From 5fb01822b970a0024e15adbbd3e54fcefa7bc47e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonatan=20M=C3=A4nnchen?= Date: Wed, 13 Dec 2023 19:05:00 +0100 Subject: [PATCH] Allow to pass body_extension for token retrieval --- src/oidcc_token.erl | 10 ++++++++-- test/oidcc_token_test.erl | 9 +++++++-- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/src/oidcc_token.erl b/src/oidcc_token.erl index b5ab089..0cb5252 100644 --- a/src/oidcc_token.erl +++ b/src/oidcc_token.erl @@ -104,6 +104,7 @@ redirect_uri := uri_string:uri_string(), request_opts => oidcc_http_util:request_opts(), url_extension => oidcc_http_util:query_params(), + body_extension => oidcc_http_util:query_params(), quirks => quirks() }. %% Options for retrieving a token @@ -129,6 +130,7 @@ refresh_jwks => oidcc_jwt_util:refresh_jwks_for_unknown_kid_fun(), request_opts => oidcc_http_util:request_opts(), url_extension => oidcc_http_util:query_params(), + body_extension => oidcc_http_util:query_params(), quirks => quirks() }. %% See {@link refresh_opts_no_sub()} @@ -140,6 +142,7 @@ expected_subject := binary(), request_opts => oidcc_http_util:request_opts(), url_extension => oidcc_http_util:query_params(), + body_extension => oidcc_http_util:query_params(), quirks => quirks() }. %% Options for refreshing a token @@ -161,6 +164,7 @@ request_opts => oidcc_http_util:request_opts(), kid => binary(), url_extension => oidcc_http_util:query_params(), + body_extension => oidcc_http_util:query_params(), quirks => quirks() }. @@ -169,6 +173,7 @@ refresh_jwks => oidcc_jwt_util:refresh_jwks_for_unknown_kid_fun(), request_opts => oidcc_http_util:request_opts(), url_extension => oidcc_http_util:query_params(), + body_extension => oidcc_http_util:query_params(), quirks => quirks() }. @@ -893,7 +898,8 @@ retrieve_a_token(QsBodyIn, PkceVerifier, ClientContext, Opts, TelemetryOpts, Aut Header0 = [{"accept", "application/jwt, application/json"}], - Body0 = add_pkce_verifier(QsBodyIn, PkceVerifier), + QsBody0 = QsBodyIn ++ maps:get(body_extension, Opts, []), + QsBody = add_pkce_verifier(QsBody0, PkceVerifier), SupportedAuthMethods = case AuthenticateClient of @@ -904,7 +910,7 @@ retrieve_a_token(QsBodyIn, PkceVerifier, ClientContext, Opts, TelemetryOpts, Aut maybe {ok, {Body, Header}} ?= oidcc_auth_util:add_client_authentication( - Body0, Header0, SupportedAuthMethods, SigningAlgs, Opts, ClientContext + QsBody, Header0, SupportedAuthMethods, SigningAlgs, Opts, ClientContext ), Request = {Endpoint, Header, "application/x-www-form-urlencoded", uri_string:compose_query(Body)}, diff --git a/test/oidcc_token_test.erl b/test/oidcc_token_test.erl index 5fd5ace..afadad8 100644 --- a/test/oidcc_token_test.erl +++ b/test/oidcc_token_test.erl @@ -82,7 +82,8 @@ retrieve_none_test() -> #{ <<"grant_type">> := <<"authorization_code">>, <<"code">> := AuthCode, - <<"redirect_uri">> := LocalEndpoint + <<"redirect_uri">> := LocalEndpoint, + <<"foo">> := <<"bar">> }, maps:from_list(uri_string:dissect_query(Body)) ), @@ -103,7 +104,11 @@ retrieve_none_test() -> oidcc_token:retrieve( AuthCode, ClientContext, - #{redirect_uri => LocalEndpoint, url_extension => [{<<"foo">>, <<"bar">>}]} + #{ + redirect_uri => LocalEndpoint, + url_extension => [{<<"foo">>, <<"bar">>}], + body_extension => [{<<"foo">>, <<"bar">>}] + } ) ),