From 98371dd36fd980b3f318fa1ae1d44d431b290714 Mon Sep 17 00:00:00 2001 From: Jared Snider Date: Sun, 18 May 2025 16:02:13 -0400 Subject: [PATCH] PM-20532 - SendAccessToken Request WIP on payload processing. --- .../send-access-token.request.ts | 73 ++++++++++++------- .../services/send-token-api.service.ts | 4 +- 2 files changed, 51 insertions(+), 26 deletions(-) diff --git a/libs/common/src/auth/models/request/identity-token/send-access-token.request.ts b/libs/common/src/auth/models/request/identity-token/send-access-token.request.ts index 92a18564d74..ecefdb73f43 100644 --- a/libs/common/src/auth/models/request/identity-token/send-access-token.request.ts +++ b/libs/common/src/auth/models/request/identity-token/send-access-token.request.ts @@ -1,43 +1,66 @@ import { ClientType } from "../../../../enums"; -import { GrantTypes } from "../../../enums/grant-type.enum"; -import { Scopes } from "../../../enums/scopes.enum"; +import { GrantType, GrantTypes } from "../../../enums/grant-type.enum"; +import { Scope, Scopes } from "../../../enums/scopes.enum"; import { DeviceRequest } from "./device.request"; -import { TokenRequest } from "./token.request"; -export class SendAccessTokenRequest extends TokenRequest { +export type SendAccessTokenPasswordPayload = { password: string }; +export type SendAccessTokenEmailOtpPayload = { email: string; otp: string }; +// If truly anonymous, you get no extra fields: +export type SendAccessTokenAnonymousPayload = object; // empty object + +export interface SendAccessTokenPayloadBase { + client_id: ClientType; + grant_type: GrantType; + scope: Scope; + + send_id: string; + + // TODO: ask if we need device information on server + device claims added in server validator + // device info + // device_type: this.device.type, + // device_identifier: this.device.identifier, + // device_name: this.device.name, +} + +// Payload is the base + only 1 set of 3 credentials. +export type SendAccessTokenPayload = SendAccessTokenPayloadBase & + ( + | SendAccessTokenPasswordPayload + | SendAccessTokenEmailOtpPayload + | SendAccessTokenAnonymousPayload + ); + +export class SendAccessTokenRequest { constructor( + public clientId: ClientType, public sendId: string, public device: DeviceRequest, public password?: string, public email?: string, - public oneTimePassword?: string, - ) { - super(undefined, device); - } + public otp?: string, + ) {} - toIdentityToken(clientId: ClientType) { - // Super call handles setting up client id and device properties - const obj = super.toIdentityToken(clientId); + /** + * Builds the payload to send to /connect/token + */ + toIdentityTokenPayload(): SendAccessTokenPayload { + const base: SendAccessTokenPayloadBase = { + client_id: this.clientId, + grant_type: GrantTypes.SendAccess, + scope: Scopes.Send, - obj.grant_type = GrantTypes.SendAccess; - - // override base scopes - obj.scope = [Scopes.Send].join(" "); - - // Add required and optional properties - obj.sendId = this.sendId; + send_id: this.sendId, + }; if (this.password) { - obj.password = this.password; + return { ...base, password: this.password }; + } else if (this.email && this.otp) { + return { ...base, email: this.email, otp: this.otp }; + } else { + return base; } - if (this.email && this.oneTimePassword) { - obj.email = this.email; - obj.oneTimePassword = this.oneTimePassword; - } - - return obj; } } diff --git a/libs/common/src/auth/send-access/services/send-token-api.service.ts b/libs/common/src/auth/send-access/services/send-token-api.service.ts index 73e47997be5..9282c749917 100644 --- a/libs/common/src/auth/send-access/services/send-token-api.service.ts +++ b/libs/common/src/auth/send-access/services/send-token-api.service.ts @@ -1,3 +1,5 @@ +import { SendAccessTokenRequest } from "../../models/request/identity-token/send-access-token.request"; + export abstract class SendTokenApiService { - // requestSendAccessToken: () => Promise<>; + abstract requestSendAccessToken: (request: SendAccessTokenRequest) => Promise; }