From c1abcf8dfb314a2f42d047fefa81a0191894f508 Mon Sep 17 00:00:00 2001
From: mwoda <mwoda@box.com>
Date: Thu, 3 Feb 2022 13:59:37 +0100
Subject: [PATCH 1/3] feat: add Client Credentials Grant auth support

---
 Box.V2.Test/BoxCCGAuthTest.cs                 | 120 ++++++++++++++++++
 Box.V2.Test/CCGAuthRepositoryTest.cs          | 102 +++++++++++++++
 .../Extensions/DictionaryExtensions.cs        |  14 ++
 Box.V2/Box.V2.csproj                          |   4 +-
 Box.V2/CCGAuth/BoxCCGAuth.cs                  | 114 +++++++++++++++++
 Box.V2/CCGAuth/CCGAuthRepository.cs           |  91 +++++++++++++
 Box.V2/Config/BoxConfigBuilder.cs             |  28 ++++
 Box.V2/Config/Constants.cs                    |   9 ++
 8 files changed, 481 insertions(+), 1 deletion(-)
 create mode 100644 Box.V2.Test/BoxCCGAuthTest.cs
 create mode 100644 Box.V2.Test/CCGAuthRepositoryTest.cs
 create mode 100644 Box.V2.Test/Extensions/DictionaryExtensions.cs
 create mode 100644 Box.V2/CCGAuth/BoxCCGAuth.cs
 create mode 100644 Box.V2/CCGAuth/CCGAuthRepository.cs

diff --git a/Box.V2.Test/BoxCCGAuthTest.cs b/Box.V2.Test/BoxCCGAuthTest.cs
new file mode 100644
index 000000000..c470471cc
--- /dev/null
+++ b/Box.V2.Test/BoxCCGAuthTest.cs
@@ -0,0 +1,120 @@
+using System;
+using System.Threading.Tasks;
+using Box.V2.Auth;
+using Box.V2.CCGAuth;
+using Box.V2.Config;
+using Box.V2.Request;
+using Box.V2.Services;
+using Box.V2.Test.Extensions;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+using Moq;
+
+namespace Box.V2.Test
+{
+    [TestClass]
+    public class BoxCCGAuthTest : BoxResourceManagerTest
+    {
+        private readonly Mock<IRequestHandler> _handler;
+        private readonly IBoxService _service;
+        private readonly Mock<IBoxConfig> _boxConfig;
+        private readonly BoxCCGAuth _ccgAuth;
+
+        public BoxCCGAuthTest()
+        {
+            // Initial Setup
+            _handler = new Mock<IRequestHandler>();
+            _service = new BoxService(_handler.Object);
+            _boxConfig = new Mock<IBoxConfig>();
+            _boxConfig.SetupGet(x => x.EnterpriseId).Returns("12345");
+            _boxConfig.SetupGet(x => x.ClientId).Returns("123");
+            _boxConfig.SetupGet(x => x.ClientSecret).Returns("SECRET");
+            _boxConfig.SetupGet(x => x.BoxApiHostUri).Returns(new Uri(Constants.BoxApiHostUriString));
+            _boxConfig.SetupGet(x => x.BoxAuthTokenApiUri).Returns(new Uri(Constants.BoxAuthTokenApiUriString));
+            _ccgAuth = new BoxCCGAuth(_boxConfig.Object, _service);
+        }
+
+        [TestMethod]
+        [TestCategory("CI-UNIT-TEST")]
+        public async Task GetAdminToken_ValidSession()
+        {
+            // Arrange
+            IBoxRequest boxRequest = null;
+            _handler.Setup(h => h.ExecuteAsync<OAuthSession>(It.IsAny<BoxRequest>()))
+                .Returns(Task<IBoxResponse<OAuthSession>>.Factory.StartNew(() => new BoxResponse<OAuthSession>()
+                {
+                    Status = ResponseStatus.Success,
+                    ContentString = "{\"access_token\":\"T9cE5asGnuyYCCqIZFoWjFHvNbvVqHjl\",\"expires_in\":3600,\"restricted_to\":[],\"token_type\":\"bearer\"}"
+                }))
+                .Callback<IBoxRequest>(r => boxRequest = r);
+
+            // Act
+            var accessToken = await _ccgAuth.AdminTokenAsync();
+
+            // Assert
+            Assert.AreEqual("https://api.box.com/oauth2/token", boxRequest.AbsoluteUri.AbsoluteUri);
+            Assert.AreEqual(RequestMethod.Post, boxRequest.Method);
+            Assert.IsTrue(boxRequest.PayloadParameters.ContainsKeyValue("grant_type", "client_credentials"));
+            Assert.IsTrue(boxRequest.PayloadParameters.ContainsKeyValue("client_id", _boxConfig.Object.ClientId));
