From 5646d68a2bfef7305c10877129286619b03c2bc2 Mon Sep 17 00:00:00 2001 From: Jason Raimondi Date: Sat, 10 Aug 2024 22:44:29 -0400 Subject: [PATCH] feat(breaking): default auth with client_credentials for introspect and revoke This reverts commit 4b0c9a960687d420ba8857cc3004fbb077c9e4ff. --- src/options.ts | 4 ++-- test/e2e/authorization_server.spec.ts | 20 +++++++------------- 2 files changed, 9 insertions(+), 15 deletions(-) diff --git a/src/options.ts b/src/options.ts index e8ef7fa2..43e6a8a7 100644 --- a/src/options.ts +++ b/src/options.ts @@ -7,6 +7,6 @@ export const DEFAULT_AUTHORIZATION_SERVER_OPTIONS: AuthorizationServerOptions = tokenCID: "id", issuer: undefined, scopeDelimiter: " ", - introspectWithClientCredentials: false, - revokeWithClientCredentials: false, + introspectWithClientCredentials: true, + revokeWithClientCredentials: true, }; diff --git a/test/e2e/authorization_server.spec.ts b/test/e2e/authorization_server.spec.ts index 0b1f2adb..c713c068 100644 --- a/test/e2e/authorization_server.spec.ts +++ b/test/e2e/authorization_server.spec.ts @@ -343,8 +343,7 @@ describe("authorization_server", () => { allowedGrants: ["client_credentials"], scopes: [], }; - // skipping for v3.6.0 where there is no auth needed by default - // const basicAuth = "Basic " + base64encode(`${client.id}:${client.secret}`); + const basicAuth = "Basic " + base64encode(`${client.id}:${client.secret}`); let accessToken: OAuthToken; let request: OAuthRequest; @@ -396,8 +395,7 @@ describe("authorization_server", () => { }); }); - // skipping for v3.6.0 where there is no auth by default - describe.skip("with invalid auth", () => { + describe("with invalid auth", () => { beforeEach(() => { request = new OAuthRequest({ headers: {}, @@ -415,8 +413,7 @@ describe("authorization_server", () => { beforeEach(() => { request = new OAuthRequest({ headers: { - // skipping for v3.6.0 where there is no auth needed by default - // authorization: basicAuth, + authorization: basicAuth, }, }); }); @@ -535,8 +532,7 @@ describe("authorization_server", () => { allowedGrants: ["client_credentials", "authorization_code"], scopes: [], }; - // skipping for v3.6.0 where there is no auth needed by default - // const basicAuth = "Basic " + base64encode(`${client.id}:${client.secret}`); + const basicAuth = "Basic " + base64encode(`${client.id}:${client.secret}`); let accessToken: OAuthToken; let request: OAuthRequest; @@ -554,7 +550,7 @@ describe("authorization_server", () => { describe("without option revokeWithClientCredentials=false", () => { it("does not require client credentials", async () => { - const authorizationServer = new AuthorizationServer( + authorizationServer = new AuthorizationServer( inMemoryClientRepository, inMemoryAccessTokenRepository, inMemoryScopeRepository, @@ -588,8 +584,7 @@ describe("authorization_server", () => { }); }); - // skipping for v3.6.0 where there is no auth by default - describe.skip("with invalid auth", () => { + describe("with invalid auth", () => { beforeEach(() => { request = new OAuthRequest({ headers: {}, @@ -607,8 +602,7 @@ describe("authorization_server", () => { beforeEach(() => { request = new OAuthRequest({ headers: { - // skipping for v3.6.0 where there is no auth needed by default - // authorization: basicAuth, + authorization: basicAuth, }, }); });