oauth2-cli 0.6.0 → 0.7.0

package/CHANGELOG.md

@@ -2,6 +2,17 @@
 
 All notable changes to this project will be documented in this file. See [commit-and-tag-version](https://github.com/absolute-version/commit-and-tag-version) for commit guidelines.
 
+## [0.7.0](https://github.com/battis/oauth2-cli/compare/oauth2-cli/0.6.0...oauth2-cli/0.7.0) (2026-02-16)
+
+
+### ⚠ BREAKING CHANGES
+
+* make more properties of Client accessible to subclasses
+
+### Features
+
+* make more properties of Client accessible to subclasses ([74ef874](https://github.com/battis/oauth2-cli/commit/74ef874804323a9c3c496ddf7b0e24bac9e671e1))
+
 ## [0.6.0](https://github.com/battis/oauth2-cli/compare/oauth2-cli/0.5.1...oauth2-cli/0.6.0) (2026-02-15)
 
 

package/dist/Client.d.ts

@@ -2,6 +2,7 @@ import { PathString } from '@battis/descriptive-types';
 import { Request } from 'express';
 import { EventEmitter } from 'node:events';
 import * as OpenIDClient from 'openid-client';
+import * as requestish from 'requestish';
 import * as Credentials from './Credentials.js';
 import * as Req from './Request/index.js';
 import { Session, SessionOptions } from './Session.js';
@@ -14,6 +15,12 @@ export declare const DEFAULT_REDIRECT_URI = "http://localhost:3000/oauth2-cli/re
 export type ClientOptions = {
     /** Credentials for server access */
     credentials: Credentials.Combined;
+    /** Optional request components to inject */
+    inject?: {
+        search?: requestish.URLSearchParams.ish;
+        headers?: requestish.Headers.ish;
+        body?: requestish.Body.ish;
+    };
     /**
      * Optional absolute path to EJS view templates directory, see
      * [WebServer.setViews()](./Webserver.ts)
@@ -21,21 +28,6 @@ export type ClientOptions = {
     views?: PathString;
     /** Optional {@link TokenStorage} implementation to manage tokens */
     storage?: Token.TokenStorage;
-    /**
-     * Optional search query parameters to include in all server requests (see
-     * {@link RequestAddons.search})
-     */
-    search?: Req.URLSearchParams.ish;
-    /**
-     * Optional headers to include in all server requests (see
-     * {@link RequestAddons.headers})
-     */
-    headers?: Req.Headers.ish;
-    /**
-     * Optional body parameters to include in applicable server requests (see
-     * {@link RequestAddons.body})
-     */
-    body?: Req.Body.ish;
 };
 type RefreshOptions = {
     /**
@@ -71,17 +63,15 @@ type GetTokenOptions = {
  */
 export declare class Client extends EventEmitter {
     static readonly TokenEvent = "token";
-    private credentials;
-    private config?;
-    private views?;
+    protected credentials: Credentials.Combined;
+    protected config?: OpenIDClient.Configuration;
+    protected views?: PathString;
+    protected inject?: Req.Injection;
     private token?;
     private tokenLock;
-    private search?;
-    private headers?;
-    private body?;
     private storage?;
-    constructor({ credentials, views, search, headers, body, storage }: ClientOptions);
-    get redirect_uri(): Req.URL.ish;
+    constructor({ credentials, views, inject, storage }: ClientOptions);
+    get redirect_uri(): requestish.URL.ish;
     /**
      * @throws IndeterminateConfiguration if provided credentials combined with
      *   OpenID discovery fail to generate a complete configuration
@@ -110,14 +100,14 @@ export declare class Client extends EventEmitter {
      * @param headers Optional
      * @param dPoPOptions Optional
      */
-    request(url: Req.URL.ish, method?: string, body?: OpenIDClient.FetchBody, headers?: Req.Headers.ish, dPoPOptions?: OpenIDClient.DPoPOptions): Promise<Response>;
+    request(url: requestish.URL.ish, method?: string, body?: OpenIDClient.FetchBody, headers?: requestish.Headers.ish, dPoPOptions?: OpenIDClient.DPoPOptions): Promise<Response>;
     private toJSON;
     /**
      * Returns the result of {@link request} as a parsed JSON object, optionally
      * typed as `T`
      */
-    requestJSON<T extends OpenIDClient.JsonValue = OpenIDClient.JsonValue>(url: Req.URL.ish, method?: string, body?: OpenIDClient.FetchBody, headers?: Req.Headers.ish, dPoPOptions?: OpenIDClient.DPoPOptions): Promise<T>;
-    fetch(input: Req.URL.ish, init?: RequestInit, dPoPOptions?: OpenIDClient.DPoPOptions): Promise<Response>;
-    fetchJSON<T extends OpenIDClient.JsonValue = OpenIDClient.JsonValue>(input: Req.URL.ish, init?: RequestInit, dPoPOptions?: OpenIDClient.DPoPOptions): Promise<T>;
+    requestJSON<T extends OpenIDClient.JsonValue = OpenIDClient.JsonValue>(url: requestish.URL.ish, method?: string, body?: OpenIDClient.FetchBody, headers?: requestish.Headers.ish, dPoPOptions?: OpenIDClient.DPoPOptions): Promise<T>;
+    fetch(input: requestish.URL.ish, init?: RequestInit, dPoPOptions?: OpenIDClient.DPoPOptions): Promise<Response>;
+    fetchJSON<T extends OpenIDClient.JsonValue = OpenIDClient.JsonValue>(input: requestish.URL.ish, init?: RequestInit, dPoPOptions?: OpenIDClient.DPoPOptions): Promise<T>;
 }
 export {};