+            Assert.IsTrue(boxRequest.PayloadParameters.ContainsKeyValue("client_secret", _boxConfig.Object.ClientSecret));
+            Assert.IsTrue(boxRequest.PayloadParameters.ContainsKeyValue("box_subject_type", "enterprise"));
+            Assert.IsTrue(boxRequest.PayloadParameters.ContainsKeyValue("box_subject_id", _boxConfig.Object.EnterpriseId));
+
+            Assert.AreEqual(accessToken, "T9cE5asGnuyYCCqIZFoWjFHvNbvVqHjl");
+        }
+
+        [TestMethod]
+        [TestCategory("CI-UNIT-TEST")]
+        public async Task GetUserToken_ValidSession()
+        {
+            // Arrange
+            var userId = "22222";
+            IBoxRequest boxRequest = null;
+            _handler.Setup(h => h.ExecuteAsync<OAuthSession>(It.IsAny<BoxRequest>()))
+                .Returns(Task<IBoxResponse<OAuthSession>>.Factory.StartNew(() => new BoxResponse<OAuthSession>()
+                {
+                    Status = ResponseStatus.Success,
+                    ContentString = "{\"access_token\":\"T9cE5asGnuyYCCqIZFoWjFHvNbvVqHjl\",\"expires_in\":3600,\"restricted_to\":[],\"token_type\":\"bearer\"}"
+                }))
+                .Callback<IBoxRequest>(r => boxRequest = r);
+
+            // Act
+            var accessToken = await _ccgAuth.UserTokenAsync(userId);
+            Assert.AreEqual("https://api.box.com/oauth2/token", boxRequest.AbsoluteUri.AbsoluteUri);
+            Assert.AreEqual(RequestMethod.Post, boxRequest.Method);
+            Assert.IsTrue(boxRequest.PayloadParameters.ContainsKeyValue("grant_type", "client_credentials"));
+            Assert.IsTrue(boxRequest.PayloadParameters.ContainsKeyValue("client_id", _boxConfig.Object.ClientId));
+            Assert.IsTrue(boxRequest.PayloadParameters.ContainsKeyValue("client_secret", _boxConfig.Object.ClientSecret));
+            Assert.IsTrue(boxRequest.PayloadParameters.ContainsKeyValue("box_subject_type", "user"));
+            Assert.IsTrue(boxRequest.PayloadParameters.ContainsKeyValue("box_subject_id", userId));
+
+            // Assert
+            Assert.AreEqual(accessToken, "T9cE5asGnuyYCCqIZFoWjFHvNbvVqHjl");
+        }
+
+        [TestMethod]
+        [TestCategory("CI-UNIT-TEST")]
+        public void UserClient_ShouldReturnUserClientWithSession()
+        {
+            // Act
+            var userClient = _ccgAuth.UserClient("T9cE5asGnuyYCCqIZFoWjFHvNbvVqHjl", "22222");
+
+            // Assert
+            Assert.IsInstanceOfType(userClient, typeof(BoxClient));
+            Assert.IsInstanceOfType(userClient.Auth, typeof(CCGAuthRepository));
+            Assert.IsNotNull(userClient.Auth.Session);
+        }
+
+        [TestMethod]
+        [TestCategory("CI-UNIT-TEST")]
+        public void AdminClient_ShouldReturnAdminClientWithSession()
+        {
+            // Act
+            var adminClient = _ccgAuth.AdminClient("T9cE5asGnuyYCCqIZFoWjFHvNbvVqHjl", "22222", true);
+
+            // Assert
+            Assert.IsInstanceOfType(adminClient, typeof(BoxClient));
+            Assert.IsInstanceOfType(adminClient.Auth, typeof(CCGAuthRepository));
+            Assert.IsNotNull(adminClient.Auth.Session);
+        }
+    }
+}
diff --git a/Box.V2.Test/CCGAuthRepositoryTest.cs b/Box.V2.Test/CCGAuthRepositoryTest.cs
new file mode 100644
index 000000000..91a852487
--- /dev/null
+++ b/Box.V2.Test/CCGAuthRepositoryTest.cs
@@ -0,0 +1,102 @@
+using System;
+using System.Threading.Tasks;
+using Box.V2.Auth;
+using Box.V2.CCGAuth;
+using Box.V2.Config;
+using Box.V2.Request;
+using Box.V2.Services;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+using Moq;
+
+
+namespace Box.V2.Test
+{
+    [TestClass]
+    public class CCGAuthRepositoryTest : BoxResourceManagerTest
+    {
+        private readonly CCGAuthRepository _userAuthRepository;
