added audience to oauth

2025-10-04 00:00:37 -04:00 · 2025-09-21 19:33:10 +01:00 · 2025-09-21 19:33:10 +01:00 · 48c2d30fa9
commit 48c2d30fa9
parent 1d6e735bd6
3 changed files with 9 additions and 3 deletions
--- a/lib/httpx/plugins/oauth.rb
+++ b/lib/httpx/plugins/oauth.rb
@ -16,7 +16,7 @@ module HTTPX
      SUPPORTED_AUTH_METHODS = %w[client_secret_basic client_secret_post].freeze

      class OAuthSession
-        attr_reader :grant_type, :client_id, :client_secret, :access_token, :refresh_token, :scope
+        attr_reader :grant_type, :client_id, :client_secret, :access_token, :refresh_token, :scope, :audience

        def initialize(
          issuer:,
@ -25,6 +25,7 @@ module HTTPX
          access_token: nil,
          refresh_token: nil,
          scope: nil,
+          audience: nil,
          token_endpoint: nil,
          response_type: nil,
          grant_type: nil,
@ -41,6 +42,7 @@ module HTTPX
                   when Array
                     scope
          end
+          @audience = audience
          @access_token = access_token
          @refresh_token = refresh_token
          @token_endpoint_auth_method = String(token_endpoint_auth_method) if token_endpoint_auth_method
@ -125,7 +127,7 @@ module HTTPX
          grant_type = oauth_session.grant_type

          headers = {}
-          form_post = { "grant_type" => grant_type, "scope" => Array(oauth_session.scope).join(" ") }.compact
+          form_post = { "grant_type" => grant_type, "scope" => Array(oauth_session.scope).join(" "), "audience" => oauth_session.audience }.compact

          # auth
          case oauth_session.token_endpoint_auth_method
--- a/sig/plugins/oauth.rbs
+++ b/sig/plugins/oauth.rbs
@ -27,6 +27,8 @@ module HTTPX

        attr_reader scope: Array[String]?

+        attr_reader audience: String?
+
        def initialize: (issuer: uri, client_id: String, client_secret: String, ?access_token: String?, ?refresh_token: String?, ?scope: (Array[String] | String)?, ?token_endpoint: String?, ?response_type: String?, ?grant_type: String?, ?token_endpoint_auth_method: ::String) -> void

        def token_endpoint: () -> String
--- a/test/support/requests/plugins/oauth.rb
+++ b/test/support/requests/plugins/oauth.rb
@ -9,13 +9,15 @@ module Requests
          opts = HTTPX.plugin(:oauth).oauth_auth(
            issuer: server.origin,
            client_id: "CLIENT_ID", client_secret: "SECRET",
-            scope: "all"
+            scope: "all",
+            audience: "audience"
          ).instance_variable_get(:@options)

          assert opts.oauth_session.grant_type == "client_credentials"
          assert opts.oauth_session.token_endpoint.to_s == "#{server.origin}/token"
          assert opts.oauth_session.token_endpoint_auth_method == "client_secret_basic"
          assert opts.oauth_session.scope == %w[all]
+          assert opts.oauth_session.audience == 'audience'

          # from options, pointing to refresh
          opts = HTTPX.plugin(:oauth).oauth_auth(