oauth2-cli 1.2.1 → 1.2.4

package/CHANGELOG.md

@@ -2,6 +2,22 @@
 
 All notable changes to this project will be documented in this file. See [commit-and-tag-version](https://github.com/absolute-version/commit-and-tag-version) for commit guidelines.
 
+## [1.2.4](https://github.com/battis/oauth2-cli/compare/oauth2-cli/1.2.3...oauth2-cli/1.2.4) (2026-03-08)
+
+
+### Bug Fixes
+
+* actually fix base_url completion removing search params ([2575df7](https://github.com/battis/oauth2-cli/commit/2575df7250ec1c5c0ba76ab5f7babc40b2e5a07d))
+
+## [1.2.3](https://github.com/battis/oauth2-cli/compare/oauth2-cli/1.2.2...oauth2-cli/1.2.3) (2026-03-08)
+
+## [1.2.2](https://github.com/battis/oauth2-cli/compare/oauth2-cli/1.2.1...oauth2-cli/1.2.2) (2026-03-08)
+
+
+### Bug Fixes
+
+* don't lose search params when building url from base or credentials.issuer ([a328c96](https://github.com/battis/oauth2-cli/commit/a328c9693d0a39cccc7d6f38bd24065b6f633c1b))
+
 ## [1.2.1](https://github.com/battis/oauth2-cli/compare/oauth2-cli/1.2.0...oauth2-cli/1.2.1) (2026-03-08)
 
 

package/dist/Client.d.ts

@@ -2,7 +2,7 @@ import { JSONValue } from '@battis/typescript-tricks';
 import { Request } from 'express';
 import { EventEmitter } from 'node:events';
 import * as OpenIDClient from 'openid-client';
-import { Body, Headers, URL } from 'requestish';
+import * as requestish from 'requestish';
 import { Credentials } from './Credentials.js';
 import { Injection } from './Injection.js';
 import * as Localhost from './Localhost/index.js';
@@ -26,7 +26,7 @@ export declare class Client<C extends Credentials = Credentials> extends EventEm
     /** Credentials for server access */
     credentials: C;
     /** Base URL for all non-absolute requests */
-    base_url?: URL.ish;
+    base_url?: requestish.URL.ish;
     /**
      * `openid-client` configuration metadata (either dervied from
      * {@link credentials}) or requested from the well-known OpenID configuration
@@ -117,7 +117,7 @@ export declare class Client<C extends Credentials = Credentials> extends EventEm
      * @param body Optional
      * @param dPoPOptions Optional, see {@link OpenIDClient.DPoPOptions}
      */
-    request(url: URL.ish, method?: string, body?: Body.ish, headers?: Headers.ish, dPoPOptions?: OpenIDClient.DPoPOptions): Promise<Response>;
+    request(url: requestish.URL.ish, method?: string, body?: requestish.Body.ish, headers?: requestish.Headers.ish, dPoPOptions?: OpenIDClient.DPoPOptions): Promise<Response>;
     /**
      * Available hook to manipulate a fully-prepared request before sending to the
      * server
@@ -134,7 +134,7 @@ export declare class Client<C extends Credentials = Credentials> extends EventEm
      * Returns the result of {@link request} as a parsed JSON object, optionally
      * typed as `J`
      */
-    requestJSON<J extends JSONValue = JSONValue>(url: URL.ish, method?: string, body?: Body.ish, headers?: Headers.ish, dPoPOptions?: OpenIDClient.DPoPOptions): Promise<J>;
+    requestJSON<J extends JSONValue = JSONValue>(url: requestish.URL.ish, method?: string, body?: requestish.Body.ish, headers?: requestish.Headers.ish, dPoPOptions?: OpenIDClient.DPoPOptions): Promise<J>;
     /**
      * Request a protected resource using the client's access token.
      *
@@ -147,10 +147,10 @@ export declare class Client<C extends Credentials = Credentials> extends EventEm
      * @param dPoPOptions Optional, see {@link OpenIDClient.DPoPOptions}
      * @see {@link request} for which this is an alias for {@link https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API Fetch API}-style requests
      */
-    fetch(input: URL.ish, init?: RequestInit, dPoPOptions?: OpenIDClient.DPoPOptions): Promise<Response>;
+    fetch(input: requestish.URL.ish, init?: RequestInit, dPoPOptions?: OpenIDClient.DPoPOptions): Promise<Response>;
     /**
      * Returns the result of {@link fetch} as a parsed JSON object, optionally
      * typed as `J`
      */
-    fetchJSON<J extends JSONValue = JSONValue>(input: URL.ish, init?: RequestInit, dPoPOptions?: OpenIDClient.DPoPOptions): Promise<J>;
+    fetchJSON<J extends JSONValue = JSONValue>(input: requestish.URL.ish, init?: RequestInit, dPoPOptions?: OpenIDClient.DPoPOptions): Promise<J>;
 }

