Merge pull request #273 from pilcrowonpaper/next

Release v3.2.4

Author: pilcrowonpaper

.RELEASE.md

@@ -0,0 +1 @@
+- Entra ID: Fix `Authorization` header ([#272](https://github.com/pilcrowonpaper/arctic/pull/272)).

package.json

@@ -1,7 +1,7 @@
 {
 	"name": "arctic",
 	"type": "module",
-	"version": "3.2.3",
+	"version": "3.2.4",
 	"description": "OAuth 2.0 clients for popular providers",
 	"main": "dist/index.js",
 	"types": "dist/index.d.ts",

src/providers/microsoft-entra-id.ts

@@ -60,11 +60,10 @@ export class MicrosoftEntraId {
 		}
 		const request = createOAuth2Request(this.tokenEndpoint, body);
 		if (this.clientSecret !== null) {
-			const encodedCredentials = encodeBasicCredentials(this.clientId, this.clientId);
+			const encodedCredentials = encodeBasicCredentials(this.clientId, this.clientSecret);
 			request.headers.set("Authorization", `Basic ${encodedCredentials}`);
 		} else {
-			// Origin header required for public clients. Must not be defined for confidential clients.
-			// Value can be anything.
+			// Origin header required for public clients. Value can be anything.
 			request.headers.set("Origin", "arctic");
 		}
 		const tokens = await sendTokenRequest(request);
@@ -86,8 +85,7 @@ export class MicrosoftEntraId {
 			const encodedCredentials = encodeBasicCredentials(this.clientId, this.clientSecret);
 			request.headers.set("Authorization", `Basic ${encodedCredentials}`);
 		} else {
-			// Origin header required for public clients. Must not be defined for confidential clients.
-			// Value can be anything.
+			// Origin header required for public clients. Value can be anything.
 			request.headers.set("Origin", "arctic");
 		}
 		const tokens = await sendTokenRequest(request);