Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat: OAuth2: Show details of both token request and user request in the Timeline #2253

Draft
wants to merge 17 commits into
base: main
Choose a base branch
from
Draft

Feat: OAuth2: Show details of both token request and user request in the Timeline #2253

wants to merge 17 commits into from

Conversation

pietrygamat
Copy link
Contributor

@pietrygamat pietrygamat commented May 6, 2024
edited

Description

This PR builds on top of both #2077 and #2164 . It enhances the timeline to show the details of both OAuth2 token request and user defined request.
This is done because:

When token request is executed, both requests are logged:
Screenshot from 2024-05-06 23-03-43

When using cached credentials (previously obtained access_token), only user request is shown:
Screenshot from 2024-05-06 23-19-15

Also, fixes #1933

@pietrygamat pietrygamat force-pushed the feature/inherit-oauth+basic-auth-client-credentials branch from 420c3cb to 0c1e1ab Compare May 7, 2024 18:00
Mateusz Pietryga and others added 17 commits May 7, 2024 20:03
@pietrygamat
OAuth2: Implement OAuth 2.0 Implicit Grant
8aca9c9 
usebruno#2056
@pietrygamat
OAuth2: Implement OAuth 2.0 Implicit Grant - Ignore redirect abortion…
2a18fab 
… emitted by loadUrl

 usebruno#2056
 usebruno#1959
@pietrygamat
Fix: OAuth2 auth is successful but token endpoint is returned instead…
cb19ff1 
… of api endpoint

Setting oauth2 authorization no longer equals overwriting user-specified data in a request. The pre-requests made to obtain oauth2 access_token are now separated from actual API request.

usebruno#1999
@pietrygamat
Store OAuth2 authorization information
1a8d66f 
Results of oauth2 authorization flow (i.e. access_token but also refresh_token, id_token, scope or any other information returned from token request) are stored in a collection specific cache. It is persisted in the file system, and will be automatically reused when executing requests until the cache is purged (using Clear Cache button available in all related views).
@pietrygamat
OAuth2: Include resolved authorization details in req object to be us…
5cb6b3e 
…able by scripts

The new variable 'credentials' is now available in 'req' object. It is added automatically during request preparation if oauth2 method is used and is value is either evaluated or retrieved from collection oauth2 cache.
@pietrygamat
Do not make axios request when executing collection level Get Access …
1bed904 
…Token action

The actual the authorization request is now part of request preparation, and its response is returned for post-request script processing.
@pietrygamat
OAuth2: automatically handle Bearer token type only
bf9e6dd 
According to RFC6749 Section 7.1, The client MUST NOT use an access token
if it does not understand the token type.
At this point bruno only understands 'bearer' token_type.
@pietrygamat
Fix typo: rename OAuth2PasswordCredentials component
18a94aa
@pietrygamat
Fix typo: Use the same name for AuthMode - OAuth 2.0 in collection an…
b781feb 
…d request level
@pietrygamat
Feat: UI for OAuth2 Credentials independent of the Request Output pane
c294cc4
@pietrygamat
Fix: OAuth2: Supported at the request level, but not at the collectio…
733ed88 
…n level

usebruno#1704
@pietrygamat
feat: OAuth 2.0 Client Credentials as Basic Auth - bru data model
283fd9a 
usebruno#2106
@pietrygamat
feat: OAuth 2.0 Client Credentials as Basic Auth - request logic
82ab932 
usebruno#2106
@pietrygamat
feat: OAuth 2.0 Client Credentials as Basic Auth - user interface
5a153fc 
usebruno#2106
@pietrygamat
feat: OAuth 2.0 Client Credentials as Basic Auth - update test data
b32377d 
usebruno#2106
@pietrygamat
feat: OAuth2: display token request and response details on the timeline
519bfff
@pietrygamat
Fix: OAuth 2.0 Grant Type Authorization: "invalid_client" error / URL…
edd0088 
… Encode of Client ID
@pietrygamat pietrygamat force-pushed the feature/inherit-oauth+basic-auth-client-credentials branch from 0c1e1ab to edd0088 Compare May 7, 2024 18:03
@pietrygamat pietrygamat mentioned this pull request May 8, 2024
Open
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Oauth2.0 - client Credentials -> Get Access Token =>not good URL?
1 participant
@pietrygamat