Skip to content

Add option to send client credentials (client_id and client_secret) in the header #122

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

Add option to send client credentials (client_id and client_secret) in the header #122

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
1d8f881
Add option to send client credentials (client_id and client_secret) i…
Aug 2, 2017
7ad5e3f
Add option to send client credentials (client_id and client_secret) i…
smoreau Dec 9, 2017
c532849
Revert "Add option to send client credentials (client_id and client_s…
smoreau Dec 9, 2017
715a259
Modify the README file to add the information about 'clientCredential…
smoreau Dec 9, 2017
218a2a7
Merge remote-tracking branch 'upstream/master'
smoreau Mar 28, 2018
3620035
Fixing JSHint warnings
smoreau Mar 28, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,8 @@ OAuthProvider.configure({
clientId: null,
clientSecret: null,
grantPath: '/oauth2/token',
revokePath: '/oauth2/revoke'
revokePath: '/oauth2/revoke',
clientCredentials: 'body'
});
```

Expand All @@ -117,7 +118,8 @@ OAuth.configure({
clientId: null,
clientSecret: null,
grantPath: '/oauth2/token',
revokePath: '/oauth2/revoke'
revokePath: '/oauth2/revoke',
clientCredentials: 'body'
});

```
Expand Down
90 changes: 61 additions & 29 deletions dist/angular-oauth2.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,32 @@
}
return config;
};
var addCredentialsInHeader = function addCredentialsInHeader(config, options) {
credentials = config.clientId + ":";
if (null !== config.clientSecret) {
credentials += config.clientSecret;
}
credentials = "Basic " + btoa(credentials);

options = angular.extend({
headers: {
Authorization: credentials,
"Content-Type": "application/x-www-form-urlencoded"
}
}, options);

return options;
};
var addCredentialsInBody = function addCredentialsInBody(config, data) {
data = angular.extend({
client_id: config.clientId
}, data);
if (null !== config.clientSecret) {
data.client_secret = config.clientSecret;
}

return data;
};
this.configure = function(params) {
_this.defaultConfig = sanitizeConfigParams(params);
};
Expand All @@ -117,20 +143,22 @@
}, {
key: "getAccessToken",
value: function getAccessToken(data, options) {
if ("header" === this.config.clientCredentials) {
options = addCredentialsInHeader(this.config, options);
} else {
data = addCredentialsInBody(this.config, data);
options = angular.extend({
headers: {
Authorization: undefined,
"Content-Type": "application/x-www-form-urlencoded"
}
}, options);
}

data = angular.extend({
client_id: this.config.clientId,
grant_type: "password"
}, data);
if (null !== this.config.clientSecret) {
data.client_secret = this.config.clientSecret;
}
data = queryString.stringify(data);
options = angular.extend({
headers: {
Authorization: undefined,
"Content-Type": "application/x-www-form-urlencoded"
}
}, options);
return $http.post("" + this.config.baseUrl + this.config.grantPath, data, options).then(function(response) {
OAuthToken.setToken(response.data);
return response;
Expand All @@ -139,21 +167,23 @@
}, {
key: "getRefreshToken",
value: function getRefreshToken(data, options) {
if ("header" === this.config.clientCredentials) {
options = addCredentialsInHeader(this.config, options);
} else {
data = addCredentialsInBody(this.config, data);
options = angular.extend({
headers: {
Authorization: undefined,
"Content-Type": "application/x-www-form-urlencoded"
}
}, options);
}

data = angular.extend({
client_id: this.config.clientId,
grant_type: "refresh_token",
refresh_token: OAuthToken.getRefreshToken()
}, data);
if (null !== this.config.clientSecret) {
data.client_secret = this.config.clientSecret;
}
data = queryString.stringify(data);
options = angular.extend({
headers: {
Authorization: undefined,
"Content-Type": "application/x-www-form-urlencoded"
}
}, options);
return $http.post("" + this.config.baseUrl + this.config.grantPath, data, options).then(function(response) {
OAuthToken.setToken(response.data);
return response;
Expand All @@ -162,21 +192,23 @@
}, {
key: "revokeToken",
value: function revokeToken(data, options) {
if ("header" === this.config.clientCredentials) {
options = addCredentialsInHeader(this.config, options);
} else {
data = addCredentialsInBody(this.config, data);
options = angular.extend({
headers: {
"Content-Type": "application/x-www-form-urlencoded"
}
}, options);
}

var refreshToken = OAuthToken.getRefreshToken();
data = angular.extend({
client_id: this.config.clientId,
token: refreshToken ? refreshToken : OAuthToken.getAccessToken(),
token_type_hint: refreshToken ? "refresh_token" : "access_token"
}, data);
if (null !== this.config.clientSecret) {
data.client_secret = this.config.clientSecret;
}
data = queryString.stringify(data);
options = angular.extend({
headers: {
"Content-Type": "application/x-www-form-urlencoded"
}
}, options);
return $http.post("" + this.config.baseUrl + this.config.revokePath, data, options).then(function(response) {
OAuthToken.removeToken();
return response;
Expand Down