package/dist/Client.js

@@ -1,6 +1,7 @@
 import { Mutex } from 'async-mutex';
 import { EventEmitter } from 'node:events';
 import * as OpenIDClient from 'openid-client';
+import * as requestish from 'requestish';
 import * as Errors from './Errors/index.js';
 import * as Req from './Request/index.js';
 import { Session } from './Session.js';
@@ -21,19 +22,15 @@ export class Client extends EventEmitter {
     credentials;
     config;
     views;
+    inject;
     token;
     tokenLock = new Mutex();
-    search;
-    headers;
-    body;
     storage;
-    constructor({ credentials, views, search, headers, body, storage }) {
+    constructor({ credentials, views, inject, storage }) {
         super();
         this.credentials = credentials;
         this.views = views;
-        this.search = search;
-        this.headers = headers;
-        this.body = body;
+        this.inject = inject;
         this.storage = storage;
     }
     get redirect_uri() {
@@ -45,13 +42,13 @@ export class Client extends EventEmitter {
      */
     async getConfiguration() {
         if (!this.config && this.credentials.issuer) {
-            this.config = await OpenIDClient.discovery(Req.URL.from(this.credentials.issuer), this.credentials.client_id, { client_secret: this.credentials.client_secret });
+            this.config = await OpenIDClient.discovery(requestish.URL.from(this.credentials.issuer), this.credentials.client_id, { client_secret: this.credentials.client_secret });
         }
         if (!this.config && this.credentials?.authorization_endpoint) {
             this.config = new OpenIDClient.Configuration({
-                issuer: `https://${Req.URL.from(this.credentials.authorization_endpoint).hostname}`,
-                authorization_endpoint: Req.URL.toString(this.credentials.authorization_endpoint),
-                token_endpoint: Req.URL.toString(this.credentials.token_endpoint ||
+                issuer: `https://${requestish.URL.from(this.credentials.authorization_endpoint).hostname}`,
+                authorization_endpoint: requestish.URL.toString(this.credentials.authorization_endpoint),
+                token_endpoint: requestish.URL.toString(this.credentials.token_endpoint ||
                     this.credentials.authorization_endpoint)
             }, this.credentials.client_id, { client_secret: this.credentials.client_secret });
         }
@@ -61,9 +58,8 @@ export class Client extends EventEmitter {
         return this.config;
     }
     async getParameters(session) {
-        const params = Req.URLSearchParams.merge(this.search, session.inject?.search) ||
-            new URLSearchParams();
-        params.set('redirect_uri', Req.URL.toString(this.credentials.redirect_uri));
+        const params = requestish.URLSearchParams.merge(this.inject?.search, session.inject?.search) || new URLSearchParams();
+        params.set('redirect_uri', requestish.URL.toString(this.credentials.redirect_uri));
         params.set('code_challenge', await OpenIDClient.calculatePKCECodeChallenge(session.code_verifier));
         params.set('code_challenge_method', 'S256');
