From 7442f4cd6e8a71546abde59873d2a0235959bf09 Mon Sep 17 00:00:00 2001 From: Gyanesh Gouraw Date: Mon, 15 Apr 2024 10:19:13 +0530 Subject: [PATCH] Updated changes for new authorization_details parameter RAR requests --- src/auth/client-authentication.ts | 3 --- src/auth/oauth.ts | 17 ++--------------- test/auth/client-authentication.test.ts | 18 ------------------ 3 files changed, 2 insertions(+), 36 deletions(-) diff --git a/src/auth/client-authentication.ts b/src/auth/client-authentication.ts index ed93055d9..1c10fb9f0 100644 --- a/src/auth/client-authentication.ts +++ b/src/auth/client-authentication.ts @@ -36,9 +36,6 @@ export const addClientAuthentication = async ({ clientSecret, }: AddClientAuthenticationOptions): Promise> => { const cid = payload.client_id || clientId; - if (payload.authorization_details) { - payload.authorization_details = JSON.stringify(payload.authorization_details); - } if (clientAssertionSigningKey && !payload.client_assertion) { const alg = clientAssertionSigningAlg || 'RS256'; const privateKey = await jose.importPKCS8(clientAssertionSigningKey, alg); diff --git a/src/auth/oauth.ts b/src/auth/oauth.ts index 29a89997d..7b8751815 100644 --- a/src/auth/oauth.ts +++ b/src/auth/oauth.ts @@ -91,19 +91,6 @@ export interface ClientCredentialsGrantRequest extends ClientCredentials { audience: string; } -interface AuthorizationDetails { - /** - * An identifier for the authorization details - */ - type: string; - - /** - * Allow for any custom property to be sent to Auth0 - * It represents data to specify the authorization requirements for a certain type of resource. - */ - [key: string]: any; -} - export interface PushedAuthorizationRequest extends ClientCredentials { /** * URI to redirect to. @@ -160,9 +147,9 @@ export interface PushedAuthorizationRequest extends ClientCredentials { code_challenge?: string; /** - * Can carry fine-grained authorization data in OAuth messages as part of Rich Authorization Requests(RAR) {@link https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow/authorization-code-flow-with-rar | Reference} + * A JSON stringified an array of objects. It Can carry fine-grained authorization data in OAuth messages as part of Rich Authorization Requests(RAR) {@link https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow/authorization-code-flow-with-rar | Reference} */ - authorization_details?: Required[]; + authorization_details?: string; /** * Allow for any custom property to be sent to Auth0 diff --git a/test/auth/client-authentication.test.ts b/test/auth/client-authentication.test.ts index 7679fc98d..2ba46c2e6 100644 --- a/test/auth/client-authentication.test.ts +++ b/test/auth/client-authentication.test.ts @@ -206,21 +206,3 @@ describe('client-authentication for par endpoint', () => { }); }); }); - -describe('Validate addClientAuthentication function', () => { - it('should stringify authorization_details property of payload parameter', async () => { - const authorization_details = [{ type: 'payment_initiation', actions: ['write'] }]; - const authenticatedPayload = await addClientAuthentication({ - payload: { - authorization_details: authorization_details, - client_secret: 'foo', - }, - domain: 'tenant.auth0.com', - clientId, - }); - - expect(authenticatedPayload.authorization_details).toEqual( - JSON.stringify(authorization_details) - ); - }); -});