefreshToken,
|
refresh_token: config.refreshedRefreshToken,
|
||||||
});
|
});
|
||||||
|
return await new Promise<{ headers: Headers; body: unknown }>((resolve) => {
|
||||||
|
nockScope.once('request', (req) => {
|
||||||
|
resolve({
|
||||||
|
headers: req.headers,
|
||||||
|
body: req.requestBodyBuffers.toString('utf-8'),
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|
||||||
it('should make a request to get a new access token', async () => {
|
it('should make a request to get a new access token', async () => {
|
||||||
const authClient = createAuthClient({ scopes: ['notifications'] });
|
const authClient = createAuthClient({ scopes: ['notifications'] });
|
||||||
|
@ -150,12 +159,55 @@ describe('CredentialsFlow', () => {
|
||||||
const token = await authClient.credentials.getToken();
|
const token = await authClient.credentials.getToken();
|
||||||
expect(token.accessToken).toEqual(config.accessToken);
|
expect(token.accessToken).toEqual(config.accessToken);
|
||||||
|
|
||||||
mockRefreshCall();
|
const requestPromise = mockRefreshCall();
|
||||||
const token1 = await token.refresh();
|
const token1 = await token.refresh();
|
||||||
|
await requestPromise;
|
||||||
|
|
||||||
expect(token1).toBeInstanceOf(ClientOAuth2Token);
|
expect(token1).toBeInstanceOf(ClientOAuth2Token);
|
||||||
expect(token1.accessToken).toEqual(config.refreshedAccessToken);
|
expect(token1.accessToken).toEqual(config.refreshedAccessToken);
|
||||||
expect(token1.tokenType).toEqual('bearer');
|
expect(token1.tokenType).toEqual('bearer');
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('should make a request to get a new access token with authentication = "body"', async () => {
|
||||||
|
const authClient = createAuthClient({ scopes: ['notifications'], authentication: 'body' });
|
||||||
|
void mockTokenCall({ requestedScope: 'notifications' });
|
||||||
|
|
||||||
|
const token = await authClient.credentials.getToken();
|
||||||
|
expect(token.accessToken).toEqual(config.accessToken);
|
||||||
|
|
||||||
|
const requestPromise = mockRefreshCall();
|
||||||
|
const token1 = await token.refresh();
|
||||||
|
const { headers, body } = await requestPromise;
|
||||||
|
|
||||||
|
expect(token1).toBeInstanceOf(ClientOAuth2Token);
|
||||||
|
expect(token1.accessToken).toEqual(config.refreshedAccessToken);
|
||||||
|
expect(token1.tokenType).toEqual('bearer');
|
||||||
|
expect(headers?.authorization).toBe(undefined);
|
||||||
|
expect(body).toEqual(
|
||||||
|
'refresh_token=def456token&grant_type=refresh_token&client_id=abc&client_secret=123',
|
||||||
|
);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should make a request to get a new access token with authentication = "header"', async () => {
|
||||||
|
const authClient = createAuthClient({
|
||||||
|
scopes: ['notifications'],
|
||||||
|
authentication: 'header',
|
||||||
|
});
|
||||||
|
void mockTokenCall({ requestedScope: 'notifications' });
|
||||||
|
|
||||||
|
const token = await authClient.credentials.getToken();
|
||||||
|
expect(token.accessToken).toEqual(config.accessToken);
|
||||||
|
|
||||||
|
const requestPromise = mockRefreshCall();
|
||||||
|
const token1 = await token.refresh();
|
||||||
|
const { headers, body } = await requestPromise;
|
||||||
|
|
||||||
|
expect(token1).toBeInstanceOf(ClientOAuth2Token);
|
||||||
|
expect(token1.accessToken).toEqual(config.refreshedAccessToken);
|
||||||
|
expect(token1.tokenType).toEqual('bearer');
|
||||||
|
expect(headers?.authorization).toBe('Basic YWJjOjEyMw==');
|
||||||
|
expect(body).toEqual('refresh_token=def456token&grant_type=refresh_token');
|
||||||
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
Loading…
Reference in a new issue