Feat: Support for Token Vault

[tanya732]

Changes

Allow Grant Type:
The client must be a private client to allow this type urn:auth0:params:oauth:grant-type:token-exchange:federated-connection-access-token

Expanded App Type Support:
Updated the Client interface’s app_type property to use a new ClientAppTypeEnum type.

ClientCreate Interface Updates:
Added new optional property: resource_server_identifier to link a client to a resource server.

ClientUpdateAppTypeEnum:
Added resource_server to the allowed app types for updating clients.

ResourceServer Interface Update:
Added optional property client_id to link a resource server to a client.

Manual Testing

install node-auth0 using npm install auth0

//Get DOMAIN, CLIENT_ID, CLIENT_SECRET from auth0 dashboard and create Management Client

const auth0 = new ManagementClient({
    domain: "<DOMAIN>",
    clientId: "<CLIENT_ID>",
    clientSecret: "<CLIENT_SECRET>"
});

// Create a Resource Server

  const createResourceServerPayload : ResourceServerCreate = {
    name: "My Resource Server",
    identifier: "https://test-token-vault.example.com/",
    scopes: [
      {
        value: "read:resource",
        description: "Read access to the resource"
      },
      {
        value: "write:resource",
        description: "Write access to the resource"
      }
    ]
  }

  const createResourceServer = await auth.resourceServers.create(createResourceServerPayload);
  console.log("createResourceServer", createResourceServer);

// resource_server_identifier property links a client to a resource server indicating that the client is that resource server. This property can be sent only when app_type=resource_server. This property can not be changed, once the client is created. 

// Link Client To ResourceServer

 const createClientPayload: ClientCreate = {
    name : "ForTestTokenVault",
    app_type : "resource_server",
    resource_server_identifier : "https://test-token-vault.example.com/"
  };

const createClient = await auth0.clients.create(createClientPayload);
console.log("createClient", createClient);

// Verify the link by fetching resource server

const getResourceServer = await auth0.resourceServers.get({ id: "<RS_ID>" })
console.log("getResourceServer", getResourceServer);

Testing

Please describe how this can be tested by reviewers. Be specific about anything not tested and reasons why. If this library has unit and/or integration testing, tests should be added for new functionality and existing tests should complete without errors.

• This change adds unit test coverage
• This change adds integration test coverage

Checklist

• I have read the Auth0 general contribution guidelines
• I have read the Auth0 Code of Conduct
• All existing and new tests complete without errors