package/dist/Client.js

@@ -1,10 +1,9 @@
 import { Mutex } from 'async-mutex';
 import * as gcrtl from 'gcrtl';
 import { EventEmitter } from 'node:events';
-import path from 'node:path';
 import { text } from 'node:stream/consumers';
 import * as OpenIDClient from 'openid-client';
-import { Body, Headers, URL, URLSearchParams } from 'requestish';
+import * as requestish from 'requestish';
 import * as Localhost from './Localhost/index.js';
 import * as Token from './Token/index.js';
 /**
@@ -65,7 +64,7 @@ export class Client extends EventEmitter {
         let discovery = undefined;
         if (!this.config && this.credentials.issuer) {
             try {
-                this.config = await OpenIDClient.discovery(URL.from(this.credentials.issuer), this.credentials.client_id, { client_secret: this.credentials.client_secret });
+                this.config = await OpenIDClient.discovery(requestish.URL.from(this.credentials.issuer), this.credentials.client_id, { client_secret: this.credentials.client_secret });
             }
             catch (error) {
                 discovery = error;
@@ -73,9 +72,9 @@ export class Client extends EventEmitter {
         }
         if (!this.config && this.credentials?.authorization_endpoint) {
             this.config = new OpenIDClient.Configuration({
-                issuer: `https://${URL.from(this.credentials.authorization_endpoint).hostname}`,
-                authorization_endpoint: URL.toString(this.credentials.authorization_endpoint),
-                token_endpoint: URL.toString(this.credentials.token_endpoint ||
+                issuer: `https://${requestish.URL.from(this.credentials.authorization_endpoint).hostname}`,
+                authorization_endpoint: requestish.URL.toString(this.credentials.authorization_endpoint),
+                token_endpoint: requestish.URL.toString(this.credentials.token_endpoint ||
                     this.credentials.authorization_endpoint)
             }, this.credentials.client_id, { client_secret: this.credentials.client_secret });
         }
@@ -97,8 +96,8 @@ export class Client extends EventEmitter {
      *   Authorization Code flow session
      */
     async buildAuthorizationUrl(session) {
-        const params = URLSearchParams.from(this.inject?.search);
-        params.set('redirect_uri', URL.toString(this.credentials.redirect_uri));
+        const params = requestish.URLSearchParams.from(this.inject?.search);
+        params.set('redirect_uri', requestish.URL.toString(this.credentials.redirect_uri));
         params.set('code_challenge', await OpenIDClient.calculatePKCECodeChallenge(session.code_verifier));
         params.set('code_challenge_method', 'S256');
         params.set('state', session.state);
@@ -161,7 +160,7 @@ export class Client extends EventEmitter {
                 pkceCodeVerifier: session.code_verifier,
                 expectedState: session.state
             }, this.inject?.search
-                ? URLSearchParams.from(this.inject.search)
+                ? requestish.URLSearchParams.from(this.inject.search)
                 : undefined);
         }
         catch (cause) {
@@ -186,10 +185,10 @@ export class Client extends EventEmitter {
         }
         try {
             const token = await OpenIDClient.refreshTokenGrant(await this.getConfiguration(), refresh_token, this.inject?.search
-                ? URLSearchParams.from(this.inject.search)
+                ? requestish.URLSearchParams.from(this.inject.search)
                 : undefined, {
                 // @ts-expect-error 2322 undocumented arg pass-through to oauth4webapi
-                headers: Headers.merge(this.headers, inject?.headers)
