Implement User-based API Keys (#197)

* Added support for authenticating with an API key * added api service methods for user api keys * fixed a copy/pasted api endpoint url * Let toIdentityToken() use a a prestored client_id in place of the application client_id if one exists * Allowed for api key auth in the cli * Removed some commented out code commited for apiKey auth * Cleanup for ApiKey auth in the CLI * Removed cli prefix from client_crendential auth types * Removed ClientPrefix conditional from decoded token getters * Update src/services/api.service.ts Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com> * formatting * changed command from login --apiKey to login --apikey Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
2025-12-19 01:33:33 +00:00 · 2020-11-10 15:15:40 -05:00
parent 9aa3cbf73d
commit 79b856cb6e
7 changed files with 124 additions and 24 deletions
--- a/src/models/request/tokenRequest.ts
+++ b/src/models/request/tokenRequest.ts
@@ -8,12 +8,14 @@ export class TokenRequest {
    code: string;
    codeVerifier: string;
    redirectUri: string;
+    clientId: string;
+    clientSecret: string;
    token: string;
    provider: TwoFactorProviderType;
    remember: boolean;
    device?: DeviceRequest;

-    constructor(credentials: string[], codes: string[], provider: TwoFactorProviderType,
+    constructor(credentials: string[], codes: string[], clientIdClientSecret: string[], provider: TwoFactorProviderType,
        token: string, remember: boolean, device?: DeviceRequest) {
        if (credentials != null && credentials.length > 1) {
            this.email = credentials[0];
@@ -22,6 +24,9 @@ export class TokenRequest {
            this.code = codes[0];
            this.codeVerifier = codes[1];
            this.redirectUri = codes[2];
+        } else if (clientIdClientSecret != null && clientIdClientSecret.length > 1) {
+            this.clientId = clientIdClientSecret[0]
+            this.clientSecret = clientIdClientSecret[1]
        }
        this.token = token;
        this.provider = provider;
@@ -35,7 +40,11 @@ export class TokenRequest {
            client_id: clientId,
        };

-        if (this.masterPasswordHash != null && this.email != null) {
+        if (this.clientSecret != null) {
+            obj.scope = 'api';
+            obj.grant_type = 'client_credentials';
+            obj.client_secret = this.clientSecret;
+        } else if (this.masterPasswordHash != null && this.email != null) {
            obj.grant_type = 'password';
            obj.username = this.email;
            obj.password = this.masterPasswordHash;