From 3bc86cb69fb1462907baf28f6965c162b57b2822 Mon Sep 17 00:00:00 2001 From: Gyanesh Gouraw <160731216+gyaneshgouraw-okta@users.noreply.github.com> Date: Wed, 24 Apr 2024 18:04:15 +0530 Subject: [PATCH] Added additional request parameter to support PAR with JAR requests (#995) Co-authored-by: gyaneshgouraw-okta --- src/auth/oauth.ts | 5 +++++ test/auth/fixtures/oauth.json | 11 +++++++++++ test/auth/oauth.test.ts | 17 +++++++++++++++++ 3 files changed, 33 insertions(+) diff --git a/src/auth/oauth.ts b/src/auth/oauth.ts index 459881415..e6e1eb7b0 100644 --- a/src/auth/oauth.ts +++ b/src/auth/oauth.ts @@ -146,6 +146,11 @@ export interface PushedAuthorizationRequest extends ClientCredentials { */ code_challenge?: string; + /** + * Allows JWT-Secured Authorization Request (JAR), when JAR & PAR request are used together. {@link https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow/authorization-code-flow-with-par-and-jar | Reference} + */ + request?: string; + /** * A JSON stringified array of objects. It can carry fine-grained authorization data in OAuth messages as part of Rich Authorization Requests (RAR) {@link https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow/authorization-code-flow-with-rar | Reference} */ diff --git a/test/auth/fixtures/oauth.json b/test/auth/fixtures/oauth.json index 4489dd04f..9b0b94845 100644 --- a/test/auth/fixtures/oauth.json +++ b/test/auth/fixtures/oauth.json @@ -178,5 +178,16 @@ "request_uri": "https://www.request.uri", "expires_in": 86400 } + }, + { + "scope": "https://test-domain.auth0.com", + "method": "POST", + "path": "/oauth/par", + "body": "client_id=test-client-id&response_type=code&redirect_uri=https%3A%2F%2Fexample.com&request=my-jwt-request&client_secret=test-client-secret", + "status": 200, + "response": { + "request_uri": "https://www.request.uri", + "expires_in": 86400 + } } ] diff --git a/test/auth/oauth.test.ts b/test/auth/oauth.test.ts index 052d809d8..0e0cbaa7e 100644 --- a/test/auth/oauth.test.ts +++ b/test/auth/oauth.test.ts @@ -347,6 +347,23 @@ describe('OAuth', () => { }, }); }); + + it('should send request param when provided', async () => { + const oauth = new OAuth(opts); + await expect( + oauth.pushedAuthorization({ + client_id: 'test-client-id', + response_type: 'code', + redirect_uri: 'https://example.com', + request: 'my-jwt-request', + }) + ).resolves.toMatchObject({ + data: { + request_uri: 'https://www.request.uri', + expires_in: 86400, + }, + }); + }); }); });