Release version 29.

Eric Koleda · Eric Koleda · commit 15ebf8afa62b · 2018-08-09T09:41:44.000-04:00
diff --git a/dist/OAuth2.gs b/dist/OAuth2.gs
@@ -370,6 +370,20 @@ Service_.prototype.setExpirationMinutes = function(expirationMinutes) {
   return this;
 };
 
+/**
+ * Sets the OAuth2 grant_type to use when obtaining an access token. This does
+ * not need to be set when using either the authorization code flow (AKA
+ * 3-legged OAuth) or the service account flow. The most common usage is to set
+ * it to "client_credentials" and then also set the token headers to include
+ * the Authorization header required by the OAuth2 provider.
+ * @param {string} grantType The OAuth2 grant_type value.
+ * @return {Service_} This service, for chaining.
+ */
+Service_.prototype.setGrantType = function(grantType) {
+  this.grantType_ = grantType;
+  return this;
+};
+
 /**
  * Gets the authorization URL. The first step in getting an OAuth2 token is to
  * have the user visit this URL and approve the authorization request. The
@@ -425,29 +439,14 @@ Service_.prototype.handleCallback = function(callbackRequest) {
     'Token URL': this.tokenUrl_
   });
   var redirectUri = getRedirectUri(this.scriptId_);
-  var headers = {
-    'Accept': this.tokenFormat_
-  };
-  if (this.tokenHeaders_) {
-    headers = extend_(headers, this.tokenHeaders_);
-  }
-  var tokenPayload = {
+  var payload = {
     code: code,
     client_id: this.clientId_,
     client_secret: this.clientSecret_,
     redirect_uri: redirectUri,
     grant_type: 'authorization_code'
   };
-  if (this.tokenPayloadHandler_) {
-    tokenPayload = this.tokenPayloadHandler_(tokenPayload);
-  }
-  var response = UrlFetchApp.fetch(this.tokenUrl_, {
-    method: 'post',
-    headers: headers,
-    payload: tokenPayload,
-    muteHttpExceptions: true
-  });
-  var token = this.getTokenFromResponse_(response);
+  var token = this.fetchToken_(payload);
   this.saveToken_(token);
   return true;
 };
@@ -463,21 +462,18 @@ Service_.prototype.hasAccess = function() {
   return this.lockable_(function() {
     var token = this.getToken();
     if (!token || this.isExpired_(token)) {
-      if (token && this.canRefresh_(token)) {
-        try {
+      try {
+        if (token && this.canRefresh_(token)) {
           this.refresh();
-        } catch (e) {
-          this.lastError_ = e;
-          return false;
-        }
-      } else if (this.privateKey_) {
-        try {
+        } else if (this.privateKey_) {
           this.exchangeJwt_();
-        } catch (e) {
-          this.lastError_ = e;
+        } else if (this.grantType_) {
+          this.exchangeGrant_();
+        } else {
           return false;
         }
-      } else {
+      } catch (e) {
+        this.lastError_ = e;
         return false;
       }
     }
@@ -525,6 +521,34 @@ Service_.prototype.getRedirectUri = function() {
   return getRedirectUri(this.scriptId_);
 };
 
+
+/**
+ * Fetches a new token from the OAuth server.
+ * @param {Object} payload The token request payload.
+ * @param {string} [optUrl] The URL of the token endpoint.
+ * @return {Object} The parsed token.
+ */
+Service_.prototype.fetchToken_ = function(payload, optUrl) {
+  // Use the configured token URL unless one is specified.
+  var url = optUrl || this.tokenUrl_;
+  var headers = {
+    'Accept': this.tokenFormat_
+  };
+  if (this.tokenHeaders_) {
+    headers = extend_(headers, this.tokenHeaders_);
+  }
+  if (this.tokenPayloadHandler_) {
+    tokenPayload = this.tokenPayloadHandler_(payload);
+  }
+  var response = UrlFetchApp.fetch(url, {
+    method: 'post',
+    headers: headers,
+    payload: payload,
+    muteHttpExceptions: true
+  });
+  return this.getTokenFromResponse_(response);
+};
+
 /**
  * Gets the token from a UrlFetchApp response.
  * @param {UrlFetchApp.HTTPResponse} response The response object.
@@ -595,30 +619,13 @@ Service_.prototype.refresh = function() {
     if (!token.refresh_token) {
       throw new Error('Offline access is required.');
     }
-    var headers = {
-      Accept: this.tokenFormat_
-    };
-    if (this.tokenHeaders_) {
-      headers = extend_(headers, this.tokenHeaders_);
-    }
-    var tokenPayload = {
+    var payload = {
         refresh_token: token.refresh_token,
         client_id: this.clientId_,
         client_secret: this.clientSecret_,
         grant_type: 'refresh_token'
     };
-    if (this.tokenPayloadHandler_) {
-      tokenPayload = this.tokenPayloadHandler_(tokenPayload);
-    }
-    // Use the refresh URL if specified, otherwise fallback to the token URL.
-    var url = this.refreshUrl_ || this.tokenUrl_;
-    var response = UrlFetchApp.fetch(url, {
-      method: 'post',
-      headers: headers,
-      payload: tokenPayload,
-      muteHttpExceptions: true
-    });
-    var newToken = this.getTokenFromResponse_(response);
+    var newToken = this.fetchToken_(payload, this.refreshUrl_);
     if (!newToken.refresh_token) {
       newToken.refresh_token = token.refresh_token;
     }
@@ -706,22 +713,11 @@ Service_.prototype.exchangeJwt_ = function() {
     'Token URL': this.tokenUrl_
   });
   var jwt = this.createJwt_();
-  var headers = {
-    'Accept': this.tokenFormat_
+  var payload = {
+    assertion: jwt,
+    grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer'
   };
-  if (this.tokenHeaders_) {
-    headers = extend_(headers, this.tokenHeaders_);
-  }
-  var response = UrlFetchApp.fetch(this.tokenUrl_, {
-    method: 'post',
-    headers: headers,
-    payload: {
-      assertion: jwt,
-      grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer'
-    },
-    muteHttpExceptions: true
-  });
-  var token = this.getTokenFromResponse_(response);
+  var token = this.fetchToken_(payload);
   this.saveToken_(token);
 };
 
@@ -783,6 +779,24 @@ Service_.prototype.lockable_ = function(func) {
   return result;
 };
 
+/**
+ * Obtain an access token using the custom grant type specified. Most often
+ * this will be "client_credentials", in which case make sure to also specify an
+ * Authorization header if required by your OAuth provider.
+ */
+Service_.prototype.exchangeGrant_ = function() {
+  validate_({
+    'Grant Type': this.grantType_,
+    'Token URL': this.tokenUrl_
+  });
+  var payload = {
+    grant_type: this.grantType_
+  };
+  payload = extend_(payload, this.params_);
+  var token = this.fetchToken_(payload);
+  this.saveToken_(token);
+};
+
 // Copyright 2017 Google Inc. All Rights Reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "apps-script-oauth2",
-  "version": "1.28.0",
+  "version": "1.29.0",
   "description": "OAuth2 for Apps Script is a library for Google Apps Script that provides the ability to create and authorize OAuth2 tokens as well as refresh them when they expire.",
   "repository": {
     "type": "git",

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "apps-script-oauth2",`
`3`		`- "version": "1.28.0",`
	`3`	`+ "version": "1.29.0",`
`4`	`4`	`"description": "OAuth2 for Apps Script is a library for Google Apps Script that provides the ability to create and authorize OAuth2 tokens as well as refresh them when they expire.",`
`5`	`5`	`"repository": {`
`6`	`6`	`"type": "git",`