diff --git a/.changeset/green-windows-destroy.md b/.changeset/green-windows-destroy.md new file mode 100644 index 000000000..b9551b2e2 --- /dev/null +++ b/.changeset/green-windows-destroy.md @@ -0,0 +1,5 @@ +--- +"@monokle/synchronizer": minor +--- + +Improve 'DeviceFlowHandler' configurability diff --git a/packages/synchronizer/src/constants.ts b/packages/synchronizer/src/constants.ts index 607955aba..50076e3b2 100644 --- a/packages/synchronizer/src/constants.ts +++ b/packages/synchronizer/src/constants.ts @@ -3,5 +3,8 @@ export const DEFAULT_STORAGE_CONFIG_FILE_AUTH = 'auth.yaml'; export const DEFAULT_API_URL = 'https://api.monokle.com'; -export const DEFAULT_DEVICE_FLOW_CLIENT_ID = 'monokle'; -export const DEFAULT_DEVICE_FLOW_IDP_URL = 'https://api.dev.monokle.com/identity'; +export const DEFAULT_DEVICE_FLOW_IDP_URL = 'https://id.dev.monokle.com/realms/monokle'; +export const DEFAULT_DEVICE_FLOW_CLIENT_ID = 'mc-cli'; +export const DEFAULT_DEVICE_FLOW_CLIENT_SECRET = ''; +export const DEFAULT_DEVICE_FLOW_ALG = 'ES512'; +export const DEFAULT_DEVICE_FLOW_CLIENT_SCOPE = 'openid profile offline_access'; diff --git a/packages/synchronizer/src/handlers/deviceFlowHandler.ts b/packages/synchronizer/src/handlers/deviceFlowHandler.ts index 1f67abc7b..6a9b8d665 100644 --- a/packages/synchronizer/src/handlers/deviceFlowHandler.ts +++ b/packages/synchronizer/src/handlers/deviceFlowHandler.ts @@ -1,6 +1,6 @@ import {Issuer} from 'openid-client'; -import {DEFAULT_DEVICE_FLOW_IDP_URL, DEFAULT_DEVICE_FLOW_CLIENT_ID} from '../constants.js'; -import type {BaseClient, DeviceFlowHandle as DeviceFlowHandleOpenId, TokenSet as TokenSetOpenId} from 'openid-client'; +import {DEFAULT_DEVICE_FLOW_IDP_URL, DEFAULT_DEVICE_FLOW_CLIENT_ID, DEFAULT_DEVICE_FLOW_CLIENT_SECRET, DEFAULT_DEVICE_FLOW_ALG, DEFAULT_DEVICE_FLOW_CLIENT_SCOPE} from '../constants.js'; +import type {BaseClient, ClientMetadata, DeviceFlowHandle as DeviceFlowHandleOpenId, TokenSet as TokenSetOpenId} from 'openid-client'; export type DeviceFlowHandle = DeviceFlowHandleOpenId; @@ -11,14 +11,19 @@ export class DeviceFlowHandler { constructor( private _idpUrl: string = DEFAULT_DEVICE_FLOW_IDP_URL, - private _clientId: string = DEFAULT_DEVICE_FLOW_CLIENT_ID + private _clientMetadata: ClientMetadata = { + client_id: DEFAULT_DEVICE_FLOW_CLIENT_ID, + client_secret: DEFAULT_DEVICE_FLOW_CLIENT_SECRET, + id_token_signed_response_alg: DEFAULT_DEVICE_FLOW_ALG, + }, + private _clientScope: string = DEFAULT_DEVICE_FLOW_CLIENT_SCOPE, ) {} async initializeAuthFlow(): Promise { const client = await this.getClient(); return client.deviceAuthorization({ - scope: 'openid profile offline_access', + scope: this._clientScope, }); } @@ -34,11 +39,7 @@ export class DeviceFlowHandler { private async getClient(): Promise { if (!this._currentClient) { const monokleIssuer = await Issuer.discover(this._idpUrl); - - this._currentClient = new monokleIssuer.Client({ - client_id: this._clientId, - client_secret: '', - }); + this._currentClient = new monokleIssuer.Client(this._clientMetadata); } return this._currentClient;