feat: x-tokenName OAuth extension support in OpenAPI 3.0 (#1489)

Shados · shockey · shockey · commit 06e69c9c9b48 · 2020-01-10T21:51:21.000-05:00
* Support x-tokenName extension in OpenAPI 3.0 specs

* `oauthToken` -&gt; `tokenValue`

Co-authored-by: kyle shockey &lt;kyleshockey@gmail.com&gt;
diff --git a/src/execute/oas3/build-request.js b/src/execute/oas3/build-request.js
@@ -159,14 +159,15 @@ export function applySecurities({request, securities = {}, operation = {}, spec}
         }
         else if (type === 'oauth2') {
           const token = auth.token || {}
-          const accessToken = token.access_token
+          const tokenName = schema['x-tokenName'] || 'access_token'
+          const tokenValue = token[tokenName]
           let tokenType = token.token_type
 
           if (!tokenType || tokenType.toLowerCase() === 'bearer') {
             tokenType = 'Bearer'
           }
 
-          result.headers.Authorization = `${tokenType} ${accessToken}`
+          result.headers.Authorization = `${tokenType} ${tokenValue}`
         }
       }
     }
diff --git a/test/oas3/execute/authorization.js b/test/oas3/execute/authorization.js
@@ -596,4 +596,50 @@ describe('Authorization - OpenAPI Specification 3.0', () => {
       }
     )
   })
+  test('should use a custom oAuth token name if defined', () => {
+    const spec = {
+      openapi: '3.0.0',
+      components: {
+        securitySchemes: {
+          myOAuth2Implicit: {
+            type: 'oauth2',
+            'x-tokenName': 'id_token'
+          }
+        }
+      },
+      paths: {
+        '/': {
+          get: {
+            operationId: 'myOperation',
+            security: [
+              {myOAuth2Implicit: []}
+            ]
+          }
+        }
+      }
+    }
+
+    const req = buildRequest({
+      spec,
+      operationId: 'myOperation',
+      securities: {
+        authorized: {
+          myOAuth2Implicit: {
+            token: {
+              access_token: 'otherTokenValue',
+              id_token: 'myTokenValue'
+            }
+          }
+        }
+      }
+    })
+    expect(req).toEqual({
+      method: 'GET',
+      url: '/',
+      credentials: 'same-origin',
+      headers: {
+        Authorization: 'Bearer myTokenValue'
+      },
+    })
+  })
 })

Original file line number	Diff line number	Diff line change
`@@ -159,14 +159,15 @@ export function applySecurities({request, securities = {}, operation = {}, spec}`
`159`	`159`	`}`
`160`	`160`	`else if (type === 'oauth2') {`
`161`	`161`	`const token = auth.token \|\| {}`
`162`		`- const accessToken = token.access_token`
	`162`	`+ const tokenName = schema['x-tokenName'] \|\| 'access_token'`
	`163`	`+ const tokenValue = token[tokenName]`
`163`	`164`	`let tokenType = token.token_type`
`164`	`165`
`165`	`166`	`if (!tokenType \|\| tokenType.toLowerCase() === 'bearer') {`
`166`	`167`	`tokenType = 'Bearer'`
`167`	`168`	`}`
`168`	`169`
`169`		- result.headers.Authorization = `${tokenType} ${accessToken}`
	`170`	+ result.headers.Authorization = `${tokenType} ${tokenValue}`
`170`	`171`	`}`
`171`	`172`	`}`
`172`	`173`	`}`