refresh() API does not work

[pathikrit]

Context

• node version: v19.4.0
• module version with issue: v5.0.0
• last module version without issue:
• environment: node
• any other relevant information:

What are you trying to achieve or the steps to reproduce?

accessToken.refresh() does not work. #420 was closed since it did not use the issue template. So recreating the issue with the template.

The following piece of code works fine:

const {ClientCredentials} = require('simple-oauth2')

async function test(client_id, client_secret) {
  const credentials = new ClientCredentials({
    client: {id: client_id, secret: client_secret},
    auth: {tokenHost: 'https://portal.getjoan.com', tokenPath: '/api/token/'}
  })
  let accessToken = await credentials.getToken()

  if (true || accessToken.expired()) {   // Emulate token expiry
     console.log('Refreshing expired token ....')
     accessToken = await credentials.getToken()
  }
  return accessToken
}

client_id='EIFZqijAtYH6DOkgBJV2pthRFHoSmQOq3niiJfoi'
client_secret='gRlHMs35NchXe5fkfFiYTyVMXD5PXaKLURPNtlIMLgJm3Pp8YzfrygjEuDjvGAukS1UfNTYHiI7cIX6za2sKvB9gu2HMdtzyNATqgstqo0FdDRUrFwxU6OVzhYvans6v'
test(client_id, client_secret).then(token => console.log(token))

However, if I change it use the refresh API, it does not work:

if (true || accessToken.expired()) {   // Emulate token expiry
  console.log('Refreshing expired token ....')
  accessToken = await accessToken.refresh()
}

What was the result you got?

 throw new Boom.Boom(`Response Error: ${res.statusCode} ${res.statusMessage}`, { statusCode: res.statusCode, data });
              ^

Error: Response Error: 400 Bad Request
    at internals.Client._shortcut (/Users/pbhowmick/workspace/node-joan/node_modules/@hapi/wreck/lib/index.js:569:15)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Client.request (/Users/pbhowmick/workspace/node-joan/node_modules/simple-oauth2/lib/client/client.js:39:22)
    at async AccessToken.refresh (/Users/pbhowmick/workspace/node-joan/node_modules/simple-oauth2/lib/access-token.js:49:22) {

What result did you expect?

Not an error. This might be because the library is putting auth headers for the refresh request (see #32) but #54 was never merged.

[crisward]

Also getting this error. Any work around?

[sametcodes]

I'm getting the same issue. It returns the content-type is not JSON compatible. Probably it cannot build the inner request properly.

[jonathansamines]

Hey @pathikrit. Did you tried my suggestion at your previous issue? Did it worked? If not, how is it failing?

This kind of issue is mostly a matter of configuration. Cannot suggest anything more specific, as it is highly dependent on the particular OAuth2 server provider and I do not have the time to dig into each specific provider's requirements.

For anyone else facing this issue, please open a new issue with the specific details of your issue. Just posting that you are having the same problem won't help at all, because again, most of the time is a configuration change that it is highly dependent on each provider.

[pathikrit]

Did you tried my #420 (comment) at your previous issue? Did it worked? If not, how is it failing?

Still failing in same way. As I said, the error is happening because I don't auth headers in the refresh request (see #32) and the fix in #54 was never merged