Skip to content
Open
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 12 additions & 2 deletions src/runtime/server/lib/oauth/salesforce.ts
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ import type { H3Event } from 'h3'
import { eventHandler, getQuery, sendRedirect } from 'h3'
import { withQuery } from 'ufo'
import { defu } from 'defu'
import { handleMissingConfiguration, handleAccessTokenErrorResponse, getOAuthRedirectURL, requestAccessToken, handleState, handleInvalidState } from '../utils'
import { handleMissingConfiguration, handleAccessTokenErrorResponse, getOAuthRedirectURL, requestAccessToken, handleState, handleInvalidState, handlePkceVerifier } from '../utils'
import { useRuntimeConfig, createError } from '#imports'
import type { OAuthConfig } from '#auth-utils'

Expand Down Expand Up @@ -39,6 +39,11 @@ export interface OAuthSalesforceConfig {
* @default 'https://login.salesforce.com/services/oauth2/token'
*/
tokenURL?: string
/**
* Salesforce OAuth User URL
* @default 'https://login.salesforce.com/services/oauth2/userinfo'
*/
userURL?: string
Comment thread
phof marked this conversation as resolved.
/**
* Extra authorization parameters to provide to the authorization URL
* @default {}
Expand All @@ -62,6 +67,7 @@ export function defineOAuthSalesforceEventHandler({
config = defu(config, runtimeConfig, {
authorizationURL: `${baseURL}/services/oauth2/authorize`,
tokenURL: `${baseURL}/services/oauth2/token`,
userURL: `${baseURL}/services/oauth2/userinfo`,
authorizationParams: {},
}) as OAuthSalesforceConfig

Expand All @@ -82,6 +88,7 @@ export function defineOAuthSalesforceEventHandler({
}

const redirectURL = config.redirectURL || getOAuthRedirectURL(event)
const pkce = await handlePkceVerifier(event)
const state = await handleState(event)

if (!query.code) {
Expand All @@ -94,6 +101,8 @@ export function defineOAuthSalesforceEventHandler({
redirect_uri: redirectURL,
scope: config.scope.join(' '),
state,
code_challenge: pkce.code_challenge,
code_challenge_method: pkce.code_challenge_method,
...config.authorizationParams,
}),
)
Expand All @@ -110,6 +119,7 @@ export function defineOAuthSalesforceEventHandler({
client_secret: config.clientSecret,
redirect_uri: redirectURL,
code: query.code,
code_verifier: pkce.code_verifier,
},
})

Expand All @@ -118,7 +128,7 @@ export function defineOAuthSalesforceEventHandler({
}

const accessToken = tokens.access_token
const user = await $fetch(`${baseURL}/services/oauth2/userinfo`, {
const user = await $fetch(config.userURL as string, {
headers: {
Authorization: `Bearer ${accessToken}`,
},
Expand Down
Loading