Merge pull request #271 from pilcrowonpaper/next

pilcrowonpaper · web-flow · commit c3f59d63eabf · 2025-02-06T09:06:55.000+09:00
Release v3.2.3
diff --git a/.RELEASE.md b/.RELEASE.md
@@ -0,0 +1,2 @@
+- Figma: Update endpoints to latest ([#267](https://github.com/pilcrowonpaper/arctic/pull/267)).
+- Entra ID: Remove `Origin` header for confidential clients ([#270](https://github.com/pilcrowonpaper/arctic/pull/270)).
diff --git a/package.json b/package.json
@@ -1,7 +1,7 @@
 {
 	"name": "arctic",
 	"type": "module",
-	"version": "3.2.2",
+	"version": "3.2.3",
 	"description": "OAuth 2.0 clients for popular providers",
 	"main": "dist/index.js",
 	"types": "dist/index.d.ts",
diff --git a/src/providers/figma.ts b/src/providers/figma.ts
@@ -3,7 +3,7 @@ import { OAuth2Client } from "../client.js";
 import type { OAuth2Tokens } from "../oauth2.js";
 
 const authorizationEndpoint = "https://www.figma.com/oauth";
-const tokenEndpoint = "https://www.figma.com/api/oauth/token";
+const tokenEndpoint = "https://api.figma.com/v1/oauth/token";
 const refreshEndpoint = "https://api.figma.com/v1/oauth/refresh";
 
 export class Figma {
diff --git a/src/providers/microsoft-entra-id.ts b/src/providers/microsoft-entra-id.ts
@@ -59,11 +59,13 @@ export class MicrosoftEntraId {
 			body.set("client_id", this.clientId);
 		}
 		const request = createOAuth2Request(this.tokenEndpoint, body);
-		// Origin header required for public clients. Value can be anything.
-		request.headers.set("Origin", "arctic");
 		if (this.clientSecret !== null) {
 			const encodedCredentials = encodeBasicCredentials(this.clientId, this.clientId);
 			request.headers.set("Authorization", `Basic ${encodedCredentials}`);
+		} else {
+			// Origin header required for public clients. Must not be defined for confidential clients.
+			// Value can be anything.
+			request.headers.set("Origin", "arctic");
 		}
 		const tokens = await sendTokenRequest(request);
 		return tokens;
@@ -80,11 +82,13 @@ export class MicrosoftEntraId {
 			body.set("scope", scopes.join(" "));
 		}
 		const request = createOAuth2Request(this.tokenEndpoint, body);
-		// Origin header required for public clients. Value can be anything.
-		request.headers.set("Origin", "arctic");
 		if (this.clientSecret !== null) {
 			const encodedCredentials = encodeBasicCredentials(this.clientId, this.clientSecret);
 			request.headers.set("Authorization", `Basic ${encodedCredentials}`);
+		} else {
+			// Origin header required for public clients. Must not be defined for confidential clients.
+			// Value can be anything.
+			request.headers.set("Origin", "arctic");
 		}
 		const tokens = await sendTokenRequest(request);
 		return tokens;

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+- Figma: Update endpoints to latest ([#267](https://github.com/pilcrowonpaper/arctic/pull/267)).`
	`2`	+- Entra ID: Remove `Origin` header for confidential clients ([#270](https://github.com/pilcrowonpaper/arctic/pull/270)).
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "arctic",`
`3`	`3`	`"type": "module",`
`4`		`- "version": "3.2.2",`
	`4`	`+ "version": "3.2.3",`
`5`	`5`	`"description": "OAuth 2.0 clients for popular providers",`
`6`	`6`	`"main": "dist/index.js",`
`7`	`7`	`"types": "dist/index.d.ts",`