From 366a54f6302589def1224ea48d0959955d06ee7b Mon Sep 17 00:00:00 2001
From: Paul Johnson <pmj+github@ologn.co.uk>
Date: Mon, 9 Aug 2021 23:30:32 +0100
Subject: [PATCH] Allow optional specification of Origin header for Auth Code
 flow + PKCE (#3783)

Co-authored-by: Opender Singh <opender.singh@konghq.com>
---
 .../insomnia-app/app/network/o-auth-2/get-token.ts   |  2 ++
 .../app/network/o-auth-2/grant-authorization-code.ts |  7 +++++++
 .../app/network/o-auth-2/refresh-token.ts            |  5 +++++
 .../app/ui/components/editors/auth/o-auth-2-auth.tsx | 12 +++++++++++-
 4 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/packages/insomnia-app/app/network/o-auth-2/get-token.ts b/packages/insomnia-app/app/network/o-auth-2/get-token.ts
index df7f4016a..d9602911b 100644
--- a/packages/insomnia-app/app/network/o-auth-2/get-token.ts
+++ b/packages/insomnia-app/app/network/o-auth-2/get-token.ts
@@ -71,6 +71,7 @@ async function _getOAuth2AuthorizationCodeHeader(
     authentication.resource,
     authentication.usePkce,
     authentication.pkceMethod,
+    authentication.origin,
   );
   return _updateOAuth2Token(requestId, results);
 }
@@ -190,6 +191,7 @@ async function _getAccessToken(
     authentication.clientSecret,
     token.refreshToken,
     authentication.scope,
+    authentication.origin,
   );
 
   // If we didn't receive an access token it means the refresh token didn't succeed,
diff --git a/packages/insomnia-app/app/network/o-auth-2/grant-authorization-code.ts b/packages/insomnia-app/app/network/o-auth-2/grant-authorization-code.ts
index 458845e3f..39003d0d1 100644
--- a/packages/insomnia-app/app/network/o-auth-2/grant-authorization-code.ts
+++ b/packages/insomnia-app/app/network/o-auth-2/grant-authorization-code.ts
@@ -23,6 +23,7 @@ export default async function(
   resource = '',
   usePkce = false,
   pkceMethod = c.PKCE_CHALLENGE_S256,
+  origin = '',
 ): Promise<Record<string, any>> {
   if (!authorizeUrl) {
     throw new Error('Invalid authorization URL');
@@ -80,6 +81,7 @@ export default async function(
     audience,
     resource,
     codeVerifier,
+    origin,
   );
 }
 
@@ -171,6 +173,7 @@ async function _getToken(
   audience = '',
   resource = '',
   codeVerifier = '',
+  origin = '',
 ): Promise<Record<string, any>> {
   const params = [
     {
@@ -232,6 +235,10 @@ async function _getToken(
     headers.push(getBasicAuthHeader(clientId, clientSecret));
   }
 
+  if (origin) {
+    headers.push({ name: 'Origin', value: origin });
+  }
+
   const responsePatch = await sendWithSettings(requestId, {
     headers,
     url,
diff --git a/packages/insomnia-app/app/network/o-auth-2/refresh-token.ts b/packages/insomnia-app/app/network/o-auth-2/refresh-token.ts
index 7c8cafc78..9b5e6da24 100644
--- a/packages/insomnia-app/app/network/o-auth-2/refresh-token.ts
+++ b/packages/insomnia-app/app/network/o-auth-2/refresh-token.ts
@@ -14,6 +14,7 @@ export default async function(
   clientSecret: string,
   refreshToken: string,
   scope: string,
+  origin: string,
 ): Promise<Record<string, any>> {
   const params = [
     {
@@ -55,6 +56,10 @@ export default async function(
     headers.push(getBasicAuthHeader(clientId, clientSecret));
   }
 
+  if (origin) {
+    headers.push({ name: 'Origin', value: origin });
+  }
+
   const url = setDefaultProtocol(accessTokenUrl);
   const response = await sendWithSettings(requestId, {
     headers,
diff --git a/packages/insomnia-app/app/ui/components/editors/auth/o-auth-2-auth.tsx b/packages/insomnia-app/app/ui/components/editors/auth/o-auth-2-auth.tsx
index d8f3129dd..dc6a01277 100644
--- a/packages/insomnia-app/app/ui/components/editors/auth/o-auth-2-auth.tsx
+++ b/packages/insomnia-app/app/ui/components/editors/auth/o-auth-2-auth.tsx
@@ -241,6 +241,10 @@ class OAuth2Auth extends PureComponent<Props, State> {
     this._handleChangeProperty('resource', value);
   }
 
+  _handleChangeOrigin(value: string) {
+    this._handleChangeProperty('origin', value);
+  }
+
   _handleChangeGrantType(e: React.SyntheticEvent<HTMLInputElement>) {
     this._handleChangeProperty('grantType', e.currentTarget.value);
   }
@@ -497,6 +501,12 @@ class OAuth2Auth extends PureComponent<Props, State> {
       this._handleChangeResource,
       'Indicate what resource to access',
     );
+    const origin = this.renderInputRow(
+      'Origin',
+      'origin',
+      this._handleChangeOrigin,
+      'Specify Origin header when CORS is required for oauth endpoints',
+    );
     const credentialsInBody = this.renderSelectRow(
       'Credentials',
       'credentialsInBody',
@@ -527,7 +537,7 @@ class OAuth2Auth extends PureComponent<Props, State> {
         enabled,
       ];
 
-      advancedFields = [scope, state, credentialsInBody, tokenPrefix, audience, resource];
+      advancedFields = [scope, state, credentialsInBody, tokenPrefix, audience, resource, origin];
     } else if (grantType === GRANT_TYPE_CLIENT_CREDENTIALS) {
       basicFields = [accessTokenUrl, clientId, clientSecret, enabled];
       advancedFields = [scope, credentialsInBody, tokenPrefix, audience, resource];