How to use custom authentication parameters?

[xaviergxf]

Hello httpyac team,

Do you have a way to pass custom authentication parameters, such as an origin header, resource, etc? IntelliJ provides this feature: https://www.jetbrains.com/help/idea/oauth-2-0-authorization.html#custom-authentication-parameters (usage sample on https://youtrack.jetbrains.com/issue/IJPL-65460/Support-Audience-and-Resource-in-HTTP-Client).

Does httpYac has something similar? I'm asking this because I would like to authenticate to Azure EntraId using code flow with PKCE. Has anyone already achieved this using this flow type?

Thanks in advance

[AnWeber]

I have tried to support the custom request headers resource and audience that I know, as I have already used them. In other words, a configuration analogous to Intellij Http Client should be supported. For examples of how I would configure it, I would refer you to these examples using an outdated Keycloak OAuth2 Server There is also an example of how to further modify the OAuth2 request (oauth2_interceptRequtest.http)

@oauth2_tokenEndpoint=http://localhost:8080/realms/master/protocol/openid-connect/token
@oauth2_authorizationEndpoint=http://localhost:8080/realms/master/protocol/openid-connect/auth
@oauth2_clientId=httpyac_pkce
@oauth2_clientSecret=3KZc1jK1WTLunuHZD3AKTZWtWwn4JwFV
@oauth2_usePkce=true
@oauth2_resource=...
@oauth2_audience=...

GET /secure
Authorization: oauth2

[xaviergxf]

Hi @AnWeber, I don't understand The syntax. How could I declare a custom header abc=def for example?

[AnWeber]

I did not have custom headers in the auth request in mind. So it is not as easy. But it will work.

{{
  exports.oauth2_interceptRequest = function(request, context) {
    request.headers.foo='bar';
  }
}}
GET https://httpbin.org/anything
Authorization: oauth2 password

[xaviergxf]

Thanks @AnWeber :)

[AnWeber]

You were successful? :-)