+        private readonly CCGAuthRepository _adminAuthRepository;
+        private readonly Mock<IBoxConfig> _boxConfig;
+        private readonly Mock<IRequestHandler> _handler;
+        private readonly IBoxService _service;
+        private readonly BoxCCGAuth _ccgAuth;
+
+        private readonly string _userId = "22222";
+
+        public CCGAuthRepositoryTest()
+        {
+            // Initial Setup
+            _handler = new Mock<IRequestHandler>();
+            _service = new BoxService(_handler.Object);
+            _boxConfig = new Mock<IBoxConfig>();
+            _boxConfig.SetupGet(x => x.EnterpriseId).Returns("12345");
+            _boxConfig.SetupGet(x => x.ClientId).Returns("123");
+            _boxConfig.SetupGet(x => x.ClientSecret).Returns("SECRET");
+            _boxConfig.SetupGet(x => x.BoxApiHostUri).Returns(new Uri(Constants.BoxApiHostUriString));
+            _boxConfig.SetupGet(x => x.BoxAuthTokenApiUri).Returns(new Uri(Constants.BoxAuthTokenApiUriString));
+            _ccgAuth = new BoxCCGAuth(_boxConfig.Object, _service);
+            _userAuthRepository = new CCGAuthRepository(null, _ccgAuth, _userId);
+            _adminAuthRepository = new CCGAuthRepository(null, _ccgAuth, _userId);
+        }
+
+        [TestMethod]
+        [TestCategory("CI-UNIT-TEST")]
+        public async Task RefreshAccessTokenAsync_ForUser_ReturnsUserSession()
+        {
+            // Arrange
+            _handler.Setup(h => h.ExecuteAsync<OAuthSession>(It.IsAny<BoxRequest>()))
+                .Returns(Task<IBoxResponse<OAuthSession>>.Factory.StartNew(() => new BoxResponse<OAuthSession>()
+                {
+                    Status = ResponseStatus.Success,
+                    ContentString = "{\"access_token\":\"T9cE5asGnuyYCCqIZFoWjFHvNbvVqHjl\",\"expires_in\":3600,\"restricted_to\":[],\"token_type\":\"bearer\"}"
+                }));
+
+            // Act
+            var session = await _userAuthRepository.RefreshAccessTokenAsync(null);
+
+            // Assert
+            Assert.AreEqual(session.AccessToken, "T9cE5asGnuyYCCqIZFoWjFHvNbvVqHjl");
+            Assert.AreEqual(session.TokenType, "bearer");
+            Assert.AreEqual(session.RefreshToken, null);
+            Assert.AreEqual(session.ExpiresIn, 3600);
+        }
+
+        [TestMethod]
+        [TestCategory("CI-UNIT-TEST")]
+        public async Task RefreshAccessTokenAsync_ForAdmin_ReturnsAdminSession()
+        {
+            // Arrange
+            _handler.Setup(h => h.ExecuteAsync<OAuthSession>(It.IsAny<BoxRequest>()))
+                .Returns(Task<IBoxResponse<OAuthSession>>.Factory.StartNew(() => new BoxResponse<OAuthSession>()
+                {
+                    Status = ResponseStatus.Success,
+                    ContentString = "{\"access_token\":\"T9cE5asGnuyYCCqIZFoWjFHvNbvVqHjl\",\"expires_in\":3600,\"restricted_to\":[],\"token_type\":\"bearer\"}"
+                }));
+
+            // Act
+            var session = await _adminAuthRepository.RefreshAccessTokenAsync(null);
+
+            // Assert
+            Assert.AreEqual(session.AccessToken, "T9cE5asGnuyYCCqIZFoWjFHvNbvVqHjl");
+            Assert.AreEqual(session.TokenType, "bearer");
+            Assert.AreEqual(session.RefreshToken, null);
+            Assert.AreEqual(session.ExpiresIn, 3600);
+        }
+
+        [TestMethod]
+        [TestCategory("CI-UNIT-TEST")]
+        public void LogoutAsync_ThrowsException()
+        {
+            // Act & Assert
+            Assert.ThrowsExceptionAsync<NotImplementedException>(() => _adminAuthRepository.LogoutAsync());
+        }
+
+        [TestMethod]
+        [TestCategory("CI-UNIT-TEST")]
+        public void AuthenticateAsync_ThrowsException()
+        {
+            // Act & Assert
