http: automatically add bearer tokens to a request

OpenFn / adaptors

The new home for OpenFn adaptors; re-usable connectors for the most common DPGs and DPI building blocks.

GNU General Public License v3.0

7 stars 8 forks source link

http: automatically add bearer tokens to a request #582

Closed josephjclark closed 4 months ago

josephjclark commented 4 months ago

Summary

This PR reads the token from the config object and adds it to an Authorization: Bearer ${token} header.

Details

I think this is all that's needed? It should work with oath and I think most api key-style APIs. I don't know how much variance there is in the pattern, maybe we can add more flexibility later if needed.

Note that users can provide their own Authorization header in the request, so even if this doesn't work in all cases, there's an easy work around.

Issues

Closes #581

josephjclark commented 4 months ago

@taylordowns2000 @mtuchi I'm not really oauth-literate but I think this is right? Check the addAuth function in utils

josephjclark commented 4 months ago

@taylordowns2000 access_token is just what the salesforce client uses to add its own oath header. I could rename it to make them consistent, but I'm not really sure it matters. Also it'll start a snake_case argument

josephjclark commented 4 months ago

Ok, I see the discussions in the other threads (although I'm gonna quietly ignore the chatgpt response!)

I introduced token just a couple of weeks ago in #540. It's new and probably unused and I'm happy to sneakily break that one patch release.

Just to be clear - the idea is that users get an oauth JSON object from whatever tool they want (including lightning), and they add that to their state (which obviously Lightning will do), and because the config aligns with the oath standard it'll Just Work :tm:

taylordowns2000 commented 4 months ago

Just to be clear - the idea is that users get an oauth JSON object from whatever tool they want (including lightning), and they add that to their state (which obviously Lightning will do), and because the config aligns with the oath standard it'll Just Work ™️

Yes! Exactly.

We're supporting a standard OAuth response to be used as state.configuration per this spec.
And then we're popping access_token in Bearer per this spec.

@josephjclark , @elias-ba , @mtuchi , it won't always work, but looks like it will work for 90% of credentials created using our new standard OpenFn/Lightning OAuth2 client/credential creator.

For those edge cases, we'll need to build adaptors. (But hey, more adaptors?? That's not so bad either!)