From f8e366cf0f2c20526d2ff358cae1719cdf508040 Mon Sep 17 00:00:00 2001 From: Gyanesh Gouraw Date: Mon, 8 Apr 2024 10:19:36 +0530 Subject: [PATCH 1/5] Added additional request parameter to support PAR with JAR requests --- src/auth/oauth.ts | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/auth/oauth.ts b/src/auth/oauth.ts index 736a0a1ac..ce57b1a0f 100644 --- a/src/auth/oauth.ts +++ b/src/auth/oauth.ts @@ -146,6 +146,11 @@ export interface PushedAuthorizationRequest extends ClientCredentials { */ code_challenge?: string; + /** + * Allows JWT-Secured Authorization Request (JAR), when JAR & PAR request are used together. {@link https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow/authorization-code-flow-with-par-and-jar | Reference} + */ + request?: string; + /** * Allow for any custom property to be sent to Auth0 */ From ca427a5068639975866decbcb1d80d2f5c0fe145 Mon Sep 17 00:00:00 2001 From: Gyanesh Gouraw Date: Wed, 24 Apr 2024 11:46:01 +0530 Subject: [PATCH 2/5] Added unit test for PAR with JAR changes --- test/auth/fixtures/oauth.json | 11 +++++++++++ test/auth/oauth.test.ts | 18 ++++++++++++++++++ 2 files changed, 29 insertions(+) diff --git a/test/auth/fixtures/oauth.json b/test/auth/fixtures/oauth.json index 0c8e4ac6f..7f2a80198 100644 --- a/test/auth/fixtures/oauth.json +++ b/test/auth/fixtures/oauth.json @@ -167,5 +167,16 @@ "request_uri": "https://www.request.uri", "expires_in": 86400 } + }, + { + "scope": "https://test-domain.auth0.com", + "method": "POST", + "path": "/oauth/par", + "body": "client_id=test-client-id&response_type=code&redirect_uri=https%3A%2F%2Fexample.com&request=eyJhbGciOiJSUzI1NiIsInR5cCI6Imp3dCIsImtpZCI6IjNreHdsVm5ZdW5oVUIyQVFYLVFYVUVZV0oxSlRyd08tQUpBMmc3MVVfa0UifQ.eyJpc3MiOiJkUkRDaWNobkk1YUpLcHZqYVJNZG0yUWdTRUxycVlHVSIsImF1ZCI6Imh0dHBzOi8vcGV1Mi10ZXN0LmV1LmF1dGgwLmNvbS8iLCJjbGllbnRfaWQiOiJkUkRDaWNobkk1YUpLcHZqYVJNZG0yUWdTRUxycVlHVSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cDovL2xvY2FsaG9zdDozMDAwIiwibm9uY2UiOiIzMjNmMWYxNDIxMjI3Y2U1OGE3M2IxOTVkZWRjMDRmOCIsImlhdCI6MTcxMjMzNTMyMn0.E9ZAju2emT9KyR-asklRydgT0q2GmL3u90enSHvpF1PVn7zKqHBW9i6o4-QlIy-efHAsaGikMsysRMbp2xNVl5p9SFn-mZXlxrtIe2vKwbIRrknCT29CRyxX7Ulvv9840YK7N8BHoah8PRuAfJMq-e0jvCgfxuxBJC8uXBY2S43_YpLe2SKkmb-E9APwKh-55Mx-DPFVUKm1hasZ9GnRSZUb9F4aVB9Q8YndZ0uxKSjtPPwakDECHxSyA1yXQ7B1FrhcsZcTwneTDbmzepodStNboBdxmDVjXQggfyPeqeeeW5cCpJAhVnoo740TjwgsncJ9ftymR2uLP_fexru6KA&client_secret=test-client-secret", + "status": 