insomnia/packages/insomnia-app/app/network/o-auth-2/refresh-token.ts

import { setDefaultProtocol } from 'insomnia-url';

import * as models from '../../models/index';
import { getBasicAuthHeader } from '../basic-auth/get-header';
import { sendWithSettings } from '../network';
import * as c from './constants';
import { responseToObject } from './misc';

export default async function(
  requestId: string,
  accessTokenUrl: string,
  credentialsInBody: boolean,
  clientId: string,
  clientSecret: string,
  refreshToken: string,
  scope: string,
  origin: string,
): Promise<Record<string, any>> {
  const params = [
    {
      name: c.P_GRANT_TYPE,
      value: c.GRANT_TYPE_REFRESH,
    },
    {
      name: c.P_REFRESH_TOKEN,
      value: refreshToken,
    },
  ];
  // Add optional params
  scope &&
    params.push({
      name: c.P_SCOPE,
      value: scope,
    });
  const headers = [
    {
      name: 'Content-Type',
      value: 'application/x-www-form-urlencoded',
    },
    {
      name: 'Accept',
      value: 'application/x-www-form-urlencoded, application/json',
    },
  ];

  if (credentialsInBody) {
    params.push({
      name: c.P_CLIENT_ID,
      value: clientId,
    });
    params.push({
      name: c.P_CLIENT_SECRET,
      value: clientSecret,
    });
  } else {
    headers.push(getBasicAuthHeader(clientId, clientSecret));
  }

  if (origin) {
    headers.push({ name: 'Origin', value: origin });
  }

  const url = setDefaultProtocol(accessTokenUrl);
  const response = await sendWithSettings(requestId, {
    headers,
    url,
    method: 'POST',
    body: models.request.newBodyFormUrlEncoded(params),
  });
  const statusCode = response.statusCode || 0;
  const bodyBuffer = models.response.getBodyBuffer(response);

  if (statusCode === 401) {
    // If the refresh token was rejected due an unauthorized request, we will
    // return a null access_token to trigger an authentication request to fetch
    // brand new refresh and access tokens.
    return responseToObject(null, [c.P_ACCESS_TOKEN]);
  } else if (statusCode < 200 || statusCode >= 300) {
    if (bodyBuffer && statusCode === 400) {
      const response = responseToObject(bodyBuffer.toString(), [c.P_ERROR, c.P_ERROR_DESCRIPTION]);

      // If the refresh token was rejected due an oauth2 invalid_grant error, we will
      // return a null access_token to trigger an authentication request to fetch
      // brand new refresh and access tokens.
      if (response[c.P_ERROR] === 'invalid_grant') {
        return responseToObject(null, [c.P_ACCESS_TOKEN]);
      }
    }

    throw new Error(`[oauth2] Failed to refresh token url=${url} status=${statusCode}`);
  }

  if (!bodyBuffer) {
    throw new Error(`[oauth2] No body returned from ${url}`);
  }

