usebruno
feat: OAuth 2.0 Client Credentials Basic Auth
Description
With this change the OAuth2 authorization on request and collection level is now including additional configuration option for handling client credentials when accessing token endpoint. This applies to all currently supported grant_types.
The new default option is to send the credentials as Authorization: Basic header:
auth:oauth2 {
...
client_id: brunoclient
client_secret: {{client_secret}}
client_secret_method: client_credentials_basic
}
The old behavior to include them in the request body is still available.
auth:oauth2 {
...
client_id: brunoclient
client_secret: {{client_secret}}
client_secret_method: client_credentials_post
}
resolves #2106 #1003
Contribution Checklist:
- [x] The pull request only addresses one issue or adds one feature.
- [x] The pull request does not introduce any breaking changes
- [x] I have added screenshots or gifs to help explain the change if applicable.
- [x] I have read the contribution guidelines.
- [x] Create an issue and link to the pull request.
Note: Keeping the PR small and focused helps make it easier to review and merge. If you have multiple changes you want to make, please consider submitting them as separate pull requests.
Publishing to New Package Managers
Please see here for more information.
Rebased and slightly simplified. It should be more clear what is happening in oauth2 helper.
Looks good, when can we expect this to be merged (and available in the main package)?
This is a significant PR, and we need some time to thoroughly review it. Enhancing the OAuth 2.0 interface is a top priority for us in September 2024. We’ll provide more updates in the coming days.
