[BC] CreateClientCommand is no accepting grants and the 'noSecret' to prevent secret generation

Nicolas MACHEREY · Nicolas MACHEREY · commit d4481aee7584 · 2020-02-27T18:09:43.000+01:00
diff --git a/lib/app/command/create-client.command.ts b/lib/app/command/create-client.command.ts
@@ -6,6 +6,8 @@ export class CreateClientCommand {
         public readonly name: string,
         public readonly scope: string,
         public readonly clientId ?: string,
+        public readonly grants ?: string[],
+        public readonly noSecret ?: boolean,
         public readonly accessTokenLifetime?: number,
         public readonly refreshTokenLifetime?: number,
     ) {}
diff --git a/lib/app/command/create-client.handler.ts b/lib/app/command/create-client.handler.ts
@@ -28,10 +28,14 @@ export class CreateClientHandler implements ICommandHandler<CreateClientCommand>
         const client = new ClientEntity();
         client.name = command.name;
         client.clientId = command.clientId || uuid();
-        client.clientSecret = crypto.randomBytes(32).toString('hex');
+        if (!command.noSecret) {
+            client.clientSecret = crypto.randomBytes(32).toString('hex');
+        }
+
         client.scope = command.scope;
         client.accessTokenLifetime = command.accessTokenLifetime || 3600;
         client.refreshTokenLifetime = command.refreshTokenLifetime || 7200;
+        client.grants = command.grants || ['client_credentials', 'refresh_token'];
 
         // generate keys
         const attrs = [{ name: 'commonName', value: command.name }];
diff --git a/test/unit/app/command/create-client.handler.spec.ts b/test/unit/app/command/create-client.handler.spec.ts
@@ -80,6 +80,8 @@ describe('Create Client Command Handler', () => {
             'client-1',
             '["app-1", "app-2"]',
             'client-id',
+            ['client_credentials', 'refresh_token'],
+            false,
             1000,
             3600
         ));
@@ -89,6 +91,32 @@ describe('Create Client Command Handler', () => {
             scope: '["app-1", "app-2"]',
             clientId: 'client-id',
             clientSecret: expect.any(String),
+            grants: ['client_credentials', 'refresh_token'],
+            accessTokenLifetime: 1000,
+            refreshTokenLifetime: 3600,
+        }));
+
+        serviceSpy.mockRestore();
+    });
+
+    it('"CreateClientHandler::execute": should create the Client with no secret when asked', async () => {
+        const serviceSpy = jest.spyOn(clientRepositoryMock, 'create');
+
+        await handler.execute(new CreateClientCommand(
+            'client-1',
+            '["app-1", "app-2"]',
+            'client-id',
+            ['password_grant', 'refresh_token'],
+            true,
+            1000,
+            3600
+        ));
+
+        expect(serviceSpy).toBeCalledWith(expect.objectContaining({
+            name: 'client-1',
+            scope: '["app-1", "app-2"]',
+            clientId: 'client-id',
+            grants: ['password_grant', 'refresh_token'],
             accessTokenLifetime: 1000,
             refreshTokenLifetime: 3600,
         }));
