* Internal helper to execute a token request with the given parameters. * Used by exchangeAuthorization, refreshAuthorization, and fetchToken.
(
authorizationServerUrl: string | URL,
{
metadata,
tokenRequestParams,
clientInformation,
addClientAuthentication,
resource,
fetchFn
}: {
metadata?: AuthorizationServerMetadata;
tokenRequestParams: URLSearchParams;
clientInformation?: OAuthClientInformationMixed;
addClientAuthentication?: OAuthClientProvider['addClientAuthentication'];
resource?: URL;
fetchFn?: FetchLike;
}
)
| 1209 | * Used by exchangeAuthorization, refreshAuthorization, and fetchToken. |
| 1210 | */ |
| 1211 | async function executeTokenRequest( |
| 1212 | authorizationServerUrl: string | URL, |
| 1213 | { |
| 1214 | metadata, |
| 1215 | tokenRequestParams, |
| 1216 | clientInformation, |
| 1217 | addClientAuthentication, |
| 1218 | resource, |
| 1219 | fetchFn |
| 1220 | }: { |
| 1221 | metadata?: AuthorizationServerMetadata; |
| 1222 | tokenRequestParams: URLSearchParams; |
| 1223 | clientInformation?: OAuthClientInformationMixed; |
| 1224 | addClientAuthentication?: OAuthClientProvider['addClientAuthentication']; |
| 1225 | resource?: URL; |
| 1226 | fetchFn?: FetchLike; |
| 1227 | } |
| 1228 | ): Promise<OAuthTokens> { |
| 1229 | const tokenUrl = metadata?.token_endpoint ? new URL(metadata.token_endpoint) : new URL('/token', authorizationServerUrl); |
| 1230 | |
| 1231 | const headers = new Headers({ |
| 1232 | 'Content-Type': 'application/x-www-form-urlencoded', |
| 1233 | Accept: 'application/json' |
| 1234 | }); |
| 1235 | |
| 1236 | if (resource) { |
| 1237 | tokenRequestParams.set('resource', resource.href); |
| 1238 | } |
| 1239 | |
| 1240 | if (addClientAuthentication) { |
| 1241 | await addClientAuthentication(headers, tokenRequestParams, tokenUrl, metadata); |
| 1242 | } else if (clientInformation) { |
| 1243 | const supportedMethods = metadata?.token_endpoint_auth_methods_supported ?? []; |
| 1244 | const authMethod = selectClientAuthMethod(clientInformation, supportedMethods); |
| 1245 | applyClientAuthentication(authMethod, clientInformation as OAuthClientInformation, headers, tokenRequestParams); |
| 1246 | } |
| 1247 | |
| 1248 | const response = await (fetchFn ?? fetch)(tokenUrl, { |
| 1249 | method: 'POST', |
| 1250 | headers, |
| 1251 | body: tokenRequestParams |
| 1252 | }); |
| 1253 | |
| 1254 | if (!response.ok) { |
| 1255 | throw await parseErrorResponse(response); |
| 1256 | } |
| 1257 | |
| 1258 | return OAuthTokensSchema.parse(await response.json()); |
| 1259 | } |
| 1260 | |
| 1261 | /** |
| 1262 | * Exchanges an authorization code for an access token with the given server. |
no test coverage detected
searching dependent graphs…