mirror of
https://github.com/usebruno/bruno.git
synced 2026-07-02 17:08:32 +00:00
* feat: add tokenType support for OAuth2 * refactor: rename tokenType to source in OpenCollection OAuth2 mapping * refactor: rename tokenType to source in OAuth2 configuration * chore: bump @opencollection/types to ~0.8.0 * fix: correct OAuth2 token type label in token viewer * refactor: replace Dropdown with MenuDropdown in OAuth2 components Migrate all 12 dropdown instances across 5 OAuth2 auth components to use the MenuDropdown component, removing manual tippy ref management and forwardRef icon patterns in favor of a declarative items-based API.
186 lines
6.2 KiB
JSON
186 lines
6.2 KiB
JSON
{
|
|
"meta": {
|
|
"name": "OAuth2 Examples API",
|
|
"type": "http",
|
|
"seq": "1"
|
|
},
|
|
"http": {
|
|
"method": "post",
|
|
"url": "https://api.example.com/oauth/protected",
|
|
"body": "json",
|
|
"auth": "oauth2"
|
|
},
|
|
"headers": [
|
|
{
|
|
"name": "content-type",
|
|
"value": "application/json",
|
|
"enabled": true
|
|
}
|
|
],
|
|
"auth": {
|
|
"oauth2": {
|
|
"grantType": "authorization_code",
|
|
"callbackUrl": "https://api.example.com/oauth/callback",
|
|
"authorizationUrl": "https://oauth.example.com/authorize",
|
|
"accessTokenUrl": "https://oauth.example.com/token",
|
|
"refreshTokenUrl": "https://oauth.example.com/token",
|
|
"clientId": "my-client-id",
|
|
"clientSecret": "my-client-secret",
|
|
"scope": "read write",
|
|
"state": "",
|
|
"pkce": true,
|
|
"credentialsPlacement": "header",
|
|
"credentialsId": "authorization",
|
|
"tokenSource": "access_token",
|
|
"tokenPlacement": "header",
|
|
"tokenHeaderPrefix": "Bearer",
|
|
"tokenQueryKey": "access_token",
|
|
"autoFetchToken": true,
|
|
"autoRefreshToken": true
|
|
}
|
|
},
|
|
"body": {
|
|
"json": "{\n \"action\": \"test\",\n \"data\": {\n \"message\": \"Protected resource access\"\n }\n}"
|
|
},
|
|
"vars": {
|
|
"req": [
|
|
{
|
|
"name": "oauth_state",
|
|
"value": "{{$uuid}}",
|
|
"enabled": true,
|
|
"local": false
|
|
},
|
|
{
|
|
"name": "client_scopes",
|
|
"value": "read,write,admin",
|
|
"enabled": true,
|
|
"local": false
|
|
}
|
|
]
|
|
},
|
|
"script": {
|
|
"req": "const state = crypto.randomBytes(16).toString('hex');\nbru.setVar('oauth_state', state);\nbru.setVar('timestamp', Date.now());"
|
|
},
|
|
"tests": "test(\"Response should be 200\", function() {\n expect(res.getStatus()).to.eql(200);\n});\n\ntest(\"Should have user data in response\", function() {\n const body = res.getBody();\n expect(body.access_token).to.be.ok;\n});",
|
|
"examples": [
|
|
{
|
|
"name": "OAuth2 Protected Resource",
|
|
"description": "Example accessing resource protected with OAuth2 authorization code flow",
|
|
"request": {
|
|
"url": "https://api.example.com/oauth/protected",
|
|
"method": "post",
|
|
"body": {
|
|
"mode": "json",
|
|
"json": "{\n \"action\": \"fetch\",\n \"resource\": \"user_profile\"\n}"
|
|
},
|
|
"headers": [
|
|
{
|
|
"name": "authorization",
|
|
"value": "\"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9\",",
|
|
"enabled": true
|
|
},
|
|
{
|
|
"name": "content-type",
|
|
"value": "\"application/json\"",
|
|
"enabled": true
|
|
}
|
|
]
|
|
},
|
|
"response": {
|
|
"status": "200",
|
|
"statusText": "OK",
