Store from frontend

packages/builder/src/pages/builder/app/[application]/settings/oauth2/OAuth2ConfigModalContent.svelte

@@ -10,8 +10,12 @@
     Link,
     ModalContent,
     notifications,
+    Select,
   } from "@budibase/bbui"
-  import { PASSWORD_REPLACEMENT } from "@budibase/types"
+  import {
+    OAuth2CredentialsMethod,
+    PASSWORD_REPLACEMENT,
+  } from "@budibase/types"
   import type { ZodType } from "zod"
   import { z } from "zod"
 
@@ -27,6 +31,17 @@
     ? "Create new OAuth2 connection"
     : "Edit OAuth2 connection"
 
+  const methods = [
+    {
+      label: "Basic",
+      value: OAuth2CredentialsMethod.HEADER,
+    },
+    {
+      label: "Post",
+      value: OAuth2CredentialsMethod.BODY,
+    },
+  ]
+
   const requiredString = (errorMessage: string) =>
     z.string({ required_error: errorMessage }).trim().min(1, errorMessage)
 
@@ -45,6 +60,9 @@
       url: requiredString("Url is required.").url(),
       clientId: requiredString("Client ID is required."),
       clientSecret: requiredString("Client secret is required."),
+      method: z.nativeEnum(OAuth2CredentialsMethod, {
+        message: "Authentication method is required.",
+      }),
     }) satisfies ZodType<UpsertOAuth2Config>
 
     const validationResult = validator.safeParse(config)
@@ -119,6 +137,21 @@
     bind:value={data.name}
     error={errors.name}
   />
+  <Select
+    label="Authentication method*"
+    options={methods}
+    getOptionLabel={o => o.label}
+    getOptionValue={o => o.value}
+    bind:value={data.method}
+    error={errors.method}
+  />
+  <div class="field-info">
+    <Body size="XS" color="var(--spectrum-global-color-gray-700)">
+      Basic will use the Authorisation Bearer header for each connection, while
+      Post will include the credentials in the body of the request under the
+      access_token property.
+    </Body>
+  </div>
   <Input
     label="Service URL*"
     placeholder="E.g. www.google.com"

packages/builder/src/stores/builder/oauth2.ts

@@ -32,6 +32,7 @@ export class OAuth2Store extends BudiStore<OAuth2StoreState> {
           url: c.url,
           clientId: c.clientId,
           clientSecret: c.clientSecret,
+          method: c.method,
         })),
         loading: false,
       }))

packages/server/src/api/routes/oauth2.ts

@@ -1,5 +1,5 @@
 import Router from "@koa/router"
-import { PermissionType } from "@budibase/types"
+import { OAuth2CredentialsMethod, PermissionType } from "@budibase/types"
 import { middleware } from "@budibase/backend-core"
 import authorized from "../../middleware/authorized"
 
@@ -13,6 +13,9 @@ function oAuth2ConfigValidator() {
       url: Joi.string().required(),
       clientId: Joi.string().required(),
       clientSecret: Joi.string().required(),
+      method: Joi.string()
+        .required()
+        .valid(...Object.values(OAuth2CredentialsMethod)),
     }),
     { allowUnknown: false }
   )