PM-20532 - SendAccessToken Request WIP on payload processing.

libs/common/src/auth/models/request/identity-token/send-access-token.request.ts

@@ -1,43 +1,66 @@
 import { ClientType } from "../../../../enums";
-import { GrantTypes } from "../../../enums/grant-type.enum";
-import { Scopes } from "../../../enums/scopes.enum";
+import { GrantType, GrantTypes } from "../../../enums/grant-type.enum";
+import { Scope, Scopes } from "../../../enums/scopes.enum";
 
 import { DeviceRequest } from "./device.request";
-import { TokenRequest } from "./token.request";
 
-export class SendAccessTokenRequest extends TokenRequest {
+export type SendAccessTokenPasswordPayload = { password: string };
+export type SendAccessTokenEmailOtpPayload = { email: string; otp: string };
+// If truly anonymous, you get no extra fields:
+export type SendAccessTokenAnonymousPayload = object; // empty object
+
+export interface SendAccessTokenPayloadBase {
+  client_id: ClientType;
+  grant_type: GrantType;
+  scope: Scope;
+
+  send_id: string;
+
+  // TODO: ask if we need device information on server + device claims added in server validator
+  // device info
+  //   device_type: this.device.type,
+  //   device_identifier: this.device.identifier,
+  //   device_name: this.device.name,
+}
+
+// Payload is the base + only 1 set of 3 credentials.
+export type SendAccessTokenPayload = SendAccessTokenPayloadBase &
+  (
+    | SendAccessTokenPasswordPayload
+    | SendAccessTokenEmailOtpPayload
+    | SendAccessTokenAnonymousPayload
+  );
+
+export class SendAccessTokenRequest {
   constructor(
+    public clientId: ClientType,
     public sendId: string,
     public device: DeviceRequest,
 
     public password?: string,
 
     public email?: string,
-    public oneTimePassword?: string,
-  ) {
-    super(undefined, device);
-  }
+    public otp?: string,
+  ) {}
 
-  toIdentityToken(clientId: ClientType) {
-    // Super call handles setting up client id and device properties
-    const obj = super.toIdentityToken(clientId);
+  /**
+   * Builds the payload to send to /connect/token
+   */
+  toIdentityTokenPayload(): SendAccessTokenPayload {
+    const base: SendAccessTokenPayloadBase = {
+      client_id: this.clientId,
+      grant_type: GrantTypes.SendAccess,
+      scope: Scopes.Send,
 
-    obj.grant_type = GrantTypes.SendAccess;
-
-    // override base scopes
-    obj.scope = [Scopes.Send].join(" ");
-
-    // Add required and optional properties
-    obj.sendId = this.sendId;
+      send_id: this.sendId,
+    };
 
     if (this.password) {
-      obj.password = this.password;
+      return { ...base, password: this.password };
+    } else if (this.email && this.otp) {
+      return { ...base, email: this.email, otp: this.otp };
+    } else {
+      return base;
     }
-    if (this.email && this.oneTimePassword) {
-      obj.email = this.email;
-      obj.oneTimePassword = this.oneTimePassword;
-    }
-
-    return obj;
   }
 }

libs/common/src/auth/send-access/services/send-token-api.service.ts

@@ -1,3 +1,5 @@
+import { SendAccessTokenRequest } from "../../models/request/identity-token/send-access-token.request";
+
 export abstract class SendTokenApiService {
-  //   requestSendAccessToken: () => Promise<>;
+  abstract requestSendAccessToken: (request: SendAccessTokenRequest) => Promise<unknown>;
 }