|
|
"body": {
|
|
"type": "json",
|
|
"content": "{\n \"user\": {\n \"id\": \"123\",\n \"name\": \"John Doe\",\n \"email\": \"john@example.com\",\n \"scopes\": [\"read\", \"write\"]\n },\n \"token\": {\n \"access_token\": \"access_token_abc123\",\n \"expires_in\": 3600,\n \"token_type\": \"Bearer\"\n }\n}"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"name": "OAuth2 Token Refresh",
|
|
"description": "Example demonstrating OAuth2 token refresh flow",
|
|
"request": {
|
|
"url": "https://api.example.com/oauth/token",
|
|
"method": "post",
|
|
"body": {
|
|
"mode": "json",
|
|
"json": "{\n \"grant_type\": \"refresh_token\",\n \"refresh_token\": \"refresh_token_xyz789\",\n \"client_id\": \"my-client-id\",\n \"client_secret\": \"my-client-secret\"\n}"
|
|
},
|
|
"headers": [
|
|
{
|
|
"name": "content-type",
|
|
"value": "\"application/json\",",
|
|
"enabled": true
|
|
},
|
|
{
|
|
"name": "accept",
|
|
"value": "\"application/json\"",
|
|
"enabled": true
|
|
}
|
|
]
|
|
},
|
|
"response": {
|
|
"status": "200",
|
|
"statusText": "OK",
|
|
"body": {
|
|
"type": "json",
|
|
"content": "{\n \"access_token\": \"new_access_token_def456\",\n \"refresh_token\": \"new_refresh_token_abc789\",\n \"expires_in\": 3600,\n \"token_type\": \"Bearer\",\n \"scope\": \"read write\"\n}"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"name": "OAuth2 Client Credentials",
|
|
"description": "Example using OAuth2 client credentials grant type",
|
|
"request": {
|
|
"url": "https://api.example.com/oauth/client-credentials",
|
|
"method": "post",
|
|
"body": {
|
|
"mode": "json",
|
|
"json": "{\n \"grant_type\": \"client_credentials\",\n \"client_id\": \"service-account\",\n \"client_secret\": \"service-secret-key\",\n \"scope\": \"admin\"\n}"
|
|
},
|
|
"headers": [
|
|
{
|
|
"name": "content-type",
|
|
"value": "\"application/json\"",
|
|
"enabled": true
|
|
}
|
|
]
|
|
},
|
|
"response": {
|
|
"status": "200",
|
|
"statusText": "OK",
|
|
"body": {
|
|
"type": "json",
|
|
"content": "{\n \"access_token\": \"service_access_token_123\",\n \"expires_in\": 7200,\n \"token_type\": \"Bearer\",\n \"scope\": \"admin\"\n}"
|
|
}
|
|
}
|
|
},
|
|
{
|
|
"name": "OAuth2 Password Grant",
|
|
"description": "Example using OAuth2 password grant (username/password)",
|
|
"request": {
|
|
"url": "https://api.example.com/oauth/password",
|
|
"method": "post",
|
|
"body": {
|
|
"mode": "json",
|
|
"json": "{\n \"grant_type\": \"password\",\n \"username\": \"user@example.com\",\n \"password\": \"SecurePass123!\",\n \"client_id\": \"mobile-app\",\n \"client_secret\": \"mobile-app-secret\"\n}"
|
|
},
|
|
"headers": [
|
|
{
|
|
"name": "content-type",
|
|
"value": "\"application/json\"",
|
|
"enabled": true
|
|
}
|
|
]
|
|
},
|
|
"response": {
|
|
"status": "200",
|
|
"statusText": "OK",
|
|
"body": {
|
|
"type": "json",
|
|
"content": "{\n \"access_token\": \"user_access_token_456\",\n \"refresh_token\": \"user_refresh_token_789\",\n \"expires_in\": 3600,\n \"token_type\": \"Bearer\"\n}"
|
|
}
|
|
}
|
|
}
|
|
],
|
|
"docs": "This collection demonstrates OAuth2 authentication flows.\nSupports authorization code, client credentials, and password grant types.\nExamples show token refresh and protected resource access."
|
|
} |