  return responseToObject(
    bodyBuffer.toString(),
    [
      c.P_ACCESS_TOKEN,
      c.P_ID_TOKEN,
      c.P_REFRESH_TOKEN,
      c.P_EXPIRES_IN,
      c.P_TOKEN_TYPE,
      c.P_SCOPE,
      c.P_ERROR,
      c.P_ERROR_URI,
      c.P_ERROR_DESCRIPTION,
    ],
    {
      // Refresh token is optional, so we'll default it to the existing value
      [c.P_REFRESH_TOKEN]: refreshToken,
    },
  );
}
Add Prettier 2018-06-25 17:42:50 +00:00			`import { setDefaultProtocol } from 'insomnia-url';`
Feat/eslint import order (#3782) 2021-07-22 23:04:56 +00:00
Use Insomnia network stack for OAuth 2.0 requests (#582) * Use Insomnia network stack for OAuth 2.0 requests * Fix zombie docs 2017-11-10 10:50:39 +00:00			`import * as models from '../../models/index';`
Add Prettier 2018-06-25 17:42:50 +00:00			`import { getBasicAuthHeader } from '../basic-auth/get-header';`
Feat/eslint import order (#3782) 2021-07-22 23:04:56 +00:00			`import { sendWithSettings } from '../network';`
			`import * as c from './constants';`
			`import { responseToObject } from './misc';`
Use Insomnia network stack for OAuth 2.0 requests (#582) * Use Insomnia network stack for OAuth 2.0 requests * Fix zombie docs 2017-11-10 10:50:39 +00:00
Add Prettier 2018-06-25 17:42:50 +00:00			`export default async function(`
Use Insomnia network stack for OAuth 2.0 requests (#582) * Use Insomnia network stack for OAuth 2.0 requests * Fix zombie docs 2017-11-10 10:50:39 +00:00			`requestId: string,`
			`accessTokenUrl: string,`
			`credentialsInBody: boolean,`
			`clientId: string,`
			`clientSecret: string,`
			`refreshToken: string,`
Add trailing commas to ESLint + Prettier 2018-12-12 17:36:11 +00:00			`scope: string,`
Allow optional specification of Origin header for Auth Code flow + PKCE (#3783) Co-authored-by: Opender Singh <opender.singh@konghq.com> 2021-08-09 22:30:32 +00:00			`origin: string,`
[TypeScript] Phase 1 & 2 (#3370) Co-authored-by: Opender Singh <opender.singh@konghq.com> 2021-05-12 06:35:00 +00:00			`): Promise<Record<string, any>> {`
First-Party OAuth 2.0 Support (#120) * Proof of concept authorize call * Authorize and Refresh endpoints done * OAuth2 editor started * Some small fixes * Set OAuth headers on request * Started on some OAuth tests * Updated network logic with new OAuth API * OAuth forms and refactor flows * Fix grant type handling * Moved auth handling out of render pipeline * Fixed legacy auth header * Fix vertical center * Prompt user on auth type change * Refresh tokens working (I think) and better UI * Catch same type auth change * POC refresh token and small refactor * Better token handling * LOading state to token refresh * Show o-auth-2 errors * Some minor updates 2017-03-23 22:10:42 +00:00			`const params = [`
[TypeScript] Phase 1 & 2 (#3370) Co-authored-by: Opender Singh <opender.singh@konghq.com> 2021-05-12 06:35:00 +00:00			`{`
			`name: c.P_GRANT_TYPE,`
			`value: c.GRANT_TYPE_REFRESH,`
			`},`
			`{`
			`name: c.P_REFRESH_TOKEN,`
			`value: refreshToken,`
			`},`
First-Party OAuth 2.0 Support (#120) * Proof of concept authorize call * Authorize and Refresh endpoints done * OAuth2 editor started * Some small fixes * Set OAuth headers on request * Started on some OAuth tests * Updated network logic with new OAuth API * OAuth forms and refactor flows * Fix grant type handling * Moved auth handling out of render pipeline * Fixed legacy auth header * Fix vertical center * Prompt user on auth type change * Refresh tokens working (I think) and better UI * Catch same type auth change * POC refresh token and small refactor * Better token handling * LOading state to token refresh * Show o-auth-2 errors * Some minor updates 2017-03-23 22:10:42 +00:00			`];`
			`// Add optional params`
[TypeScript] Phase 1 & 2 (#3370) Co-authored-by: Opender Singh <opender.singh@konghq.com> 2021-05-12 06:35:00 +00:00			`scope &&`
			`params.push({`
			`name: c.P_SCOPE,`
			`value: scope,`
			`});`
Use Insomnia network stack for OAuth 2.0 requests (#582) * Use Insomnia network stack for OAuth 2.0 requests * Fix zombie docs 2017-11-10 10:50:39 +00:00			`const headers = [`
[TypeScript] Phase 1 & 2 (#3370) Co-authored-by: Opender Singh <opender.singh@konghq.com> 2021-05-12 06:35:00 +00:00			`{`
			`name: 'Content-Type',`
			`value: 'application/x-www-form-urlencoded',`
			`},`
Add Prettier 2018-06-25 17:42:50 +00:00			`{`
			`name: 'Accept',`
Add trailing commas to ESLint + Prettier 2018-12-12 17:36:11 +00:00			`value: 'application/x-www-form-urlencoded, application/json',`
			`},`
Use Insomnia network stack for OAuth 2.0 requests (#582) * Use Insomnia network stack for OAuth 2.0 requests * Fix zombie docs 2017-11-10 10:50:39 +00:00			`];`
First-Party OAuth 2.0 Support (#120) * Proof of concept authorize call * Authorize and Refresh endpoints done * OAuth2 editor started * Some small fixes * Set OAuth headers on request * Started on some OAuth tests * Updated network logic with new OAuth API * OAuth forms and refactor flows * Fix grant type handling * Moved auth handling out of render pipeline * Fixed legacy auth header * Fix vertical center * Prompt user on auth type change * Refresh tokens working (I think) and better UI * Catch same type auth change * POC refresh token and small refactor * Better token handling * LOading state to token refresh * Show o-auth-2 errors * Some minor updates 2017-03-23 22:10:42 +00:00
			`if (credentialsInBody) {`
[TypeScript] Phase 1 & 2 (#3370) Co-authored-by: Opender Singh <opender.singh@konghq.com> 2021-05-12 06:35:00 +00:00			`params.push({`
			`name: c.P_CLIENT_ID,`
			`value: clientId,`
			`});`
			`params.push({`
			`name: c.P_CLIENT_SECRET,`
			`value: clientSecret,`
			`});`
First-Party OAuth 2.0 Support (#120) * Proof of concept authorize call * Authorize and Refresh endpoints done * OAuth2 editor started * Some small fixes * Set OAuth headers on request * Started on some OAuth tests * Updated network logic with new OAuth API * OAuth forms and refactor flows * Fix grant type handling * Moved auth handling out of render pipeline * Fixed legacy auth header * Fix vertical center * Prompt user on auth type change * Refresh tokens working (I think) and better UI * Catch same type auth change * POC refresh token and small refactor * Better token handling * LOading state to token refresh * Show o-auth-2 errors * Some minor updates 2017-03-23 22:10:42 +00:00			`} else {`
Use Insomnia network stack for OAuth 2.0 requests (#582) * Use Insomnia network stack for OAuth 2.0 requests * Fix zombie docs 2017-11-10 10:50:39 +00:00			`headers.push(getBasicAuthHeader(clientId, clientSecret));`
First-Party OAuth 2.0 Support (#120) * Proof of concept authorize call * Authorize and Refresh endpoints done * OAuth2 editor started * Some small fixes * Set OAuth headers on request * Started on some OAuth tests * Updated network logic with new OAuth API * OAuth forms and refactor flows * Fix grant type handling * Moved auth handling out of render pipeline * Fixed legacy auth header * Fix vertical center * Prompt user on auth type change * Refresh tokens working (I think) and better UI * Catch same type auth change * POC refresh token and small refactor * Better token handling * LOading state to token refresh * Show o-auth-2 errors * Some minor updates 2017-03-23 22:10:42 +00:00			`}`

