(
provider: OAuthClientProvider,
authorizationServerUrl: string | URL,
{
metadata,
resource,
authorizationCode,
fetchFn
}: {
metadata?: AuthorizationServerMetadata;
resource?: URL;
/** Authorization code for the default authorization_code grant flow */
authorizationCode?: string;
fetchFn?: FetchLike;
} = {}
)
| 1379 | * const tokens = await fetchToken(provider, authServerUrl, { metadata }); |
| 1380 | */ |
| 1381 | export async function fetchToken( |
| 1382 | provider: OAuthClientProvider, |
| 1383 | authorizationServerUrl: string | URL, |
| 1384 | { |
| 1385 | metadata, |
| 1386 | resource, |
| 1387 | authorizationCode, |
| 1388 | fetchFn |
| 1389 | }: { |
| 1390 | metadata?: AuthorizationServerMetadata; |
| 1391 | resource?: URL; |
| 1392 | /** Authorization code for the default authorization_code grant flow */ |
| 1393 | authorizationCode?: string; |
| 1394 | fetchFn?: FetchLike; |
| 1395 | } = {} |
| 1396 | ): Promise<OAuthTokens> { |
| 1397 | const scope = provider.clientMetadata.scope; |
| 1398 | |
| 1399 | // Use provider's prepareTokenRequest if available, otherwise fall back to authorization_code |
| 1400 | let tokenRequestParams: URLSearchParams | undefined; |
| 1401 | if (provider.prepareTokenRequest) { |
| 1402 | tokenRequestParams = await provider.prepareTokenRequest(scope); |
| 1403 | } |
| 1404 | |
| 1405 | // Default to authorization_code grant if no custom prepareTokenRequest |
| 1406 | if (!tokenRequestParams) { |
| 1407 | if (!authorizationCode) { |
| 1408 | throw new Error('Either provider.prepareTokenRequest() or authorizationCode is required'); |
| 1409 | } |
| 1410 | if (!provider.redirectUrl) { |
| 1411 | throw new Error('redirectUrl is required for authorization_code flow'); |
| 1412 | } |
| 1413 | const codeVerifier = await provider.codeVerifier(); |
| 1414 | tokenRequestParams = prepareAuthorizationCodeRequest(authorizationCode, codeVerifier, provider.redirectUrl); |
| 1415 | } |
| 1416 | |
| 1417 | const clientInformation = await provider.clientInformation(); |
| 1418 | |
| 1419 | return executeTokenRequest(authorizationServerUrl, { |
| 1420 | metadata, |
| 1421 | tokenRequestParams, |
| 1422 | clientInformation: clientInformation ?? undefined, |
| 1423 | addClientAuthentication: provider.addClientAuthentication, |
| 1424 | resource, |
| 1425 | fetchFn |
| 1426 | }); |
| 1427 | } |
| 1428 | |
| 1429 | /** |
| 1430 | * Performs OAuth 2.0 Dynamic Client Registration according to RFC 7591. |
no test coverage detected
searching dependent graphs…