From df88ff22ece313a7b84931aa9513b91e2732f57c Mon Sep 17 00:00:00 2001 From: Khiem Vo Date: Mon, 15 Jan 2024 12:53:44 +1300 Subject: [PATCH 1/6] replace code flow with assertion flow --- lib/strategy.js | 14 +++++++++----- package.json | 4 ++-- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/lib/strategy.js b/lib/strategy.js index 8575b72..4e25430 100644 --- a/lib/strategy.js +++ b/lib/strategy.js @@ -156,23 +156,27 @@ OAuth2Strategy.prototype.authenticate = function(req, options) { callbackURL: callbackURL } - if ((req.query && req.query.code) || (req.body && req.body.code)) { + if ((req.query && req.query.assertion) || (req.body && req.body.assertion)) { function loaded(err, ok, state) { if (err) { return self.error(err); } if (!ok) { return self.fail(state, 403); } - var code = (req.query && req.query.code) || (req.body && req.body.code); + var assertion = (req.query && req.query.assertion) || (req.body && req.body.assertion); var params = self.tokenParams(options); - params.grant_type = 'authorization_code'; + params.grant_type = 'urn:ietf:params:oauth:grant-type:jwt-bearer'; + params.assertion = assertion; if (callbackURL) { params.redirect_uri = callbackURL; } if (typeof ok == 'string') { // PKCE params.code_verifier = ok; } + + var plainAuthorization = `${self._oauth2._clientId}:${self._oauth2._clientSecret}`; + self._oauth2._customHeaders['Authorization'] = `Basic ${btoa(plainAuthorization)}`; - self._oauth2.getOAuthAccessToken(code, params, + self._oauth2.getOAuthAccessToken(assertion, params, function(err, accessToken, refreshToken, params) { if (err) { return self.error(self._createOAuthError('Failed to obtain access token', err)); } if (!accessToken) { return self.error(new Error('Failed to obtain access token')); } @@ -426,4 +430,4 @@ OAuth2Strategy.prototype._createOAuthError = function(message, err) { // Expose constructor. -module.exports = OAuth2Strategy; +module.exports = OAuth2Strategy; \ No newline at end of file diff --git a/package.json b/package.json index 2805521..cb401a7 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { - "name": "passport-oauth2", - "version": "1.7.0", + "name": "@myob/passport-oauth2", + "version": "1.8.0", "description": "OAuth 2.0 authentication strategy for Passport.", "keywords": [ "passport", From bada3db9eec639671ff39bf07b623cebabd127b5 Mon Sep 17 00:00:00 2001 From: Khiem Vo Date: Mon, 15 Jan 2024 13:15:08 +1300 Subject: [PATCH 2/6] update instruction upload to myob cloudsmith package management --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 54b19da..79ddd89 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,10 @@ list so other people can find it. $ npm install passport-oauth2 +## Publish package to cloudsmit +Login to cloudsmith +```npm publish --access public``` + ## Usage #### Configure Strategy From ff55a95f26e33c7aeb83458be0e0b8770960c983 Mon Sep 17 00:00:00 2001 From: practice solutions Date: Mon, 29 Jan 2024 23:55:19 +0000 Subject: [PATCH 3/6] added scope to params --- lib/strategy.js | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/strategy.js b/lib/strategy.js index 4e25430..03bf026 100644 --- a/lib/strategy.js +++ b/lib/strategy.js @@ -168,6 +168,7 @@ OAuth2Strategy.prototype.authenticate = function(req, options) { var params = self.tokenParams(options); params.grant_type = 'urn:ietf:params:oauth:grant-type:jwt-bearer'; params.assertion = assertion; + params.scope = 'AccountantsFramework practice.online'; if (callbackURL) { params.redirect_uri = callbackURL; } if (typeof ok == 'string') { // PKCE params.code_verifier = ok; From 06e7fd7c2f5229d79fa8a619ca3af06b3f844c34 Mon Sep 17 00:00:00 2001 From: practice solutions Date: Thu, 15 Feb 2024 22:54:48 +0000 Subject: [PATCH 4/6] added scope to assertion flow --- lib/strategy.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/strategy.js b/lib/strategy.js index 03bf026..04879e4 100644 --- a/lib/strategy.js +++ b/lib/strategy.js @@ -168,7 +168,7 @@ OAuth2Strategy.prototype.authenticate = function(req, options) { var params = self.tokenParams(options); params.grant_type = 'urn:ietf:params:oauth:grant-type:jwt-bearer'; params.assertion = assertion; - params.scope = 'AccountantsFramework practice.online'; + params.scope = self._scope.join(self._scopeSeparator); if (callbackURL) { params.redirect_uri = callbackURL; } if (typeof ok == 'string') { // PKCE params.code_verifier = ok; From ecdc43fcc2fab7af14b5391237b86d8a492912ce Mon Sep 17 00:00:00 2001 From: Khiem Vo Date: Fri, 16 Feb 2024 13:37:21 +1300 Subject: [PATCH 5/6] increase version --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index cb401a7..b375d4b 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@myob/passport-oauth2", - "version": "1.8.0", + "version": "1.8.1", "description": "OAuth 2.0 authentication strategy for Passport.", "keywords": [ "passport", From 1efb72b6ae9498300a5d4f9032c4a013d3a2d6e6 Mon Sep 17 00:00:00 2001 From: Khiem Vo <34632642+khiemmyob@users.noreply.github.com> Date: Fri, 16 Feb 2024 13:40:29 +1300 Subject: [PATCH 6/6] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 79ddd89..e1dfffb 100644 --- a/README.md +++ b/README.md @@ -46,8 +46,8 @@ list so other people can find it. $ npm install passport-oauth2 ## Publish package to cloudsmit -Login to cloudsmith -```npm publish --access public``` +- Login to cloudsmith +- ```npm publish --access public``` ## Usage