fix: ensure correct token_type in response

auer-martin · auer-martin · commit 668c53f01271 · 2024-07-30T13:51:19.000+02:00
diff --git a/packages/client/lib/AccessTokenClient.ts b/packages/client/lib/AccessTokenClient.ts
@@ -95,7 +95,13 @@ export class AccessTokenClient {
     if (createDPoPOpts?.dPoPSigningAlgValuesSupported && createDPoPOpts.dPoPSigningAlgValuesSupported.length > 0) {
       dPoP = createDPoPOpts ? await createDPoP(getCreateDPoPOptions(createDPoPOpts, requestTokenURL)) : undefined;
     }
-    return this.sendAuthCode(requestTokenURL, accessTokenRequest, dPoP ? { headers: { dPoP } } : undefined);
+    const response = await this.sendAuthCode(requestTokenURL, accessTokenRequest, dPoP ? { headers: { dPoP } } : undefined);
+
+    if (response.successBody && createDPoPOpts && createDPoPOpts && response.successBody.token_type !== 'DPoP') {
+      throw new Error('Invalid token type returned. Expected DPoP. Received: ' + response.successBody.token_type);
+    }
+
+    return response;
   }
 
   public async createAccessTokenRequest(opts: Omit<AccessTokenRequestOpts, 'createDPoPOpts'>): Promise<AccessTokenRequest> {
diff --git a/packages/client/lib/AccessTokenClientV1_0_11.ts b/packages/client/lib/AccessTokenClientV1_0_11.ts
@@ -100,7 +100,13 @@ export class AccessTokenClientV1_0_11 {
       dPoP = createDPoPOpts ? await createDPoP(getCreateDPoPOptions(createDPoPOpts, requestTokenURL)) : undefined;
     }
 
-    return this.sendAuthCode(requestTokenURL, accessTokenRequest, dPoP ? { headers: { dPoP } } : undefined);
+    const response = await this.sendAuthCode(requestTokenURL, accessTokenRequest, dPoP ? { headers: { dPoP } } : undefined);
+
+    if (response.successBody && createDPoPOpts && createDPoPOpts && response.successBody.token_type !== 'DPoP') {
+      throw new Error('Invalid token type returned. Expected DPoP. Received: ' + response.successBody.token_type);
+    }
+
+    return response;
   }
 
   public async createAccessTokenRequest(opts: Omit<AccessTokenRequestOpts, 'createDPoPOpts'>): Promise<AccessTokenRequest> {

Original file line number	Diff line number	Diff line change
`@@ -95,7 +95,13 @@ export class AccessTokenClient {`
`95`	`95`	`if (createDPoPOpts?.dPoPSigningAlgValuesSupported && createDPoPOpts.dPoPSigningAlgValuesSupported.length > 0) {`
`96`	`96`	`dPoP = createDPoPOpts ? await createDPoP(getCreateDPoPOptions(createDPoPOpts, requestTokenURL)) : undefined;`
`97`	`97`	`}`
`98`		`- return this.sendAuthCode(requestTokenURL, accessTokenRequest, dPoP ? { headers: { dPoP } } : undefined);`
	`98`	`+ const response = await this.sendAuthCode(requestTokenURL, accessTokenRequest, dPoP ? { headers: { dPoP } } : undefined);`
	`99`	`+`
	`100`	`+ if (response.successBody && createDPoPOpts && createDPoPOpts && response.successBody.token_type !== 'DPoP') {`
	`101`	`+ throw new Error('Invalid token type returned. Expected DPoP. Received: ' + response.successBody.token_type);`
	`102`	`+ }`
	`103`	`+`
	`104`	`+ return response;`
`99`	`105`	`}`
`100`	`106`
`101`	`107`	`public async createAccessTokenRequest(opts: Omit<AccessTokenRequestOpts, 'createDPoPOpts'>): Promise<AccessTokenRequest> {`
Original file line number	Diff line number	Diff line change
`@@ -100,7 +100,13 @@ export class AccessTokenClientV1_0_11 {`
`100`	`100`	`dPoP = createDPoPOpts ? await createDPoP(getCreateDPoPOptions(createDPoPOpts, requestTokenURL)) : undefined;`
`101`	`101`	`}`
`102`	`102`
`103`		`- return this.sendAuthCode(requestTokenURL, accessTokenRequest, dPoP ? { headers: { dPoP } } : undefined);`
	`103`	`+ const response = await this.sendAuthCode(requestTokenURL, accessTokenRequest, dPoP ? { headers: { dPoP } } : undefined);`
	`104`	`+`
	`105`	`+ if (response.successBody && createDPoPOpts && createDPoPOpts && response.successBody.token_type !== 'DPoP') {`
	`106`	`+ throw new Error('Invalid token type returned. Expected DPoP. Received: ' + response.successBody.token_type);`
	`107`	`+ }`
	`108`	`+`
	`109`	`+ return response;`
`104`	`110`	`}`
`105`	`111`
`106`	`112`	`public async createAccessTokenRequest(opts: Omit<AccessTokenRequestOpts, 'createDPoPOpts'>): Promise<AccessTokenRequest> {`