diff --git a/Sources/Flows/OAuth2.swift b/Sources/Flows/OAuth2.swift index 896aa67..a655661 100644 --- a/Sources/Flows/OAuth2.swift +++ b/Sources/Flows/OAuth2.swift @@ -21,6 +21,7 @@ import Foundation #if !NO_MODULE_IMPORT import Base + import Constants #if os(macOS) import macOS #elseif os(iOS) || os(visionOS) @@ -358,7 +359,7 @@ open class OAuth2: OAuth2Base { } let req = OAuth2AuthRequest(url: (clientConfig.refreshURL ?? clientConfig.tokenURL ?? clientConfig.authorizeURL)) - req.params["grant_type"] = "refresh_token" + req.params["grant_type"] = OAuth2GrantTypes.refreshToken req.params["refresh_token"] = refreshToken if let clientId = clientId { req.params["client_id"] = clientId @@ -423,11 +424,11 @@ open class OAuth2: OAuth2Base { } let req = OAuth2AuthRequest(url: (clientConfig.tokenURL ?? clientConfig.authorizeURL)) - req.params["grant_type"] = "urn:ietf:params:oauth:grant-type:token-exchange" + req.params["grant_type"] = OAuth2GrantTypes.tokenExchange req.params["audience"] = audienceClientId - req.params["requested_token_type"] = "urn:ietf:params:oauth:token-type:refresh_token" + req.params["requested_token_type"] = OAuth2TokenTypeIdentifiers.refreshToken req.params["subject_token"] = refreshToken - req.params["subject_token_type"] = "urn:ietf:params:oauth:token-type:refresh_token" + req.params["subject_token_type"] = OAuth2TokenTypeIdentifiers.refreshToken req.add(params: params) return req @@ -512,12 +513,12 @@ open class OAuth2: OAuth2Base { } let req = OAuth2AuthRequest(url: (clientConfig.tokenURL ?? clientConfig.authorizeURL)) - req.params["grant_type"] = "urn:ietf:params:oauth:grant-type:token-exchange" + req.params["grant_type"] = OAuth2GrantTypes.tokenExchange req.params["resource"] = resourceUrl.appendingPathComponent(resourcePath).absoluteString req.params["scope"] = clientConfig.scope - req.params["requested_token_type"] = "urn:ietf:params:oauth:token-type:access_token" + req.params["requested_token_type"] = OAuth2TokenTypeIdentifiers.accessToken req.params["subject_token"] = accessToken - req.params["subject_token_type"] = "urn:ietf:params:oauth:token-type:access_token" + req.params["subject_token_type"] = OAuth2TokenTypeIdentifiers.accessToken req.add(params: params) return req diff --git a/Sources/Flows/OAuth2ClientCredentials.swift b/Sources/Flows/OAuth2ClientCredentials.swift index dc44e4e..eb5e8c3 100644 --- a/Sources/Flows/OAuth2ClientCredentials.swift +++ b/Sources/Flows/OAuth2ClientCredentials.swift @@ -21,6 +21,7 @@ import Foundation #if !NO_MODULE_IMPORT import Base +import Constants #endif @@ -30,7 +31,7 @@ Class to handle two-legged OAuth2 requests of the "client_credentials" type. open class OAuth2ClientCredentials: OAuth2 { override open class var grantType: String { - return "client_credentials" + return OAuth2GrantTypes.clientCredentials } override open func doAuthorize(params inParams: OAuth2StringDict? = nil) { diff --git a/Sources/Flows/OAuth2CodeGrant.swift b/Sources/Flows/OAuth2CodeGrant.swift index f97a40a..8d01288 100644 --- a/Sources/Flows/OAuth2CodeGrant.swift +++ b/Sources/Flows/OAuth2CodeGrant.swift @@ -21,6 +21,7 @@ import Foundation #if !NO_MODULE_IMPORT import Base +import Constants #endif @@ -34,11 +35,11 @@ key will be embedded into the request body. open class OAuth2CodeGrant: OAuth2 { override open class var grantType: String { - return "authorization_code" + return OAuth2GrantTypes.authorizationCode } override open class var responseType: String? { - return "code" + return OAuth2ResponseTypes.code } diff --git a/Sources/Flows/OAuth2DeviceGrant.swift b/Sources/Flows/OAuth2DeviceGrant.swift index c838dac..b70089a 100644 --- a/Sources/Flows/OAuth2DeviceGrant.swift +++ b/Sources/Flows/OAuth2DeviceGrant.swift @@ -21,12 +21,13 @@ import Foundation #if !NO_MODULE_IMPORT import Base +import Constants #endif /// https://www.ietf.org/rfc/rfc8628.html open class OAuth2DeviceGrant: OAuth2 { override open class var grantType: String { - return "urn:ietf:params:oauth:grant-type:device_code" + return OAuth2GrantTypes.deviceCode } override open class var responseType: String? { @@ -39,7 +40,7 @@ open class OAuth2DeviceGrant: OAuth2 { } let req = OAuth2AuthRequest(url: (clientConfig.tokenURL ?? clientConfig.authorizeURL)) - req.params["device_code"] = deviceCode + req.params["device_code"] = OAuth2GrantTypes.deviceCode req.params["grant_type"] = type(of: self).grantType req.params["client_id"] = clientId return req diff --git a/Sources/Flows/OAuth2ImplicitGrant.swift b/Sources/Flows/OAuth2ImplicitGrant.swift index 3101f0b..7d6c310 100644 --- a/Sources/Flows/OAuth2ImplicitGrant.swift +++ b/Sources/Flows/OAuth2ImplicitGrant.swift @@ -21,6 +21,7 @@ import Foundation #if !NO_MODULE_IMPORT import Base +import Constants #endif @@ -30,11 +31,11 @@ Class to handle OAuth2 requests for public clients, such as distributed Mac/iOS open class OAuth2ImplicitGrant: OAuth2 { override open class var grantType: String { - return "implicit" + return OAuth2GrantTypes.implicit } override open class var responseType: String? { - return "token" + return OAuth2ResponseTypes.token } override open func handleRedirectURL(_ redirect: URL) { diff --git a/Sources/Flows/OAuth2PasswordGrant.swift b/Sources/Flows/OAuth2PasswordGrant.swift index 02c7ef8..8f9a186 100644 --- a/Sources/Flows/OAuth2PasswordGrant.swift +++ b/Sources/Flows/OAuth2PasswordGrant.swift @@ -21,6 +21,7 @@ import Foundation #if !NO_MODULE_IMPORT import Base + import Constants #if os(macOS) import macOS #elseif os(iOS) || os(visionOS) @@ -53,7 +54,7 @@ If no credentials are set when authorizing, a native controller is shown so that open class OAuth2PasswordGrant: OAuth2 { override open class var grantType: String { - return "password" + return OAuth2GrantTypes.password } override open class var clientIdMandatory: Bool {