200, + "response": { + "request_uri": "https://www.request.uri", + "expires_in": 86400 + } } ] diff --git a/test/auth/oauth.test.ts b/test/auth/oauth.test.ts index ec61fc9f3..f6b4cb1a2 100644 --- a/test/auth/oauth.test.ts +++ b/test/auth/oauth.test.ts @@ -328,6 +328,24 @@ describe('OAuth', () => { }, }); }); + + it('should send request param when provided', async () => { + const oauth = new OAuth(opts); + await expect( + oauth.pushedAuthorization({ + client_id: 'test-client-id', + response_type: 'code', + redirect_uri: 'https://example.com', + request: + 'eyJhbGciOiJSUzI1NiIsInR5cCI6Imp3dCIsImtpZCI6IjNreHdsVm5ZdW5oVUIyQVFYLVFYVUVZV0oxSlRyd08tQUpBMmc3MVVfa0UifQ.eyJpc3MiOiJkUkRDaWNobkk1YUpLcHZqYVJNZG0yUWdTRUxycVlHVSIsImF1ZCI6Imh0dHBzOi8vcGV1Mi10ZXN0LmV1LmF1dGgwLmNvbS8iLCJjbGllbnRfaWQiOiJkUkRDaWNobkk1YUpLcHZqYVJNZG0yUWdTRUxycVlHVSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cDovL2xvY2FsaG9zdDozMDAwIiwibm9uY2UiOiIzMjNmMWYxNDIxMjI3Y2U1OGE3M2IxOTVkZWRjMDRmOCIsImlhdCI6MTcxMjMzNTMyMn0.E9ZAju2emT9KyR-asklRydgT0q2GmL3u90enSHvpF1PVn7zKqHBW9i6o4-QlIy-efHAsaGikMsysRMbp2xNVl5p9SFn-mZXlxrtIe2vKwbIRrknCT29CRyxX7Ulvv9840YK7N8BHoah8PRuAfJMq-e0jvCgfxuxBJC8uXBY2S43_YpLe2SKkmb-E9APwKh-55Mx-DPFVUKm1hasZ9GnRSZUb9F4aVB9Q8YndZ0uxKSjtPPwakDECHxSyA1yXQ7B1FrhcsZcTwneTDbmzepodStNboBdxmDVjXQggfyPeqeeeW5cCpJAhVnoo740TjwgsncJ9ftymR2uLP_fexru6KA', + }) + ).resolves.toMatchObject({ + data: { + request_uri: 'https://www.request.uri', + expires_in: 86400, + }, + }); + }); }); }); From e75bfa007de0cc81a2d05ab4aa947a60dba1c2dd Mon Sep 17 00:00:00 2001 From: Gyanesh Gouraw Date: Wed, 24 Apr 2024 11:53:25 +0530 Subject: [PATCH 3/5] Updated token formatting in par related unit test From 60cd1af7308b6a672f42cfaa66d6c60214970a41 Mon Sep 17 00:00:00 2001 From: Gyanesh Gouraw Date: Wed, 24 Apr 2024 11:57:50 +0530 Subject: [PATCH 4/5] Updated token formatting in par related unit test, added changes last commit changes were missing From b6c2e57d9f1961fcb6285ae72386ca0828387ffd Mon Sep 17 00:00:00 2001 From: gyaneshgouraw-okta Date: Wed, 24 Apr 2024 12:14:15 +0530 Subject: [PATCH 5/5] Updated dummy jwt value in test file for PAR request --- test/auth/fixtures/oauth.json | 2 +- test/auth/oauth.test.ts | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/test/auth/fixtures/oauth.json b/test/auth/fixtures/oauth.json index 7f2a80198..4afcd6431 100644 --- a/test/auth/fixtures/oauth.json +++ b/test/auth/fixtures/oauth.json @@ -172,7 +172,7 @@ "scope": "https://test-domain.auth0.com", "method": "POST", "path": "/oauth/par", - "body": "client_id=test-client-id&response_type=code&redirect_uri=https%3A%2F%2Fexample.com&request=eyJhbGciOiJSUzI1NiIsInR5cCI6Imp3dCIsImtpZCI6IjNreHdsVm5ZdW5oVUIyQVFYLVFYVUVZV0oxSlRyd08tQUpBMmc3MVVfa0UifQ.eyJpc3MiOiJkUkRDaWNobkk1YUpLcHZqYVJNZG0yUWdTRUxycVlHVSIsImF1ZCI6Imh0dHBzOi8vcGV1Mi10ZXN0LmV1LmF1dGgwLmNvbS8iLCJjbGllbnRfaWQiOiJkUkRDaWNobkk1YUpLcHZqYVJNZG0yUWdTRUxycVlHVSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cDovL2xvY2FsaG9zdDozMDAwIiwibm9uY2UiOiIzMjNmMWYxNDIxMjI3Y2U1OGE3M2IxOTVkZWRjMDRmOCIsImlhdCI6MTcxMjMzNTMyMn0.E9ZAju2emT9KyR-asklRydgT0q2GmL3u90enSHvpF1PVn7zKqHBW9i6o4-QlIy-efHAsaGikMsysRMbp2xNVl5p9SFn-mZXlxrtIe2vKwbIRrknCT29CRyxX7Ulvv9840YK7N8BHoah8PRuAfJMq-e0jvCgfxuxBJC8uXBY2S43_YpLe2SKkmb-E9APwKh-55Mx-DPFVUKm1hasZ9GnRSZUb9F4aVB9Q8YndZ0uxKSjtPPwakDECHxSyA1yXQ7B1FrhcsZcTwneTDbmzepodStNboBdxmDVjXQggfyPeqeeeW5cCpJAhVnoo740TjwgsncJ9ftymR2uLP_fexru6KA&client_secret=test-client-secret", + "body": "client_id=test-client-id&response_type=code&redirect_uri=https%3A%2F%2Fexample.com&request=my-jwt-request&client_secret=test-client-secret", "status": 200, "response": { "request_uri": "https://www.request.uri", diff --git a/test/auth/oauth.test.ts b/test/auth/oauth.test.ts index f6b4cb1a2..ea2295256 100644 --- a/test/auth/oauth.test.ts +++ b/test/auth/oauth.test.ts @@ -336,8 +336,7 @@ describe('OAuth', () => { client_id: 'test-client-id', response_type: 'code', redirect_uri: 'https://example.com', - request: - 'eyJhbGciOiJSUzI1NiIsInR5cCI6Imp3dCIsImtpZCI6IjNreHdsVm5ZdW5oVUIyQVFYLVFYVUVZV0oxSlRyd08tQUpBMmc3MVVfa0UifQ.eyJpc3MiOiJkUkRDaWNobkk1YUpLcHZqYVJNZG0yUWdTRUxycVlHVSIsImF1ZCI6Imh0dHBzOi8vcGV1Mi10ZXN0LmV1LmF1dGgwLmNvbS8iLCJjbGllbnRfaWQiOiJkUkRDaWNobkk1YUpLcHZqYVJNZG0yUWdTRUxycVlHVSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cDovL2xvY2FsaG9zdDozMDAwIiwibm9uY2UiOiIzMjNmMWYxNDIxMjI3Y2U1OGE3M2IxOTVkZWRjMDRmOCIsImlhdCI6MTcxMjMzNTMyMn0.E9ZAju2emT9KyR-asklRydgT0q2GmL3u90enSHvpF1PVn7zKqHBW9i6o4-QlIy-efHAsaGikMsysRMbp2xNVl5p9SFn-mZXlxrtIe2vKwbIRrknCT29CRyxX7Ulvv9840YK7N8BHoah8PRuAfJMq-e0jvCgfxuxBJC8uXBY2S43_YpLe2SKkmb-E9APwKh-55Mx-DPFVUKm1hasZ9GnRSZUb9F4aVB9Q8YndZ0uxKSjtPPwakDECHxSyA1yXQ7B1FrhcsZcTwneTDbmzepodStNboBdxmDVjXQggfyPeqeeeW5cCpJAhVnoo740TjwgsncJ9ftymR2uLP_fexru6KA', + request: 'my-jwt-request', }) ).resolves.toMatchObject({ data: {