From 178e660f00ad913e41408d89639779d052012d91 Mon Sep 17 00:00:00 2001
From: Princewill Onyenanu <princekelvin91@gmail.com>
Date: Thu, 16 Jan 2025 13:10:11 +0100
Subject: [PATCH] Add bodyserializer/accept header to openverse api client to
 correctly authenticate with the API (#5330)

* add bodyserializer/accept header to openverse api client to correctly authenticate with the API

* Fix header and tests
---
 packages/js/api-client/src/auth.ts          |  6 ++++++
 packages/js/api-client/tests/client.test.ts | 13 ++++++++-----
 2 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/packages/js/api-client/src/auth.ts b/packages/js/api-client/src/auth.ts
index 95b8ccd51af..9fee99365b8 100644
--- a/packages/js/api-client/src/auth.ts
+++ b/packages/js/api-client/src/auth.ts
@@ -136,6 +136,12 @@ export class OpenverseAuthMiddleware implements OpenverseMiddleware {
             client_id: this.credentials.clientId,
             client_secret: this.credentials.clientSecret,
           },
+          bodySerializer(body) {
+            return new URLSearchParams(body).toString()
+          },
+          headers: {
+            "Content-Type": "application/x-www-form-urlencoded",
+          },
         })
         .then((tokenResponse) => {
           if (!tokenResponse.response.ok || !tokenResponse.data) {
diff --git a/packages/js/api-client/tests/client.test.ts b/packages/js/api-client/tests/client.test.ts
index 7e648207d03..9cf13f6b728 100644
--- a/packages/js/api-client/tests/client.test.ts
+++ b/packages/js/api-client/tests/client.test.ts
@@ -17,6 +17,9 @@ const getClientAndNock = (credentials?: ClientCredentials) => ({
   nock: rootNock("https://nock.local/"),
 })
 
+const TOKEN_REQUEST_BODY =
+  /grant_type=client_credentials&client_id=test&client_secret=test-secret/
+
 describe("OpenverseClient", () => {
   describe("api token refresh", async () => {
     test("should automatically refresh api token before sending final request", async () => {
@@ -26,7 +29,7 @@ describe("OpenverseClient", () => {
       })
 
       const scope = nock
-        .post("/v1/auth_tokens/token/", /test-secret/)
+        .post("/v1/auth_tokens/token/", TOKEN_REQUEST_BODY)
         .reply(200, {
           access_token: "test-access-token",
           scope: "test-scope",
@@ -57,7 +60,7 @@ describe("OpenverseClient", () => {
       })
 
       const scope = nock
-        .post("/v1/auth_tokens/token/", /test-secret/)
+        .post("/v1/auth_tokens/token/", TOKEN_REQUEST_BODY)
         .delay(1000)
         // times=1 enforces that only a single auth token request is ever made, otherwise `nock` would raise an error
         .times(1)
@@ -114,7 +117,7 @@ describe("OpenverseClient", () => {
       })
 
       const scope = nock
-        .post("/v1/auth_tokens/token/", /test-secret/)
+        .post("/v1/auth_tokens/token/", TOKEN_REQUEST_BODY)
         .times(1)
         .reply(401, "Invalid credentials")
 
@@ -140,7 +143,7 @@ describe("OpenverseClient", () => {
       })
 
       const scope = nock
-        .post("/v1/auth_tokens/token/", /test-secret/)
+        .post("/v1/auth_tokens/token/", TOKEN_REQUEST_BODY)
         .times(1)
         .reply(200, {
           access_token: "test-access-token-1",
@@ -166,7 +169,7 @@ describe("OpenverseClient", () => {
         .reply(200, {
           id: "single-audio",
         })
-        .post("/v1/auth_tokens/token/", /test-secret/)
+        .post("/v1/auth_tokens/token/", TOKEN_REQUEST_BODY)
         .delay(3)
         .times(1)
         .reply(200, {