feat: OAuth 2.0 Client Credentials Basic Auth

[pietrygamat]

Description

With this change the OAuth2 authorization on request and collection level is now including additional configuration option for handling client credentials when accessing token endpoint. This applies to all currently supported grant_types.

The new default option is to send the credentials as Authorization: Basic header:

auth:oauth2 {
  ...
  client_id: brunoclient
  client_secret: {{client_secret}}
  client_secret_method: client_credentials_basic
}

The old behavior to include them in the request body is still available.

auth:oauth2 {
  ...
  client_id: brunoclient
  client_secret: {{client_secret}}
  client_secret_method: client_credentials_post
}

resolves #2106
#1003

Contribution Checklist:

• The pull request only addresses one issue or adds one feature.
• The pull request does not introduce any breaking changes
• I have added screenshots or gifs to help explain the change if applicable.
• I have read the contribution guidelines.
• Create an issue and link to the pull request.

Note: Keeping the PR small and focused helps make it easier to review and merge. If you have multiple changes you want to make, please consider submitting them as separate pull requests.

Publishing to New Package Managers

Please see here for more information.

[pietrygamat]

The same component is used in RequestPane and in CollectionSettings/Auth. While the convention in the project seems to be using duplicate, almost identical components, I feel this approach is easier to manage. Perhaps it should be moved into a different location then?

[lizziemac]

seconded - perhaps we should have a shared components directory

[pietrygamat]

I am pretty sure the interpolate-vars has no business updating request.data like this. The oauth2-helper knows best what is and what is not to be included in request data, right?

[rmaheedharan]

Much Needed!