Allow optional specification of Origin header for Auth Code flow + PKCE (#3783) Co-authored-by: Opender Singh <opender.singh@konghq.com> 2021-08-09 22:30:32 +00:00			`if (origin) {`
			`headers.push({ name: 'Origin', value: origin });`
			`}`

Use Insomnia network stack for OAuth 2.0 requests (#582) * Use Insomnia network stack for OAuth 2.0 requests * Fix zombie docs 2017-11-10 10:50:39 +00:00			`const url = setDefaultProtocol(accessTokenUrl);`
Fix/large response body handling (#614) * Basic fix in place * Use curlopt_writefunction * Fix tests 2017-11-21 17:49:17 +00:00			`const response = await sendWithSettings(requestId, {`
Use Insomnia network stack for OAuth 2.0 requests (#582) * Use Insomnia network stack for OAuth 2.0 requests * Fix zombie docs 2017-11-10 10:50:39 +00:00			`headers,`
			`url,`
First-Party OAuth 2.0 Support (#120) * Proof of concept authorize call * Authorize and Refresh endpoints done * OAuth2 editor started * Some small fixes * Set OAuth headers on request * Started on some OAuth tests * Updated network logic with new OAuth API * OAuth forms and refactor flows * Fix grant type handling * Moved auth handling out of render pipeline * Fixed legacy auth header * Fix vertical center * Prompt user on auth type change * Refresh tokens working (I think) and better UI * Catch same type auth change * POC refresh token and small refactor * Better token handling * LOading state to token refresh * Show o-auth-2 errors * Some minor updates 2017-03-23 22:10:42 +00:00			`method: 'POST',`
Add trailing commas to ESLint + Prettier 2018-12-12 17:36:11 +00:00			`body: models.request.newBodyFormUrlEncoded(params),`
Use Insomnia network stack for OAuth 2.0 requests (#582) * Use Insomnia network stack for OAuth 2.0 requests * Fix zombie docs 2017-11-10 10:50:39 +00:00			`});`
Upgrade Electron Builder (#498) * Upgrade electron-builder * Fix optional dep * Add another dep * Fix travis * Fix 7zip install * Fix icons * Minor fix * Delete changelog * Moved build scripts to JS * Some adjustments * Remove lines * Add 7zip back * Update scripts * Small tweaks * Fix electronbuilder config * snap dependency * Fix pkg * Remove snapd dep * Updated deps and lots of fixes * Travis update * Return package name * Remove snap for now * Remove portable * Try fixing code signing * Bump cache * Disable automatic tests * Fix windows artifacts * package-lock for app/ * Try fix npm install * Try again * Some minor tweaks * Preleases by default 2017-11-20 16:07:36 +00:00			`const statusCode = response.statusCode \|\| 0;`
Fetch new access tokens if refreshing token returns "invalid_grant" (#1729) 2019-10-31 15:58:58 +00:00			`const bodyBuffer = models.response.getBodyBuffer(response);`
Fetch new access and refresh tokens when refresh fails (#1338) * Fetch new access and refresh tokens when refresh fails * Fix typo 2019-01-21 16:38:44 +00:00
			`if (statusCode === 401) {`
			`// If the refresh token was rejected due an unauthorized request, we will`
			`// return a null access_token to trigger an authentication request to fetch`
			`// brand new refresh and access tokens.`
			`return responseToObject(null, [c.P_ACCESS_TOKEN]);`
			`} else if (statusCode < 200 \|\| statusCode >= 300) {`
Fetch new access tokens if refreshing token returns "invalid_grant" (#1729) 2019-10-31 15:58:58 +00:00			`if (bodyBuffer && statusCode === 400) {`
			`const response = responseToObject(bodyBuffer.toString(), [c.P_ERROR, c.P_ERROR_DESCRIPTION]);`

