From c81d7f0f30120ee264cf22e55c428d6943736bb5 Mon Sep 17 00:00:00 2001
From: Christopher Giroir <kelsin@valefor.com>
Date: Mon, 21 Mar 2022 13:53:07 -0700
Subject: [PATCH] feat(docker): add OAUTH_USE_BASIC_AUTH env (#7474)

Makes the last `initOAuth` variable configurable via environment
variables in the swagger-ui docker image.

Co-authored-by: Christopher Giroir <chrisgiroir@improbable.io>
Co-authored-by: Tim Lai <timothy.lai@gmail.com>
---
 dev-helpers/index.html       | 1 +
 docker/configurator/oauth.js | 4 ++++
 docs/usage/oauth2.md         | 3 ++-
 test/unit/docker/oauth.js    | 4 ++++
 4 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/dev-helpers/index.html b/dev-helpers/index.html
index 2b92c403..5d3837c7 100644
--- a/dev-helpers/index.html
+++ b/dev-helpers/index.html
@@ -59,6 +59,7 @@
         scopeSeparator: " ",
         scopes: "openid profile email phone address",
         additionalQueryStringParams: {},
+        useBasicAuthenticationWithAccessCodeGrant: false,
         usePkceWithAuthorizationCodeGrant: false
       })
     }
diff --git a/docker/configurator/oauth.js b/docker/configurator/oauth.js
index 46c17441..44c12236 100644
--- a/docker/configurator/oauth.js
+++ b/docker/configurator/oauth.js
@@ -31,6 +31,10 @@ const oauthBlockSchema = {
     type: "object",
     name: "additionalQueryStringParams"
   },
+  OAUTH_USE_BASIC_AUTH: {
+    type: "boolean",
+    name: "useBasicAuthenticationWithAccessCodeGrant"
+  },
   OAUTH_USE_PKCE: {
     type: "boolean",
     name: "usePkceWithAuthorizationCodeGrant"
diff --git a/docs/usage/oauth2.md b/docs/usage/oauth2.md
index 5e5d9657..5c14f7b5 100644
--- a/docs/usage/oauth2.md
+++ b/docs/usage/oauth2.md
@@ -10,7 +10,7 @@ appName | `OAUTH_APP_NAME` |application name, displayed in authorization popup.
 scopeSeparator | `OAUTH_SCOPE_SEPARATOR` |scope separator for passing scopes, encoded before calling, default value is a space (encoded value `%20`). MUST be a string
 scopes | `OAUTH_SCOPES` |string array or scope separator (i.e. space) separated string of initially selected oauth scopes, default is empty array
 additionalQueryStringParams | `OAUTH_ADDITIONAL_PARAMS` |Additional query parameters added to `authorizationUrl` and `tokenUrl`. MUST be an object
-useBasicAuthenticationWithAccessCodeGrant | _Unavailable_ |Only activated for the `accessCode` flow.  During the `authorization_code` request to the `tokenUrl`, pass the [Client Password](https://tools.ietf.org/html/rfc6749#section-2.3.1) using the HTTP Basic Authentication scheme (`Authorization` header with `Basic base64encode(client_id + client_secret)`).  The default is `false`
+useBasicAuthenticationWithAccessCodeGrant | `OAUTH_USE_BASIC_AUTH` |Only activated for the `accessCode` flow.  During the `authorization_code` request to the `tokenUrl`, pass the [Client Password](https://tools.ietf.org/html/rfc6749#section-2.3.1) using the HTTP Basic Authentication scheme (`Authorization` header with `Basic base64encode(client_id + client_secret)`).  The default is `false`
 usePkceWithAuthorizationCodeGrant | `OAUTH_USE_PKCE` | Only applies to `authorizatonCode` flows. [Proof Key for Code Exchange](https://tools.ietf.org/html/rfc7636) brings enhanced security for OAuth public clients. The default is `false`
 
 ```javascript
@@ -25,6 +25,7 @@ ui.initOAuth({
     scopeSeparator: " ",
     scopes: "openid profile",
     additionalQueryStringParams: {test: "hello"},
+    useBasicAuthenticationWithAccessCodeGrant: true,
     usePkceWithAuthorizationCodeGrant: true
   })
 ```
diff --git a/test/unit/docker/oauth.js b/test/unit/docker/oauth.js
index a251bdb8..6aa9bcd2 100644
--- a/test/unit/docker/oauth.js
+++ b/test/unit/docker/oauth.js
@@ -22,6 +22,7 @@ describe("docker: env translator - oauth block", function() {
       OAUTH_APP_NAME: ``,
       OAUTH_SCOPE_SEPARATOR: "",
       OAUTH_ADDITIONAL_PARAMS: ``,
+      OAUTH_USE_BASIC_AUTH: false,
       OAUTH_USE_PKCE: false
     }
 
@@ -33,6 +34,7 @@ describe("docker: env translator - oauth block", function() {
       appName: "",
       scopeSeparator: "",
       additionalQueryStringParams: undefined,
+      useBasicAuthenticationWithAccessCodeGrant: false,
       usePkceWithAuthorizationCodeGrant: false,
     })`))
   })
@@ -45,6 +47,7 @@ describe("docker: env translator - oauth block", function() {
       OAUTH_APP_NAME: `myAppName`,
       OAUTH_SCOPE_SEPARATOR: "%21",
       OAUTH_ADDITIONAL_PARAMS: `{ "a": 1234, "b": "stuff" }`,
+      OAUTH_USE_BASIC_AUTH: true,
       OAUTH_USE_PKCE: true
     }
 
@@ -56,6 +59,7 @@ describe("docker: env translator - oauth block", function() {
       appName: "myAppName",
       scopeSeparator: "%21",
       additionalQueryStringParams: { "a": 1234, "b": "stuff" },
+      useBasicAuthenticationWithAccessCodeGrant: true,
       usePkceWithAuthorizationCodeGrant: true,
     })`))
   })