feat: support id token (AnWeber/vscode-httpyac#275)

src/models/openIdInformation.ts

@@ -31,11 +31,13 @@ export interface OpenIdConfiguration {
 export interface OpenIdInformation extends UserSession {
   time: number;
   config: OpenIdConfiguration;
+  idToken?: string;
   accessToken: string;
   expiresIn?: number;
   timeSkew: number;
   refreshToken?: string;
   refreshExpiresIn?: number;
+  scope?: string;
 }
 
 export interface OpenIdContext {

src/plugins/intellij/api/stubs/http-client.pre-request.ts

@@ -14,7 +14,7 @@ export interface PreRequestHttpClientRequest extends CommonHttpClientRequest {
   url: RequestUrl;
 }
 
-export interface RequestVariables {
+export interface PreRequestRequestVariables {
   /**
    * Saves variable with name 'varName' and sets its value to 'varValue'.
    */

src/plugins/intellij/replacer/replaceIntellijVariableAuth.ts

@@ -18,25 +18,28 @@ export async function replaceIntellijVariableAuth(
 async function getOAuthToken(variable: string, context: ProcessorContext) {
   const match = /^\$auth.(?<type>token|idToken)\s*\(\s*"?(?<name>[^"]*)"?\s*\)$/u.exec(variable);
   if (match && match.groups?.type && match.groups?.name) {
-    const authConfig = createOAuth2DynamicVariable(match.groups.name, context.variables);
-
+    const authConfig = getOpenIdConfiguration(match.groups.name, context.variables);
     if (!authConfig?.flow) {
       return undefined;
     }
     setVariableInContext(
       {
-        __intellij_oauth2__: authConfig.config,
+        intellij_oauth2: authConfig.config,
       },
       context
     );
 
-    const openIdInformation = await getOAuth2Response(authConfig.flow, '__intellij_oauth2__', context);
+    const openIdInformation = await getOAuth2Response(authConfig.flow, 'intellij_oauth2', context);
+
+    if (authConfig.useIdToken || match.groups.type === 'idToken') {
+      return openIdInformation?.idToken;
+    }
     return openIdInformation?.accessToken;
   }
   return undefined;
 }
 
-function createOAuth2DynamicVariable(name: string, variables: Variables) {
+function getOpenIdConfiguration(name: string, variables: Variables) {
   if (!isIntellijAuth(variables.Security)) {
     return undefined;
   }
@@ -66,6 +69,7 @@ function createOAuth2DynamicVariable(name: string, variables: Variables) {
 
   return {
     flow: mapGrantType(auth['Grant Type']),
+    useIdToken: auth['Use ID Token'],
     config,
   };
 }

src/plugins/oauth2/flow/authorizationCodeFlow.ts

@@ -40,7 +40,7 @@ class AuthorizationCodeFlow implements OpenIdFlow {
             state,
             audience: config.audience,
             resource: config.resource,
-            redirect_uri: config.redirectUri.toString(),
+            redirect_uri: config.redirectUri?.toString(),
             ...(code_verifier
               ? { code_challenge: this.createSha256(code_verifier), code_challenge_method: 'S256' }
               : {}),
@@ -56,8 +56,8 @@ class AuthorizationCodeFlow implements OpenIdFlow {
 
           registerListener({
             id: state,
-            port: config.serverPort || Number(config.redirectUri.port),
-            path: config.redirectUri.pathname,
+            port: config.serverPort || Number(config.redirectUri?.port),
+            path: config.redirectUri?.pathname || '',
             name: `authorization for ${config.clientId}: ${config.authorizationEndpoint}`,
             resolve: params => {
               if (params.code && params.state === state) {
@@ -72,7 +72,7 @@ class AuthorizationCodeFlow implements OpenIdFlow {
                       grant_type: 'authorization_code',
                       scope: config.scope ?? 'opendid',
                       code: params.code,
-                      redirect_uri: config.redirectUri.toString(),
+                      redirect_uri: config.redirectUri?.toString(),
                       ...(code_verifier ? { code_verifier } : {}),
                     }),
                   },

src/plugins/oauth2/flow/implicitFlow.ts

@@ -41,7 +41,7 @@ class ImplicitFlow implements OpenIdFlow {
             response_mode: config.responseMode,
             audience: config.audience,
             resource: config.resource,
-            redirect_uri: config.redirectUri.toString(),
+            redirect_uri: config.redirectUri?.toString(),
           })}`;
 
           let unregisterProgress: (() => void) | undefined;
@@ -54,8 +54,8 @@ class ImplicitFlow implements OpenIdFlow {
 
           registerListener({
             id: state,
-            port: config.serverPort || Number(config.redirectUri.port),
-            path: config.redirectUri.pathname,
+            port: config.serverPort || Number(config.redirectUri?.port),
+            path: config.redirectUri?.pathname || '',
             name: `authorization for ${config.clientId}: ${config.authorizationEndpoint}`,
             resolve: params => {
               if (params.state === state) {
@@ -68,7 +68,7 @@ class ImplicitFlow implements OpenIdFlow {
                         grant_type: 'authorization_code',
                         scope: config.scope,
                         code: params.code,
-                        redirect_uri: config.redirectUri.toString(),
+                        redirect_uri: config.redirectUri?.toString(),
                       }),
                     },
                     {

src/plugins/oauth2/flow/requestOpenIdInformation.ts

@@ -91,6 +91,8 @@ export function toOpenIdInformation(
       refreshToken: jwtToken.refresh_token,
       refreshExpiresIn: jwtToken.refresh_expires_in,
       timeSkew: parsedToken?.iat ? Math.floor(time / 1000) - parsedToken.iat : 0,
+      idToken: jwtToken.id_token,
+      scope: jwtToken.scope,
     };
   }
   return false;
@@ -102,8 +104,10 @@ export function isAuthToken(obj: unknown): obj is AuthToken {
 }
 
 interface AuthToken {
+  id_token?: string;
   access_token: string;
   expires_in?: number;
   refresh_token?: string;
   refresh_expires_in?: number;
+  scope?: string;
 }