Skip to content

Commit f0c2e3b

Browse files
authored
feat: better oauth defaults (#36)
* feat: better oauth defaults * feat: more defaults for oauth
1 parent af8a40e commit f0c2e3b

3 files changed

Lines changed: 36 additions & 13 deletions

File tree

__tests__/unit/authenticationManager.test.ts

Lines changed: 17 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,8 @@
11
import { describe, it, expect, beforeEach, vi } from 'vitest';
2-
import { AuthenticationManager, type AuthenticationOptions } from '../../src/authenticationManager';
2+
import {
3+
AuthenticationManager,
4+
type AuthenticationOptions,
5+
} from '../../src/authenticationManager';
36
import * as openidClient from 'openid-client';
47
import * as jwtDecodeModule from 'jwt-decode';
58
import * as grpc from '@grpc/grpc-js';
@@ -43,7 +46,7 @@ describe('AuthenticationManager', () => {
4346
);
4447
expect(openidClient.clientCredentialsGrant).toHaveBeenCalledWith(
4548
mockDiscovery,
46-
{ audience: 'crisp-athena-dev', scope: options.scope }
49+
{ audience: 'crisp-athena-live', scope: options.scope },
4750
);
4851
});
4952

@@ -67,7 +70,9 @@ describe('AuthenticationManager', () => {
6770
...mockToken,
6871
access_token: 'new_access_token',
6972
});
70-
(jwtDecodeModule.jwtDecode as any).mockReturnValue({ exp: Math.floor(Date.now() / 1000) + 3600 });
73+
(jwtDecodeModule.jwtDecode as any).mockReturnValue({
74+
exp: Math.floor(Date.now() / 1000) + 3600,
75+
});
7176

7277
const header = await manager.getAuthenticationHeader();
7378
expect(openidClient.refreshTokenGrant).toHaveBeenCalled();
@@ -82,7 +87,9 @@ describe('AuthenticationManager', () => {
8287
...mockToken,
8388
access_token: 'reacquired_access_token',
8489
});
85-
(jwtDecodeModule.jwtDecode as any).mockReturnValue({ exp: Math.floor(Date.now() / 1000) + 3600 });
90+
(jwtDecodeModule.jwtDecode as any).mockReturnValue({
91+
exp: Math.floor(Date.now() / 1000) + 3600,
92+
});
8693

8794
const header = await manager.getAuthenticationHeader();
8895
expect(openidClient.clientCredentialsGrant).toHaveBeenCalled();
@@ -93,12 +100,16 @@ describe('AuthenticationManager', () => {
93100
await manager.getAuthenticationHeader();
94101
(manager as any).tokenExpiration = new Date(Date.now() - 1000); // expired
95102
(manager as any).token.refresh_token = 'mock_refresh_token';
96-
(openidClient.refreshTokenGrant as any).mockRejectedValue(new Error('refresh failed'));
103+
(openidClient.refreshTokenGrant as any).mockRejectedValue(
104+
new Error('refresh failed'),
105+
);
97106
(openidClient.clientCredentialsGrant as any).mockResolvedValue({
98107
...mockToken,
99108
access_token: 'fallback_access_token',
100109
});
101-
(jwtDecodeModule.jwtDecode as any).mockReturnValue({ exp: Math.floor(Date.now() / 1000) + 3600 });
110+
(jwtDecodeModule.jwtDecode as any).mockReturnValue({
111+
exp: Math.floor(Date.now() / 1000) + 3600,
112+
});
102113

103114
const header = await manager.getAuthenticationHeader();
104115
expect(openidClient.refreshTokenGrant).toHaveBeenCalled();

src/authenticationManager.ts

Lines changed: 18 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,9 @@ export type AuthenticationOptions = {
2121
/** Whether to automatically refresh the access token. */
2222
autoRefresh?: boolean;
2323
/** OAuth scope to request. */
24-
scope: 'manage:classify';
24+
scope?: string;
25+
/** OAuth audience to request. */
26+
audience?: 'crisp-athena-live';
2527
};
2628

2729
/**
@@ -41,6 +43,10 @@ export class AuthenticationManager {
4143
*/
4244
constructor(options: AuthenticationOptions) {
4345
this.options = options;
46+
47+
if (!this.options.issuerUrl) {
48+
this.options.issuerUrl = 'https://crispthinking.auth0.com/';
49+
}
4450
}
4551

4652
/**
@@ -112,10 +118,17 @@ export class AuthenticationManager {
112118
}
113119

114120
if (this.token === undefined) {
115-
this.token = await clientCredentialsGrant(this.discovery, {
116-
audience: 'crisp-athena-dev',
117-
scope: this.options.scope,
118-
});
121+
if (this.options.scope) {
122+
this.token = await clientCredentialsGrant(this.discovery, {
123+
audience: 'crisp-athena-live',
124+
scope: this.options.scope,
125+
});
126+
} else {
127+
this.token = await clientCredentialsGrant(this.discovery, {
128+
audience: 'crisp-athena-live',
129+
});
130+
}
131+
119132
this.decoded = jwtDecode(this.token.access_token);
120133

121134
// Calculate expiry date of jwt

src/index.ts

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -81,8 +81,7 @@ export type ClassifierEvents = {
8181
open: () => void;
8282
};
8383

84-
export const defaultGrpcAddress =
85-
'csam-classification-messages.crispdev.com:443';
84+
export const defaultGrpcAddress = 'trust.messages.crispthinking.com:443';
8685

8786
/**
8887
* SDK for interacting with the Athena classification service via gRPC.

0 commit comments

Comments
 (0)