         params.set('state', session.state);
@@ -92,7 +88,9 @@ export class Client extends EventEmitter {
             const response = await OpenIDClient.authorizationCodeGrant(await this.getConfiguration(), new URL(req.url, this.redirect_uri), {
                 pkceCodeVerifier: session.code_verifier,
                 expectedState: session.state
-            }, this.search ? Req.URLSearchParams.from(this.search) : undefined);
+            }, this.inject?.search
+                ? requestish.URLSearchParams.from(this.inject.search)
+                : undefined);
             await session.resolve(response);
         }
         catch (error) {
@@ -106,7 +104,9 @@ export class Client extends EventEmitter {
         if (!refresh_token || refresh_token === '') {
             return undefined;
         }
-        const token = await OpenIDClient.refreshTokenGrant(await this.getConfiguration(), refresh_token, this.search ? Req.URLSearchParams.from(this.search) : undefined, {
+        const token = await OpenIDClient.refreshTokenGrant(await this.getConfiguration(), refresh_token, this.inject?.search
+            ? requestish.URLSearchParams.from(this.inject.search)
+            : undefined, {
             // @ts-expect-error 2322 undocumented arg pass-through to oauth4webapi
             headers: Req.Headers.merge(this.headers, request?.headers)
         });
@@ -152,7 +152,7 @@ export class Client extends EventEmitter {
      */
     async request(url, method = 'GET', body, headers = {}, dPoPOptions) {
         try {
-            url = Req.URL.from(url);
+            url = requestish.URL.from(url);
         }
         catch (error) {
             if (this.credentials.issuer) {
@@ -162,7 +162,7 @@ export class Client extends EventEmitter {
                 throw error;
             }
         }
-        const request = async () => await OpenIDClient.fetchProtectedResource(await this.getConfiguration(), (await this.getToken()).access_token, Req.URL.from(Req.URLSearchParams.appendTo(url, this.search || {})), method, body, Req.Headers.merge(this.headers, headers), dPoPOptions);
+        const request = async () => await OpenIDClient.fetchProtectedResource(await this.getConfiguration(), (await this.getToken()).access_token, requestish.URL.from(requestish.URLSearchParams.appendTo(url, this.inject?.search || {})), method, body, requestish.Headers.merge(this.inject?.headers, headers), dPoPOptions);
         try {
             return await request();
         }
@@ -195,7 +195,7 @@ export class Client extends EventEmitter {
         return await this.toJSON(await this.request(url, method, body, headers, dPoPOptions));
     }
     async fetch(input, init, dPoPOptions) {
-        return await this.request(input, init?.method, await Req.Body.from(init?.body), Req.Headers.from(init?.headers), dPoPOptions);
+        return await this.request(input, init?.method, await requestish.Body.from(init?.body), requestish.Headers.from(init?.headers), dPoPOptions);
     }
     async fetchJSON(input, init, dPoPOptions) {
         return await this.toJSON(await this.fetch(input, init, dPoPOptions));