+                headers: requestish.Headers.merge(this.headers, inject?.headers)
             });
             return await this.save(token);
         }
@@ -256,25 +255,34 @@ export class Client extends EventEmitter {
      */
     async request(url, method = 'GET', body, headers = {}, dPoPOptions) {
         try {
-            url = URL.from(url);
+            url = requestish.URL.from(url);
         }
         catch (error) {
             if (this.base_url || this.credentials.issuer) {
-                url = path.join(
-                // @ts-expect-error 2345 TS, I _just_ tested this!
-                URL.toString(this.base_url || this.credentials.issuer), URL.toString(url).replace(/^\/?/, ''));
+                try {
+                    url = new URL(url, this.base_url || this.credentials.issuer);
+                }
+                catch (error) {
+                    throw new Error(`${this.name} request url invalid`, {
+                        cause: {
+                            url,
+                            base_url: this.base_url,
+                            issuer: this.credentials.issuer,
+                            error
+                        }
+                    });
+                }
             }
             else {
                 throw new Error(`${this.name} request url invalid`, {
                     cause: {
-                        base_url: this.base_url,
-                        issuer: this.credentials.issuer,
+                        url,
                         error
                     }
                 });
             }
         }
-        const request = async () => await OpenIDClient.fetchProtectedResource(...(await this.prepareRequest(await this.getConfiguration(), (await this.getToken()).access_token, URL.from(URLSearchParams.appendTo(url, this.inject?.search || {})), method, await Body.from(body), Headers.merge(this.inject?.headers, headers), dPoPOptions)));
+        const request = async () => await OpenIDClient.fetchProtectedResource(...(await this.prepareRequest(await this.getConfiguration(), (await this.getToken()).access_token, requestish.URL.from(requestish.URLSearchParams.appendTo(url, this.inject?.search || {})), method, await requestish.Body.from(body), requestish.Headers.merge(this.inject?.headers, headers), dPoPOptions)));
         try {
             return this.prepareResponse(await request());
         }
@@ -348,7 +356,7 @@ export class Client extends EventEmitter {
      * @see {@link request} for which this is an alias for {@link https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API Fetch API}-style requests
      */
     async fetch(input, init, dPoPOptions) {
-        return await this.request(input, init?.method, await Body.from(init?.body), Headers.from(init?.headers), dPoPOptions);
+        return await this.request(input, init?.method, await requestish.Body.from(init?.body), requestish.Headers.from(init?.headers), dPoPOptions);
     }
     /**
      * Returns the result of {@link fetch} as a parsed JSON object, optionally

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "oauth2-cli",
-  "version": "1.2.1",
+  "version": "1.2.4",
   "description": "Acquire API access tokens via OAuth 2.0 / OpenID Connect within CLI tools",
   "homepage": "https://github.com/battis/oauth2-cli/tree/main/packages/oauth2-cli#readme",
   "repository": {
@@ -23,8 +23,8 @@
     "open": "^11.0.0",
     "openid-client": "^6.8.2",
     "ora": "^9.3.0",
-    "gcrtl": "0.1.11",
-    "requestish": "0.1.10"
+    "requestish": "0.1.10",
+    "gcrtl": "0.1.11"
   },
   "devDependencies": {
     "@battis/descriptive-types": "^0.2.6",