fix(auth): add client_id to the refresh request (#2350)

akveo · Sep 17, 2020 · 10b01fa · 10b01fa
1 parent 61af463
commit 10b01fa
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 2 deletions.
diff --git a/src/framework/auth/strategies/oauth2/oauth2-strategy.spec.ts b/src/framework/auth/strategies/oauth2/oauth2-strategy.spec.ts
@@ -614,7 +614,10 @@ describe('oauth2-auth-strategy', () => {
  });
  });
  it('handle refresh token with NO client auth', (done: DoneFn) => {
- strategy.setOptions(basicOptions);
+ strategy.setOptions({
+ ... basicOptions,
+ clientId: 'clientId',
+ });
 
  strategy.refreshToken(successToken)
  .subscribe((result: NbAuthResult) => {
@@ -636,7 +639,8 @@ describe('oauth2-auth-strategy', () => {
  && req.headers.get('Content-Type') === 'application/x-www-form-urlencoded'
  && decodeURIComponent(params['grant_type']) === NbOAuth2GrantType.REFRESH_TOKEN
  && decodeURIComponent(params['refresh_token']) === successToken.getRefreshToken()
- && decodeURIComponent(params['scope']) === 'read')
+ && decodeURIComponent(params['scope']) === 'read'
+ && decodeURIComponent(params['client_id']) === 'clientId')
  },
  )
  .flush(tokenSuccessResponse);

diff --git a/src/framework/auth/strategies/oauth2/oauth2-strategy.ts b/src/framework/auth/strategies/oauth2/oauth2-strategy.ts
@@ -307,6 +307,7 @@ export class NbOAuth2AuthStrategy extends NbAuthStrategy {
  grant_type: this.getOption('refresh.grantType'),
  refresh_token: token.getRefreshToken(),
  scope: this.getOption('refresh.scope'),
+ client_id: this.getOption('clientId'),
  };
  return this.urlEncodeParameters(this.cleanParams(this.addCredentialsToParams(params)));
  }