package/dist/Credentials.d.ts

@@ -1,29 +1,30 @@
+import * as requestish from 'requestish';
 import * as Req from './Request/index.js';
 export type OAuth2 = {
     client_id: string;
     client_secret: string;
-    redirect_uri: Req.URL.ish;
-    authorization_endpoint: Req.URL.ish;
-    token_endpoint: Req.URL.ish;
+    redirect_uri: requestish.URL.ish;
+    authorization_endpoint: requestish.URL.ish;
+    token_endpoint: requestish.URL.ish;
     scope?: Req.Scope.ish;
 };
 export type OpenID = {
-    issuer: Req.URL.ish;
+    issuer: requestish.URL.ish;
     client_id: string;
     client_secret: string;
-    redirect_uri: Req.URL.ish;
+    redirect_uri: requestish.URL.ish;
 };
 export type Combined = {
     client_id: string;
     client_secret: string;
-    redirect_uri: Req.URL.ish;
+    redirect_uri: requestish.URL.ish;
     scope?: Req.Scope.ish;
 } & ({
-    issuer?: Req.URL.ish;
-    authorization_endpoint: Req.URL.ish;
-    token_endpoint: Req.URL.ish;
+    issuer?: requestish.URL.ish;
+    authorization_endpoint: requestish.URL.ish;
+    token_endpoint: requestish.URL.ish;
 } | {
-    issuer: Req.URL.ish;
-    authorization_endpoint?: Req.URL.ish;
-    token_endpoint?: Req.URL.ish;
+    issuer: requestish.URL.ish;
+    authorization_endpoint?: requestish.URL.ish;
+    token_endpoint?: requestish.URL.ish;
 });

package/dist/Request/Injection.d.ts

@@ -1,23 +1,21 @@
-import * as Body from './Body.js';
-import * as Headers from './Headers.js';
+import * as requestish from 'requestish';
 import * as Scope from './Scope.js';
-import * as URLSearchParams from './URLSearchParams.js';
 export type Injection = {
     /**
      * Search query parameters to include in server request (may be ovewritten by
      * computed values such as `state` or `challenge_code`)
      */
-    search?: URLSearchParams.ish;
+    search?: requestish.URLSearchParams.ish;
     /**
      * HTTP headers to include in server request (may be overwritten by computed
      * values such as `Authorization: Bearer <token>`)
      */
-    headers?: Headers.ish;
+    headers?: requestish.Headers.ish;
     /**
      * HTTP request body parameters to include in server request (if request
      * method allows)
      */
-    body?: Body.ish;
+    body?: requestish.Body.ish;
     /** Specific scope or scopes */
     scope?: Scope.ish;
 };

package/dist/Request/index.d.ts

@@ -1,6 +1,2 @@
-export * as Body from './Body.js';
-export * as Headers from './Headers.js';
 export * from './Injection.js';
 export * as Scope from './Scope.js';
-export * as URL from './URL.js';
-export * as URLSearchParams from './URLSearchParams.js';

package/dist/Request/index.js

@@ -1,6 +1,2 @@
-export * as Body from './Body.js';
-export * as Headers from './Headers.js';
 export * from './Injection.js';
 export * as Scope from './Scope.js';
-export * as URL from './URL.js';
-export * as URLSearchParams from './URLSearchParams.js';

package/dist/Session.d.ts

@@ -37,7 +37,7 @@ export declare class Session {
      */
     authorizationCodeGrant(): Promise<Token.Response>;
     /** OAuth 2.0 redirect_uri that this session is handling */
-    get redirect_uri(): Req.URL.ish;
+    get redirect_uri(): import("requestish/dist/URL.js").ish;
     getAuthorizationUrl(): Promise<string>;
     /**
      * Express RequestHandler for the out-of-band redirect in the Authorization

package/dist/WebServer.js

@@ -2,8 +2,8 @@ import express from 'express';
 import * as gcrtl from 'gcrtl';
 import fs from 'node:fs';
 import path from 'node:path';
+import * as requestish from 'requestish';
 import * as Errors from './Errors/index.js';
-import * as Req from './Request/index.js';
 let ejs = undefined;
 try {
     ejs = (await import('ejs')).default;
@@ -28,7 +28,7 @@ export class WebServer {
         this.session = session;
         this.authorization_endpoint = authorize_endpoint;
         this.views = views;
-        const url = Req.URL.from(this.session.redirect_uri);
+        const url = requestish.URL.from(this.session.redirect_uri);
         this.port = url.port;
         if (WebServer.activePorts.includes(this.port)) {
             throw new Errors.PortCollision(url.port);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "oauth2-cli",
-  "version": "0.6.0",
+  "version": "0.7.0",
   "description": "Acquire API access tokens via OAuth 2.0 within CLI tools",
   "homepage": "https://github.com/battis/oauth2-cli/tree/main/packages/oauth2-cli#readme",
   "repository": {
@@ -23,7 +23,8 @@
     "oauth4webapi": "^3.8.4",
     "open": "^11.0.0",
     "openid-client": "^6.8.2",
-    "ora": "^9.3.0"
+    "ora": "^9.3.0",
+    "requestish": "0.1.0"
   },
   "devDependencies": {
     "@battis/descriptive-types": "^0.2.6",

