rayan/bruno
1
0
Fork 0
mirror of https://github.com/usebruno/bruno.git synced 2026-06-25 21:55:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: client id placement issue (#5348)

Browse Source
This commit is contained in:
naman-bruno
2025-08-19 14:21:00 +05:30
committed by GitHub
parent b804ff6dfd
commit 060c613aa1
1 changed files with 20 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
packages/bruno-electron/src/utils/oauth2.js
View File

@@ -251,14 +251,16 @@ const getOAuth2TokenUsingAuthorizationCode = async ({ request, collectionUid, fo
'Accept': 'application/json',
};
if (credentialsPlacement === "basic_auth_header") {
axiosRequestConfig.headers['Authorization'] = `Basic ${Buffer.from(`${clientId}:${clientSecret}`).toString('base64')}`;
axiosRequestConfig.headers['Authorization'] = `Basic ${Buffer.from(`${encodeURIComponent(clientId)}:${encodeURIComponent(clientSecret)}`).toString('base64')}`;
}
const data = {
grant_type: 'authorization_code',
code: authorizationCode,
redirect_uri: callbackUrl,
client_id: clientId,
};
if (credentialsPlacement !== "basic_auth_header") {
data.client_id = clientId;
}
if (clientSecret && clientSecret.trim() !== '' && credentialsPlacement !== "basic_auth_header") {
data.client_secret = clientSecret;
}
@@ -417,12 +419,14 @@ const getOAuth2TokenUsingClientCredentials = async ({ request, collectionUid, fo
'Accept': 'application/json',
};
if (credentialsPlacement === "basic_auth_header" && clientSecret && clientSecret.trim() !== '') {
axiosRequestConfig.headers['Authorization'] = `Basic ${Buffer.from(`${clientId}:${clientSecret}`).toString('base64')}`;
axiosRequestConfig.headers['Authorization'] = `Basic ${Buffer.from(`${encodeURIComponent(clientId)}:${encodeURIComponent(clientSecret)}`).toString('base64')}`;
}
const data = {
grant_type: 'client_credentials',
client_id: clientId,
};
if (credentialsPlacement !== "basic_auth_header") {
data.client_id = clientId;
}
if (clientSecret && clientSecret.trim() !== '' && credentialsPlacement !== "basic_auth_header") {
data.client_secret = clientSecret;
}
@@ -558,14 +562,16 @@ const getOAuth2TokenUsingPasswordCredentials = async ({ request, collectionUid,
'Accept': 'application/json',
};
if (credentialsPlacement === "basic_auth_header" && clientSecret && clientSecret.trim() !== '') {
axiosRequestConfig.headers['Authorization'] = `Basic ${Buffer.from(`${clientId}:${clientSecret}`).toString('base64')}`;
axiosRequestConfig.headers['Authorization'] = `Basic ${Buffer.from(`${encodeURIComponent(clientId)}:${encodeURIComponent(clientSecret)}`).toString('base64')}`;
}
const data = {
grant_type: 'password',
username,
password,
client_id: clientId,
};
if (credentialsPlacement !== "basic_auth_header") {
data.client_id = clientId;
}
if (clientSecret && clientSecret.trim() !== '' && credentialsPlacement !== "basic_auth_header") {
data.client_secret = clientSecret;
}
@@ -588,7 +594,7 @@ const getOAuth2TokenUsingPasswordCredentials = async ({ request, collectionUid,
const refreshOauth2Token = async ({ requestCopy, collectionUid, certsAndProxyConfig }) => {
const oAuth = get(requestCopy, 'oauth2', {});
const { clientId, clientSecret, credentialsId } = oAuth;
const { clientId, clientSecret, credentialsId, credentialsPlacement } = oAuth;
const url = oAuth.refreshTokenUrl ? oAuth.refreshTokenUrl : oAuth.accessTokenUrl;
const credentials = getStoredOauth2Credentials({ collectionUid, url, credentialsId });
@@ -599,10 +605,12 @@ const refreshOauth2Token = async ({ requestCopy, collectionUid, certsAndProxyCon
} else {
const data = {
grant_type: 'refresh_token',
client_id: clientId,
refresh_token: credentials.refresh_token,
};
if (clientSecret && clientSecret.trim() !== '') {
if (credentialsPlacement !== "basic_auth_header") {
data.client_id = clientId;
}
if (clientSecret && clientSecret.trim() !== '' && credentialsPlacement !== "basic_auth_header") {
data.client_secret = clientSecret;
}
let axiosRequestConfig = {};
@@ -611,6 +619,9 @@ const refreshOauth2Token = async ({ requestCopy, collectionUid, certsAndProxyCon
'content-type': 'application/x-www-form-urlencoded',
'Accept': 'application/json'
};
if (credentialsPlacement === "basic_auth_header") {
axiosRequestConfig.headers['Authorization'] = `Basic ${Buffer.from(`${encodeURIComponent(clientId)}:${encodeURIComponent(clientSecret)}`).toString('base64')}`;
}
axiosRequestConfig.data = qs.stringify(data);
axiosRequestConfig.url = url;
axiosRequestConfig.responseType = 'arraybuffer';