elemental-lowcode
elemental-lowcode copied to clipboard
PhilipSkinner
Integrations - bearer token - OAuth client credentials
Add support for client credentials bearer token authentication on outgoing HTTP requests.
The configuration for this authentication mechanism should be:
{
"request": {
"uri": "https://jsonplaceholder.typicode.com/posts/$.body.id",
"method": "get",
"authentication" : {
"mechanism" : "client_credentials",
"type" : "bearer",
"config" : {
"client" : "my-client",
"scopes" : [
"scope_1",
"scope_2"
]
}
}
}
}
The client value references an oauth provider. The scopes are an optional set of scopes which override the default scopes setup within the oauth provider.
Create a refreshing token store that can always return a valid token into the requestService. As we do not know the structure of the token, and we may not be able to inspect it to determine its expiration, the token store should assume that it is not possible to glean this information from the token. Instead it should provide a mechanism for handling 401 responses from the requestService.sendRequest method, which will refresh the token. This must not cause an infinite loop and should only be retried once.
When this authentication mechanism is present the requestService within the integration application should add an {{Authorization}} header to the outgoing request with the value of Bearer followed by the token received from the refreshing token store:
Authorization: Bearer <token>
