OAuth2: automatically handle Bearer token type only

According to RFC6749 Section 7.1, The client MUST NOT use an access token if it does not understand the token type. At this point bruno only understands 'bearer' token_type.
usebruno · Jun 21, 2024 · 93a214e · 93a214e
1 parent 46090a3
commit 93a214e
Showing 1 changed file with 15 additions and 20 deletions.
diff --git a/packages/bruno-electron/src/ipc/network/index.js b/packages/bruno-electron/src/ipc/network/index.js
@@ -209,40 +209,35 @@ const configureRequest = async (
 
   if (request.oauth2) {
     let requestCopy = cloneDeep(request);
+    interpolateVars(requestCopy, envVars, collectionVariables, processEnvVars);
+    let credentials, response;
     switch (request?.oauth2?.grantType) {
       case 'authorization_code': {
-        interpolateVars(requestCopy, envVars, collectionVariables, processEnvVars);
-        const { credentials, response } = await oauth2AuthorizeWithAuthorizationCode(requestCopy, collectionUid);
-        request.credentials = credentials;
-        request.authRequestResponse = response;
-        request.headers['Authorization'] = `Bearer ${credentials.access_token}`;
+        ({ credentials, response } = await oauth2AuthorizeWithAuthorizationCode(requestCopy, collectionUid));
         break;
       }
       case 'client_credentials': {
-        interpolateVars(requestCopy, envVars, collectionVariables, processEnvVars);
-        const { credentials, response } = await oauth2AuthorizeWithClientCredentials(requestCopy, collectionUid);
-        request.credentials = credentials;
-        request.authRequestResponse = response;
-        request.headers['Authorization'] = `Bearer ${credentials.access_token}`;
+        ({ credentials, response } = await oauth2AuthorizeWithClientCredentials(requestCopy, collectionUid));
         break;
       }
       case 'password': {
-        interpolateVars(requestCopy, envVars, collectionVariables, processEnvVars);
-        const { credentials, response } = await oauth2AuthorizeWithPasswordCredentials(requestCopy, collectionUid);
-        request.credentials = credentials;
-        request.authRequestResponse = response;
-        request.headers['Authorization'] = `Bearer ${credentials.access_token}`;
+        ({ credentials, response } = await oauth2AuthorizeWithPasswordCredentials(requestCopy, collectionUid));
         break;
       }
       case 'implicit': {
-        interpolateVars(requestCopy, envVars, collectionVariables, processEnvVars);
-        const { credentials, response } = await oauth2AuthorizeWithImplicitFlow(requestCopy, collectionUid);
-        request.credentials = credentials;
-        request.authRequestResponse = response;
-        request.headers['Authorization'] = `Bearer ${credentials.access_token}`;
+        ({ credentials, response } = await oauth2AuthorizeWithImplicitFlow(requestCopy, collectionUid));
         break;
       }
     }
+    request.credentials = credentials;
+    request.authRequestResponse = response;
+
+    // Bruno can handle bearer token type automatically.
+    // Other - more exotic token types are not touched
+    // Users are free to use pre-request script and operate on req.credentials.access_token variable
+    if (credentials?.token_type.toLowerCase() === 'bearer') {
+      request.headers['Authorization'] = `Bearer ${credentials.access_token}`;
+    }
   }
 
   if (request.awsv4config) {