simple-oauth2-ts-client - npm Package Compare versions

Comparing version 1.0.4 to 1.0.5

dist/core/OAuthGrant.js

@@ -15,3 +15,3 @@ "use strict";
     async makeTokenRequest(body) {
-        var _a, _b, _c, _d;
+        var _a, _b, _c;
         const uri = this.getEndPoint("tokenEndPoint");
@@ -25,12 +25,31 @@ if (!uri) {
         };
-        const authMethod = (_a = this.client.authenticationMethod) !== null && _a !== void 0 ? _a : "client_secret_basic";
-        if (this.client.client_secret) {
-            if (authMethod === "client_secret_basic") {
-                const credentials = Buffer.from(`${this.client.client_id}:${this.client.client_secret}`).toString("base64");
-                headers["Authorization"] = `Basic ${credentials}`;
-            }
-            else if (authMethod === "client_secret_post") {
+        let authMethod = this.client.authenticationMethod;
+        if (!this.client.client_secret) {
+            // Basic auth should only be used when there's a client_secret, for
+            // non-confidential clients we may only have a client_id, which
+            // always gets added to the body.
+            authMethod = "client_secret_post";
+        }
+        if (!authMethod) {
+            // If we got here, it means no preference was provided by anything,
+            // and we have a secret. In this case its preferred to embed
+            // authentication in the Authorization header.
+            authMethod = "client_secret_basic";
+        }
+        switch (authMethod) {
+            case "client_secret_basic":
+                headers.Authorization =
+                    "Basic " +
+                        btoa(this.client.client_id + ":" + this.client.client_secret);
+                break;
+            case "client_secret_post":
                 body.client_id = this.client.client_id;
-                body.client_secret = this.client.client_secret;
-            }
+                if (this.client.client_secret) {
+                    body.client_secret = this.client.client_secret;
+                }
+                break;
+            default:
+                throw new Error("Authentication method not yet supported:" +
+                    authMethod +
+                    ". Open a feature request if you want this!");
         }
@@ -46,7 +65,7 @@ try {
                 expires_in: res.data.expires_in,
-                refresh_token: (_b = res.data.refresh_token) !== null && _b !== void 0 ? _b : null,
+                refresh_token: (_a = res.data.refresh_token) !== null && _a !== void 0 ? _a : null,
             };
         }
         catch (error) {
-            if (axios_1.default.isAxiosError(error) && ((_d = (_c = error.response) === null || _c === void 0 ? void 0 : _c.data) === null || _d === void 0 ? void 0 : _d.error)) {
+            if (axios_1.default.isAxiosError(error) && ((_c = (_b = error.response) === null || _b === void 0 ? void 0 : _b.data) === null || _c === void 0 ? void 0 : _c.error)) {
                 throw new Error(`Failed to get access token: ${error.response.data.error_description || error.response.data.error}`);
@@ -129,3 +148,3 @@ }
             grant_type: "client_credentials",
-            ...Object.fromEntries(Object.entries(params).filter(([key]) => key !== 'scope'))
+            ...Object.fromEntries(Object.entries(params).filter(([key]) => key !== "scope")),
         };
@@ -132,0 +151,0 @@ if (params.scope) {

package.json

 {
   "name": "simple-oauth2-ts-client",
-  "version": "1.0.4",
+  "version": "1.0.5",
   "description": "A TypeScript OAuth 2.0 client library",
@@ -5,0 +5,0 @@ "main": "dist/index.js",

No alert changes

Improved metrics

Total package byte prevSize

37314

increased by2.63%

Lines of code

595

increased by3.3%

No dependency changes