[FEATURE] allow grant type to be specified for client:auth

cli.js

@@ -77,10 +77,12 @@ program
     .option('-a, --authserver [authserver]','The authorization server used to authenticate')
     .option('-r, --renew','Controls whether the authentication should be automatically renewed, ' +
         'once the token expires.')
+    .option('-t, --type [type]','The grant type to use (password or client_credentials)')
     .description('Authenticate an API client with an optional user for automation use')
     .action(function(client, secret, user, user_password, options) {
         var renew = ( options.renew ? options.renew : false );
-        require('./lib/auth').auth(client, secret, user, user_password, renew, options.authserver);
+        var grantType = ( options.type === 'client_credentials' ? 'client_credentials' : 'password' );
+        require('./lib/auth').auth(client, secret, user, user_password, renew, options.authserver, grantType);
     }).on('--help', function() {
         console.log('');
         console.log('  Details:');
@@ -103,6 +105,7 @@ program
         console.log('    $ sfcc-ci client:auth my_client_id my_client_secret');
         console.log('    $ sfcc-ci client:auth my_client_id my_client_secret -r');
         console.log('    $ sfcc-ci client:auth my_client_id my_client_secret -a account.demandware.com');
+        console.log('    $ sfcc-ci client:auth my_client_id my_client_secret -t client_credentials');
         console.log('    $ sfcc-ci client:auth');
         console.log();
     });
@@ -1793,14 +1796,14 @@ program
         console.log();
         console.log('  Examples:');
         console.log();
-        console.log('    $ sfcc-ci code:diffdeploy "newcodeversion" "/path/to/repo1,/path/to/repo2"');
-        console.log('    $ sfcc-ci code:diffdeploy "newcodeversion" "/path/to/repo1,/path/to/repo2" ' +
+        console.log('    $ sfcc-ci code:deploy:diff "newcodeversion" "/path/to/repo1,/path/to/repo2"');
+        console.log('    $ sfcc-ci code:deploy:diff "newcodeversion" "/path/to/repo1,/path/to/repo2" ' +
             '-i my-instance-alias');
-        console.log('    $ sfcc-ci code:diffdeploy "newcodeversion" "/path/to/repo1,/path/to/repo2" ' +
+        console.log('    $ sfcc-ci code:deploy:diff "newcodeversion" "/path/to/repo1,/path/to/repo2" ' +
             '-i my-instance.demandware.net');
-        console.log('    $ sfcc-ci code:diffdeploy "newcodeversion" "/path/to/repo1,/path/to/repo2" ' +
+        console.log('    $ sfcc-ci code:deploy:diff "newcodeversion" "/path/to/repo1,/path/to/repo2" ' +
             '-i my-instance.demandware.net -a');
-        console.log('    $ sfcc-ci code:diffdeploy "newcodeversion" "/path/to/repo1,/path/to/repo2" ' +
+        console.log('    $ sfcc-ci code:deploy:diff "newcodeversion" "/path/to/repo1,/path/to/repo2" ' +
             '-i my-instance.demandware.net -a -c path/to/my/certificate.p12 -p "myPassphraseForTheCertificate"');
         console.log();
     });

lib/auth.js

@@ -153,12 +153,18 @@ function obtainToken(accountManagerHostOverride, basicAuthUser, basicAuthPasswor
  * @param {String} clientSecret The client secret to use with the authentication flow
  * @param {String} user The user to use with the authentication flow
  * @param {String} userPassword The user password to use with the authentication flow
- * @param {Boolean} autoRenew A flag controlling, wether the access token should be renewed automatically, false by default
+ * @param {Boolean} autoRenew A flag controlling, whether the access token should be renewed automatically, false by default
  * @param {String} accountManager The optional host name of the Account Manager to use as authorization server
+ * @param {String} grantType Optional, the grant type to use. Force client_credentials if dw.json is present
  */
-function auth(client, clientSecret, user, userPassword, autoRenew, accountManager) {
+function auth(client, clientSecret, user, userPassword, autoRenew, accountManager, grantType = 'password') {
+    var flows = {
+        password: { grant : 'password', response_type : 'code' },
+        client_credentials: { grant : 'client_credentials', response_type : 'token' }
+    }
+
     // determine oauth flow to use, by default it is resource owner password credentials
-    var flow = { grant : 'password', response_type : 'code' };
+    var flow = flows[grantType];
 
     // if client and secret are not passed, attempt to look them up from alternative sources, honoring dw.json and env vars
     if ( !client && !clientSecret ) {
@@ -177,7 +183,7 @@ function auth(client, clientSecret, user, userPassword, autoRenew, accountManage
             user = secrets.getUsername(null);
             userPassword = secrets.getPassword(null);
         } catch (e) {
-            // in case lookup fails and user credentails are not present, we still want to support client_credentials grant
+            // in case lookup fails and user credentials are not present, we still want to support client_credentials grant
         }
     }
 

test/unit/auth.js

@@ -145,6 +145,19 @@ describe('Tests for lib/auth.js', function() {
                 const postArgs = requestStub.post.getCall(0).args[0];
                 expect(postArgs.uri).to.equal('https://account-pod5.demandware.net/dw/oauth2/access_token');
             });
+
+            it('use password grant type if no grantType param is provided', function() {
+                auth.auth(clientKey, clientSecret, user, password);
+                const postArgs = requestStub.post.getCall(0).args[0];
+                expect(postArgs.form.grant_type).to.equal('password');
+            });
+
+            it('use client_credentials grant type if grantType param is provided', function() {
+                const grantType = 'client_credentials';
+                auth.auth(clientKey, clientSecret, user, password, false, null, grantType);
+                const postArgs = requestStub.post.getCall(0).args[0];
+                expect(postArgs.form.grant_type).to.equal('client_credentials');
+            });
         });
     });