Added additional request parameter to support PAR with JAR requests (#…

…995)

Co-authored-by: gyaneshgouraw-okta <[email protected]>

src/auth/oauth.ts

@@ -146,6 +146,11 @@ export interface PushedAuthorizationRequest extends ClientCredentials {
    */
   code_challenge?: string;
 
+  /**
+   * Allows JWT-Secured Authorization Request (JAR), when JAR & PAR request are used together. {@link https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow/authorization-code-flow-with-par-and-jar | Reference}
+   */
+  request?: string;
+
   /**
    * A JSON stringified array of objects. It can carry fine-grained authorization data in OAuth messages as part of Rich Authorization Requests (RAR) {@link https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow/authorization-code-flow-with-rar | Reference}
    */

test/auth/fixtures/oauth.json

@@ -178,5 +178,16 @@
       "request_uri": "https://www.request.uri",
       "expires_in": 86400
     }
+  },
+  {
+    "scope": "https://test-domain.auth0.com",
+    "method": "POST",
+    "path": "/oauth/par",
+    "body": "client_id=test-client-id&response_type=code&redirect_uri=https%3A%2F%2Fexample.com&request=my-jwt-request&client_secret=test-client-secret",
+    "status": 200,
+    "response": {
+      "request_uri": "https://www.request.uri",
+      "expires_in": 86400
+    }
   }
 ]

test/auth/oauth.test.ts

@@ -347,6 +347,23 @@ describe('OAuth', () => {
         },
       });
     });
+
+    it('should send request param when provided', async () => {
+      const oauth = new OAuth(opts);
+      await expect(
+        oauth.pushedAuthorization({
+          client_id: 'test-client-id',
+          response_type: 'code',
+          redirect_uri: 'https://example.com',
+          request: 'my-jwt-request',
+        })
+      ).resolves.toMatchObject({
+        data: {
+          request_uri: 'https://www.request.uri',
+          expires_in: 86400,
+        },
+      });
+    });
   });
 });