1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
diff --git a/examples/code.ts b/examples/private_key_jwt.tsindex 98576c1..1a69495 100644--- a/examples/code.ts+++ b/examples/private_key_jwt.ts@@ -1,5 +1,10 @@ import * as oauth from '../src/index.js' +// a random client authentication key is generated here for the example's sake, you would however+// use crypto.subtle.importKey to import a private key that is pre-registered on the AS+const { privateKey } = await oauth.generateKeyPair('ES256')+const keyID = 'a52faab2-f688-44b6-bde8-f493aeb526fb' // the `kid` the authorization server expects, or undefined if not applicable+ const issuer = new URL('https://example.as.com') const as = await oauth   .discoveryRequest(issuer)@@ -7,9 +12,7 @@ const as = await oauth  const client: oauth.Client = {   client_id: 'abc4ba37-4ab8-49b5-99d4-9441ba35d428',-  client_secret:-    'ddce41c3d7618bb30e8a5e5e423fce223427426265ebc96fd9dd5713a6d4fc58bc523c45af42274c210ab18d4a93b5b7169edf6236ed2657f6be64ec41b72f87',-  token_endpoint_auth_method: 'client_secret_basic',+  token_endpoint_auth_method: 'private_key_jwt', }  const redirect_uri = 'https://example.rp.com/cb'@@ -54,6 +57,12 @@ let access_token: string     params,     redirect_uri,     code_verifier,+    {+      clientPrivateKey: {+        key: privateKey,+        kid: keyID,+      },+    },   )    let challenges: oauth.WWWAuthenticateChallenge[] | undefined