			`// If the refresh token was rejected due an oauth2 invalid_grant error, we will`
			`// return a null access_token to trigger an authentication request to fetch`
			`// brand new refresh and access tokens.`
			`if (response[c.P_ERROR] === 'invalid_grant') {`
			`return responseToObject(null, [c.P_ACCESS_TOKEN]);`
			`}`
			`}`

prettier entire project 2018-10-17 16:42:33 +00:00			throw new Error(`[oauth2] Failed to refresh token url=${url} status=${statusCode}`);
Upgrade Electron Builder (#498) * Upgrade electron-builder * Fix optional dep * Add another dep * Fix travis * Fix 7zip install * Fix icons * Minor fix * Delete changelog * Moved build scripts to JS * Some adjustments * Remove lines * Add 7zip back * Update scripts * Small tweaks * Fix electronbuilder config * snap dependency * Fix pkg * Remove snapd dep * Updated deps and lots of fixes * Travis update * Return package name * Remove snap for now * Remove portable * Try fixing code signing * Bump cache * Disable automatic tests * Fix windows artifacts * package-lock for app/ * Try fix npm install * Try again * Some minor tweaks * Preleases by default 2017-11-20 16:07:36 +00:00			`}`

			`if (!bodyBuffer) {`
			throw new Error(`[oauth2] No body returned from ${url}`);
Use Insomnia network stack for OAuth 2.0 requests (#582) * Use Insomnia network stack for OAuth 2.0 requests * Fix zombie docs 2017-11-10 10:50:39 +00:00			`}`
Fixed OAuth 2.0 Refresh Token (#346) 2017-07-05 21:08:57 +00:00
Keep OAuth 2.0 refresh token if a new one is not returned (Fixes #1492) 2019-05-10 01:44:22 +00:00			`return responseToObject(`
			`bodyBuffer.toString(),`
			`[`
			`c.P_ACCESS_TOKEN,`
Expose identity token for oauth2 (#3211) 2021-04-05 17:03:34 +00:00			`c.P_ID_TOKEN,`
Keep OAuth 2.0 refresh token if a new one is not returned (Fixes #1492) 2019-05-10 01:44:22 +00:00			`c.P_REFRESH_TOKEN,`
			`c.P_EXPIRES_IN,`
			`c.P_TOKEN_TYPE,`
			`c.P_SCOPE,`
			`c.P_ERROR,`
			`c.P_ERROR_URI,`
			`c.P_ERROR_DESCRIPTION,`
			`],`
			`{`
			`// Refresh token is optional, so we'll default it to the existing value`
			`[c.P_REFRESH_TOKEN]: refreshToken,`
			`},`
			`);`
First-Party OAuth 2.0 Support (#120) * Proof of concept authorize call * Authorize and Refresh endpoints done * OAuth2 editor started * Some small fixes * Set OAuth headers on request * Started on some OAuth tests * Updated network logic with new OAuth API * OAuth forms and refactor flows * Fix grant type handling * Moved auth handling out of render pipeline * Fixed legacy auth header * Fix vertical center * Prompt user on auth type change * Refresh tokens working (I think) and better UI * Catch same type auth change * POC refresh token and small refactor * Better token handling * LOading state to token refresh * Show o-auth-2 errors * Some minor updates 2017-03-23 22:10:42 +00:00			`}`