From a281729a18665439cd560bcffc7ba778c2838dd7 Mon Sep 17 00:00:00 2001 From: Samuel Elliott Date: Mon, 1 Sep 2025 02:06:50 +0100 Subject: [PATCH] Add methods for setting nxapi-auth client authentication --- src/api/f.ts | 15 +++++++++++++-- src/exports/index.ts | 7 +++++++ src/util/nxapi-auth.ts | 14 ++++++++++++++ 3 files changed, 34 insertions(+), 2 deletions(-) diff --git a/src/api/f.ts b/src/api/f.ts index 751f9f9..488ccee 100644 --- a/src/api/f.ts +++ b/src/api/f.ts @@ -5,7 +5,7 @@ import { defineResponse, ErrorResponse } from './util.js'; import createDebug from '../util/debug.js'; import { timeoutSignal } from '../util/misc.js'; import { getUserAgent } from '../util/useragent.js'; -import { client_assertion_provider, ClientAssertionProviderInterface } from '../util/nxapi-auth.js'; +import { client_assertion_provider, client_auth_provider, ClientAssertionProviderInterface } from '../util/nxapi-auth.js'; import { ZNCA_VERSION } from './coral.js'; import { AccountLoginParameter, AccountTokenParameter, WebServiceTokenParameter } from './coral-types.js'; @@ -575,6 +575,7 @@ export class NxapiZncaAuth { const resource = new URL(url).origin; const auth = new NxapiZncaAuth(resource, useragent); + let scope: string | null = null; if (process.env.NXAPI_ZNCA_API_CLIENT_ID && process.env.NXAPI_ZNCA_API_CLIENT_SECRET) { auth.client_credentials = { @@ -591,13 +592,23 @@ export class NxapiZncaAuth { auth.client_credentials = { id: process.env.NXAPI_ZNCA_API_CLIENT_ID, }; + } else if (client_auth_provider && 'id' in client_auth_provider) { + auth.client_credentials = { + id: client_auth_provider.id, + secret: client_auth_provider.secret, + }; + scope = client_auth_provider.scope; + } else if (client_auth_provider && 'create' in client_auth_provider) { + auth.client_assertion_provider = client_auth_provider; } else if (client_assertion_provider) { auth.client_assertion_provider = client_assertion_provider; } else { debugZncaAuth('client authentication not configured'); } - if (process.env.NXAPI_ZNCA_API_AUTH_SCOPE) { + if (scope) { + auth.request_scope = scope; + } else if (process.env.NXAPI_ZNCA_API_AUTH_SCOPE) { auth.request_scope = process.env.NXAPI_ZNCA_API_AUTH_SCOPE; } diff --git a/src/exports/index.ts b/src/exports/index.ts index e47dc8f..7fb9f84 100644 --- a/src/exports/index.ts +++ b/src/exports/index.ts @@ -2,6 +2,13 @@ export { getTitleIdFromEcUrl } from '../util/misc.js'; export { ErrorResponse, ResponseSymbol } from '../api/util.js'; export { addUserAgent, addUserAgentFromPackageJson } from '../util/useragent.js'; +export { + ClientAssertionProviderInterface, + ClientAuthProviderInterface, + ClientCredentialsInterface, + setClientAuthentication, +} from '../util/nxapi-auth.js'; + export { version, product } from '../util/product.js'; export { diff --git a/src/util/nxapi-auth.ts b/src/util/nxapi-auth.ts index 7c02a88..5df1196 100644 --- a/src/util/nxapi-auth.ts +++ b/src/util/nxapi-auth.ts @@ -5,12 +5,20 @@ import { dev, git, pkg, release } from './product.js'; export const NXAPI_AUTH_CLI_CLIENT_ID = 'CKtknJ6HiH2AZIMw-x8ljw'; export const NXAPI_AUTH_APP_CLIENT_ID = 'GlR_qsPZpNcxqMwnbsSjMA'; +export let client_auth_provider: ClientAuthProviderInterface | null = null; export let client_assertion_provider: ClientAssertionProviderInterface | null = null; +export function setClientAuthentication(provider: ClientAuthProviderInterface) { + client_auth_provider = provider; +} export function setClientAssertionProvider(provider: ClientAssertionProviderInterface) { client_assertion_provider = provider; } +export type ClientAuthProviderInterface = + ClientAssertionProviderInterface | + ClientCredentialsInterface; + export interface ClientAssertionProviderInterface { scope: string; create(aud: string, exp?: number): Promise; @@ -20,6 +28,12 @@ export interface OAuthClientAssertion { type: string; } +export interface ClientCredentialsInterface { + id: string; + secret?: string; + scope: string; +} + export class ClientAssertionProvider implements ClientAssertionProviderInterface { constructor( readonly client_id: string,