feat: OAuth 2.0 functionality

[berezovskyicom]

This PR adds OAuth2.0 into Abstract SDK.
Link to OAUTH2.0 RFC
Link to OAuth interface for SDK

Adds add getToken() for making a POST request to auth/tokens with authorizationCode.
And setToken() for storing returned accessToken in client.
generateAuthorizeurl() is used for returning an oauth url to Abstract.

Example:

let abstract = new Abstract.Client({
  clientId,
  clientSecret,
  redirectUri,
});

async function oAuth(code) {
  return await abstract.oauth
    .getToken({
      authorizationCode: code
    })
    .then(token => {
      abstract = abstract.oauth.setToken(token);

      return abstract;
    })
    .catch(error => console.log(error));
}

const authorizedAbstract = oAuth("authentication_code");

authorizedAbstract.then(() => {
  // use sdk as usual
});

Things to consider:
client.oauth.setToken() returns new Client({}) with the same options + accessToken.
Is it really possible to change options for Client and all other endpoints without returning a new class?
I've tried a few ways, but the only options get changed are in oauth endpoint. Any thoughts?

[tommoor]

Looks like a bunch of unrelated work from master is showing up in the PR

[amccloud]

Thanks for consolidating the PRs 🙏

I think once you get the commits in this PR cleaned up you should be all set for review

[amccloud]

We typically try to avoid type suppressions unless it is absolutely necessary. If flow is warning here it's likely you have an unaccounted for state here

You can guard appending things to body by either providing a default

body.append("redirect_uri", window.location.href);

or returning early before you pass empty values to the body:

if (!clientId || !clientSecret) {
  throw new Error('OAuthOnAuthorizeToken required');
}

[amccloud]

Since this is the input for getToken

Suggested change

	export type OAuthOnAuthorizeToken = {
	export type OAuthTokenInput = {

OAuthOnAuthorizeToken seems like what authorizationCode is and that's only part of the input

[tommoor]

Please move out of draft and re-ping when you're ready for final review.

[amccloud]

Looks great 👍

Before merging can we start to stub out documentation for this feature? Would be nice to cover what this PR includes

[tommoor]

Almost there, I hope to get chance to spin up a sample app to really test before final approval.

[tommoor]

I think we should go ahead and just change Endpoint to only accept one argument, this – we can read this.options in the constructor and avoid passing it in essentially twice here.

[berezovskyicom]

Done! I left Endpoint options param as optional, because tests were behaving weird.

[tommoor]

Is state strictly required?

[berezovskyicom]

Nope. Will fix that 👍

[berezovskyicom]

Done!

[tommoor]

Can we allow input.scope here to future proof and just set it to "all" as the default?

[berezovskyicom]

Good!

[berezovskyicom]

Pushed.

[tommoor]

What is this id?

[berezovskyicom]

According to back end, it's not used anywhere right now and not much needed for client. Looks like an id in database.

[tommoor]

Did you have a reason for returning options here in mind? Might be confusing, could be better to return this to allow for chaining or nothing at all…

[berezovskyicom]

Yes, 100% agree. Returning nothing lgtm. Will fix that in new commit.

[berezovskyicom]

Fixed and edited tests.

[berezovskyicom]

Not really sure if that's the best idea, but test are feeling fine.

[berezovskyicom]

Me & @Geek-1001 are preparing docs for OAuth, we will let you know when it gets finished!