Add an option to pass additional body params to OwnerFlow.getToken

mulesoft-labs / js-client-oauth2

A JavaScript implementation of an oauth2 client, for inclusion in the JavaScript client generator for APIs described with RAML.

Other

539 stars 146 forks source link

Add an option to pass additional body params to OwnerFlow.getToken #37

Closed kirill-konshin closed 7 years ago

kirill-konshin commented 7 years ago

In RingCentral system we use username, extension and password and currently there is no way to set extension in OwnerFlow.getToken:

OwnerFlow.prototype.getToken = function (username, password, options) {
// ...
    body: {
      scope: sanitizeScope(options.scopes),
      username: username,
      password: password,
      grant_type: 'password'
    }
// ...
}

I propose to pass initial body through options.body.

Also I noticed that there is no way to pass additional headers...

blakeembrey commented 7 years ago

The third option is the options you can pass in. It should work exactly how you propose. Headers also work the same way. Please check the snippet of code you pasted, in particular https://github.com/mulesoft/js-client-oauth2/blob/master/src/client-oauth2.js#L418.

kirill-konshin commented 7 years ago

IC, since it's processed by requestOptions it will work as I've described. Closing.

devamora commented 7 years ago

Hi, is there no way to overwrite the grant_type? I see that this functions allows me to add custom properties but not overwrite some others like grant_type.

function requestOptions (requestOptions, options) {

  return extend(requestOptions, {
    body: extend(options.body, requestOptions.body),
    query: extend(options.query, requestOptions.query),
    headers: extend(options.headers, requestOptions.headers),
    transport: extend(options.transport, requestOptions.transport)
  })
}

I think it should be the opposite like:

body: extend(requestOptions.body, options.body)

blakeembrey commented 7 years ago

I didn't want it to be possible to override the explicit configuration from this module, but I suppose that could be changed to make it easier in cases where you need that. Can you share an example of where you'd want to override grant_type?

devamora commented 7 years ago

Maybe it something too specific, but we have 2 different types of user registration because we are migrating to one system to another step by step. So we are handling 2 different authentications and what we are doing is handling it using grant_type=password and grant_type=password2 to be able to apply some different logic in the backend.

For now, I've solved that using my own function for "grant_type=password2" and then creating the token object using "createToken" function and start using the same chain promises from this point.