From 2612f5ee49d2a1d950ff9535ecab7c6802dc2696 Mon Sep 17 00:00:00 2001
From: Jason Raimondi <jason@raimondi.us>
Date: Sun, 11 Aug 2024 19:58:39 -0400
Subject: [PATCH] refactor: rename config options to authenticateIntrospect &
 authenticateRevoke

---
 docs/docs/authorization_server/configuration.mdx | 8 ++++----
 src/authorization_server.ts                      | 4 ++--
 src/grants/auth_code.grant.ts                    | 2 +-
 src/grants/client_credentials.grant.ts           | 4 ++--
 src/options.ts                                   | 4 ++--
 test/e2e/authorization_server.spec.ts            | 8 ++++----
 6 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/docs/docs/authorization_server/configuration.mdx b/docs/docs/authorization_server/configuration.mdx
index 884651d6..1123df5a 100644
--- a/docs/docs/authorization_server/configuration.mdx
+++ b/docs/docs/authorization_server/configuration.mdx
@@ -15,8 +15,8 @@ The authorization server has a few optional settings with the following default
 | `notBeforeLeeway`                 | number              | 0         | Implementers MAY provide for some small leeway, usually no more than a few minutes, to account for clock skew. Its value MUST be a number containing a NumericDate value.                  |
 | `tokenCID`                        | "id" or "name"      | "id"      | Sets the JWT `accessToken.cid` to either the `client.id` or `client.name`.<br /><br />In 3.x the default is **"id"**, in v2.x the default was **"name"**. [[Learn more]][token-cid]        |
 | `issuer`                          | string \| undefined | undefined | Sets the JWT `accessToken.iss` to this value.                                                                                                                                              |
-| `introspectWithClientCredentials` | boolean             | false     | Authorize [the /introspect endpoint](../endpoints/introspect.mdx) using `client_credentials`, this requires users to pass in a valid client_id and client_secret (or Authorization header) |
-| `revokeWithClientCredentials`     | boolean             | false     | Authorize [the /revoke endpoint](../endpoints/revoke.mdx) using `client_credentials`, this requires users to pass in a valid client_id and client_secret (or Authorization header)         |
+| `authenticateIntrospect` | boolean             | false     | Authorize [the /introspect endpoint](../endpoints/introspect.mdx) using `client_credentials`, this requires users to pass in a valid client_id and client_secret (or Authorization header) |
+| `authenticateRevoke`     | boolean             | false     | Authorize [the /revoke endpoint](../endpoints/revoke.mdx) using `client_credentials`, this requires users to pass in a valid client_id and client_secret (or Authorization header)         |
 
 ```ts
 type AuthorizationServerOptions = {
@@ -25,8 +25,8 @@ type AuthorizationServerOptions = {
   notBeforeLeeway: 0;
   tokenCID: "id" | "name";
   issuer: undefined;
-  introspectWithClientCredentials: boolean;
-  revokeWithClientCredentials: boolean;
+  authenticateIntrospect: boolean;
+  authenticateRevoke: boolean;
 };
 ```
 
diff --git a/src/authorization_server.ts b/src/authorization_server.ts
index 992abb77..2ff7f8ca 100644
--- a/src/authorization_server.ts
+++ b/src/authorization_server.ts
@@ -30,8 +30,8 @@ export interface AuthorizationServerOptions {
   tokenCID: "id" | "name";
   issuer?: string;
   scopeDelimiter: string;
-  introspectWithClientCredentials: boolean;
-  revokeWithClientCredentials: boolean;
+  authenticateIntrospect: boolean;
+  authenticateRevoke: boolean;
 }
 
 export type EnableableGrants =
diff --git a/src/grants/auth_code.grant.ts b/src/grants/auth_code.grant.ts
index fe932de0..f4100134 100644
--- a/src/grants/auth_code.grant.ts
+++ b/src/grants/auth_code.grant.ts
@@ -314,7 +314,7 @@ export class AuthCodeGrant extends AbstractAuthorizedGrant {
   async respondToRevokeRequest(req: RequestInterface): Promise<ResponseInterface> {
     req.body["grant_type"] = this.identifier;
 
-    if (this.options.revokeWithClientCredentials) await this.validateClient(req);
+    if (this.options.authenticateRevoke) await this.validateClient(req);
 
     const token = this.getRequestParameter("token", req);
 
diff --git a/src/grants/client_credentials.grant.ts b/src/grants/client_credentials.grant.ts
index e0c4b2f7..85699ce2 100644
--- a/src/grants/client_credentials.grant.ts
+++ b/src/grants/client_credentials.grant.ts
@@ -32,7 +32,7 @@ export class ClientCredentialsGrant extends AbstractGrant {
   async respondToIntrospectRequest(req: RequestInterface): Promise<ResponseInterface> {
     req.body["grant_type"] = this.identifier;
 
-    if (this.options.introspectWithClientCredentials) await this.validateClient(req);
+    if (this.options.authenticateIntrospect) await this.validateClient(req);
 
     const { parsedToken, oauthToken, expiresAt, tokenType } = await this.tokenFromRequest(req);
 
@@ -60,7 +60,7 @@ export class ClientCredentialsGrant extends AbstractGrant {
   async respondToRevokeRequest(req: RequestInterface): Promise<ResponseInterface> {
     req.body["grant_type"] = this.identifier;
 
-    if (this.options.revokeWithClientCredentials) await this.validateClient(req);
+    if (this.options.authenticateRevoke) await this.validateClient(req);
 
     let { oauthToken } = await this.tokenFromRequest(req);
 
diff --git a/src/options.ts b/src/options.ts
index e8ef7fa2..ec47ed5f 100644
--- a/src/options.ts
+++ b/src/options.ts
@@ -7,6 +7,6 @@ export const DEFAULT_AUTHORIZATION_SERVER_OPTIONS: AuthorizationServerOptions =
   tokenCID: "id",
   issuer: undefined,
   scopeDelimiter: " ",
-  introspectWithClientCredentials: false,
-  revokeWithClientCredentials: false,
+  authenticateIntrospect: false,
+  authenticateRevoke: false,
 };
diff --git a/test/e2e/authorization_server.spec.ts b/test/e2e/authorization_server.spec.ts
index c5f33d3e..916eec7d 100644
--- a/test/e2e/authorization_server.spec.ts
+++ b/test/e2e/authorization_server.spec.ts
@@ -361,7 +361,7 @@ describe("authorization_server", () => {
       inMemoryDatabase.clients[client.id] = client;
     });
 
-    describe("without option introspectWithClientCredentials=false", () => {
+    describe("without option authenticateIntrospect=false", () => {
       it("does not require client credentials", async () => {
         authorizationServer = new AuthorizationServer(
           inMemoryClientRepository,
@@ -369,7 +369,7 @@ describe("authorization_server", () => {
           inMemoryScopeRepository,
           new JwtService("secret-key"),
           {
-            introspectWithClientCredentials: false,
+            authenticateIntrospect: false,
           },
         );
 
@@ -556,7 +556,7 @@ describe("authorization_server", () => {
       inMemoryDatabase.clients[client.id] = client;
     });
 
-    describe("without option revokeWithClientCredentials=false", () => {
+    describe("without option authenticateRevoke=false", () => {
       it("does not require client credentials", async () => {
         const authorizationServer = new AuthorizationServer(
           inMemoryClientRepository,
@@ -564,7 +564,7 @@ describe("authorization_server", () => {
           inMemoryScopeRepository,
           new JwtService("secret-key"),
           {
-            revokeWithClientCredentials: false,
+            authenticateRevoke: false,
           },
         );