package/dist/Request/Body.d.ts

@@ -1,3 +0,0 @@
-import { FetchBody } from 'openid-client';
-export type ish = FetchBody | FormData | Record<string, string> | RequestInit['body'];
-export declare function from(body: ish): Promise<FetchBody | undefined>;

package/dist/Request/Body.js

@@ -1,19 +0,0 @@
-import { isRecord } from '@battis/typescript-tricks';
-function isString(obj) {
-    return typeof obj === 'string';
-}
-export async function from(body) {
-    if (body === undefined ||
-        body === null ||
-        typeof body === 'string' ||
-        body instanceof ArrayBuffer ||
-        body instanceof ReadableStream ||
-        body instanceof Uint8Array ||
-        body instanceof URLSearchParams) {
-        return body;
-    }
-    else if (isRecord(body, isString, isString)) {
-        return new URLSearchParams(body);
-    }
-    return new Response(body).arrayBuffer();
-}

package/dist/Request/Headers.d.ts

@@ -1,3 +0,0 @@
-export type ish = Headers | NonNullable<RequestInit['headers']> | Record<string, string> | [string, string][];
-export declare function from(headers?: ish): Headers;
-export declare function merge(a?: ish, b?: ish): Headers | undefined;

package/dist/Request/Headers.js

@@ -1,20 +0,0 @@
-export function from(headers) {
-    if (headers instanceof Headers) {
-        return headers;
-    }
-    return new Headers(headers);
-}
-export function merge(a, b) {
-    if (a && !b) {
-        return from(a);
-    }
-    else if (!a && b) {
-        return from(b);
-    }
-    else if (a && b) {
-        const headers = from(a);
-        from(b).forEach((value, key) => headers.set(key, value));
-        return headers;
-    }
-    return undefined;
-}

package/dist/Request/URL.d.ts

@@ -1,4 +0,0 @@
-import { URLString } from '@battis/descriptive-types';
-export type ish = URL | URLString;
-export declare function from(url: ish): URL;
-export declare function toString(url: ish): URLString;

package/dist/Request/URL.js

@@ -1,12 +0,0 @@
-export function from(url) {
-    if (url instanceof URL) {
-        return url;
-    }
-    return new URL(url);
-}
-export function toString(url) {
-    if (typeof url === 'string') {
-        return url;
-    }
-    return url.toString();
-}

package/dist/Request/URLSearchParams.d.ts

@@ -1,6 +0,0 @@
-import { ish as URLish } from './URL.js';
-export type ish = URLSearchParams | Record<string, string>;
-export declare function from(search: ish): URLSearchParams;
-export declare function toString(search: ish): string;
-export declare function merge(a?: ish, b?: ish): URLSearchParams | undefined;
-export declare function appendTo(url: URLish, search: ish): URLish;

package/dist/Request/URLSearchParams.js

@@ -1,37 +0,0 @@
-export function from(search) {
-    if (search instanceof URLSearchParams) {
-        return search;
-    }
-    return new URLSearchParams(search);
-}
-export function toString(search) {
-    const query = from(search).toString();
-    if (query.length) {
-        return `?${query}`;
-    }
-    return '';
-}
-export function merge(a, b) {
-    if (a && !b) {
-        return from(a);
-    }
-    else if (!a && b) {
-        return from(b);
-    }
-    else if (a && b) {
-        const search = from(a);
-        from(b).forEach((value, key) => search.set(key, value));
-        return search;
-    }
-    return undefined;
-}
-export function appendTo(url, search) {
-    if (url instanceof URL) {
-        const result = new URL(url);
-        result.search = toString(search);
-        return result;
-    }
-    else {
-        return url.replace(/(.+)(\?.*)?$/, `$1${toString(search)}`);
-    }
-}