Enhanced Backend Functionality for Service Authorization (#274)

Co-authored-by: Nam Le <[email protected]>

change/@itwin-oidc-signin-tool-f7af6224-96ff-4c13-89e9-9d3897009e58.json

@@ -0,0 +1,7 @@
+{
+  "type": "minor",
+  "comment": "a new backend function that uses the ServiceAuthorizationClient to get an access token",
+  "packageName": "@itwin/oidc-signin-tool",
+  "email": "[email protected]",
+  "dependentChangeType": "patch"
+}

package.json

@@ -33,9 +33,7 @@
     "url": "https://github.com/iTwin/auth-clients"
   },
   "devDependencies": {
-    "beachball": "^2.43.1",
-    "lage": "^2.7.18",
-    "path-browserify": "^1.0.0",
-    "process": "^0.11.10"
+    "beachball": "^2.49.1",
+    "lage": "^2.11.13"
   }
-}
+}

packages/oidc-signin-tool/src/certa/certaBackend.ts

@@ -7,9 +7,11 @@ import * as fs from "fs";
 import * as path from "path";
 import type { AccessToken } from "@itwin/core-bentley";
 import { registerBackendCallback } from "@itwin/certa/lib/utils/CallbackUtils";
+import type { ServiceAuthorizationClientConfiguration } from "@itwin/service-authorization";
+import { ServiceAuthorizationClient } from "@itwin/service-authorization";
 import type { TestBrowserAuthorizationClientConfiguration, TestUserCredentials } from "../TestUsers";
 import { TestUtility } from "../TestUtility";
-import { getTokenCallbackName } from "./certaCommon";
+import { getServiceAuthTokenCallbackName, getTokenCallbackName } from "./certaCommon";
 
 // A backend to use within Certa's `backendInitModule` to setup OIDC sign-in.
 
@@ -59,9 +61,23 @@ async function signin(user: TestUserCredentials, oidcConfig?: TestBrowserAuthori
   return token;
 }
 
+async function signinWithServiceAuthClient(oidcConfig: ServiceAuthorizationClientConfiguration): Promise<string> {
+  const serviceAuthClient = new ServiceAuthorizationClient(oidcConfig);
+  const accessToken = await serviceAuthClient.getAccessToken();
+  if (!accessToken) {
+    throw new Error("Failed to retrieve access token from ServiceAuthorizationClient.");
+  }
+
+  return accessToken;
+}
+
 registerBackendCallback(
   getTokenCallbackName,
   async (user: any, oidcConfig?: any): Promise<string> => {
     return signin(user, oidcConfig);
   },
 );
+
+registerBackendCallback(getServiceAuthTokenCallbackName, async (oidcConfig: ServiceAuthorizationClientConfiguration): Promise<string> => {
+  return signinWithServiceAuthClient(oidcConfig);
+});

packages/oidc-signin-tool/src/certa/certaCommon.ts

@@ -4,9 +4,11 @@
 *--------------------------------------------------------------------------------------------*/
 import { executeBackendCallback } from "@itwin/certa/lib/utils/CallbackUtils";
 import type { TestBrowserAuthorizationClientConfiguration, TestUserCredentials } from "../TestUsers";
+import type { ServiceAuthorizationClientConfiguration } from "@itwin/service-authorization";
 
 // Shared by both the frontend and backend side of the tests
 export const getTokenCallbackName = "getToken";
+export const getServiceAuthTokenCallbackName = "getServiceAuthToken";
 
 /**
  * Retrieves an access token from the backend using the specified user credentials.
@@ -15,3 +17,11 @@ export async function getAccessTokenFromBackend(user: TestUserCredentials, oidcC
   const accessToken = await executeBackendCallback(getTokenCallbackName, user, oidcConfig);
   return accessToken;
 }
+
+/**
+ * Retrieves a service authorization token from the backend.
+ */
+export async function getServiceAuthTokenFromBackend(oidcConfig: ServiceAuthorizationClientConfiguration): Promise<string> {
+  const accessToken = await executeBackendCallback(getServiceAuthTokenCallbackName, oidcConfig);
+  return accessToken;
+}