+            Assert.ThrowsExceptionAsync<NotImplementedException>(() => _adminAuthRepository.AuthenticateAsync(null));
+        }
+    }
+}
diff --git a/Box.V2.Test/Extensions/DictionaryExtensions.cs b/Box.V2.Test/Extensions/DictionaryExtensions.cs
new file mode 100644
index 000000000..0ab8674cd
--- /dev/null
+++ b/Box.V2.Test/Extensions/DictionaryExtensions.cs
@@ -0,0 +1,14 @@
+using System;
+using System.Collections.Generic;
+
+namespace Box.V2.Test.Extensions
+{
+    public static class DictionaryExtensions
+    {
+        public static bool ContainsKeyValue<T>(this Dictionary<T, T> dictionary,
+                     T expectedKey, T expectedValue) where T : IEquatable<T>
+        {
+            return dictionary.TryGetValue(expectedKey, out T actualValue) && EqualityComparer<T>.Default.Equals(actualValue, expectedValue);
+        }
+    }
+}
diff --git a/Box.V2/Box.V2.csproj b/Box.V2/Box.V2.csproj
index f5ed6f2f6..b68f6b69e 100644
--- a/Box.V2/Box.V2.csproj
+++ b/Box.V2/Box.V2.csproj
@@ -33,7 +33,7 @@
     <ErrorReport>prompt</ErrorReport>
     <WarningLevel>4</WarningLevel>
   </PropertyGroup>
-    <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'SignedRelease|AnyCPU' ">
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'SignedRelease|AnyCPU' ">
     <DebugType>pdbonly</DebugType>
     <Optimize>true</Optimize>
     <OutputPath>bin\Release\</OutputPath>
@@ -78,6 +78,8 @@
     <Compile Include="Auth\Token\ActorTokenBuilder.cs" />
     <Compile Include="Auth\Token\TokenExchange.cs" />
     <Compile Include="BoxClient.cs" />
+    <Compile Include="CCGAuth\BoxCCGAuth.cs" />
+    <Compile Include="CCGAuth\CCGAuthRepository.cs" />
     <Compile Include="Config\BoxConfigBuilder.cs" />
     <Compile Include="IBoxClient.cs" />
     <Compile Include="Converter\BoxZipConflictConverter.cs" />
diff --git a/Box.V2/CCGAuth/BoxCCGAuth.cs b/Box.V2/CCGAuth/BoxCCGAuth.cs
new file mode 100644
index 000000000..fdb2ace86
--- /dev/null
+++ b/Box.V2/CCGAuth/BoxCCGAuth.cs
@@ -0,0 +1,114 @@
+using System.Threading.Tasks;
+using Box.V2.Auth;
+using Box.V2.Config;
+using Box.V2.Converter;
+using Box.V2.Extensions;
+using Box.V2.Request;
+using Box.V2.Services;
+
+namespace Box.V2.CCGAuth
+{
+    public class BoxCCGAuth
+    {
+        private readonly IBoxService _boxService;
+        private readonly IBoxConfig _boxConfig;
+
+        /// <summary>
+        /// Constructor for CCG authentication
+        /// </summary>
+        /// <param name="boxConfig">Config contains information about client id, client secret, enterprise id.</param>
+        /// <param name="boxService">Box service is used to perform GetToken requests</param>
+        public BoxCCGAuth(IBoxConfig boxConfig, IBoxService boxService)
+        {
+            _boxConfig = boxConfig;
+            _boxService = boxService;
+        }
+
+        /// <summary>
+        /// Constructor for CCG authentication with default boxService
+        /// </summary>
+        /// <param name="boxConfig">Config contains information about client id, client secret, enterprise id.</param>
+        public BoxCCGAuth(IBoxConfig boxConfig) : this(boxConfig, new BoxService(new HttpRequestHandler(boxConfig.WebProxy, boxConfig.Timeout)))
+        {
+
+        }
+
+        /// <summary>
+        /// Create admin BoxClient using an admin access token
+        /// </summary>
+        /// <param name="adminToken">Admin access token</param>
+        /// <param name="asUser">The user ID to set as the 'As-User' header parameter; used to make calls in the context of a user using an admin token</param>
+        /// <param name="suppressNotifications">Whether or not to suppress both email and webhook notifications. Typically used for administrative API calls. Your application must have “Manage an Enterprise” scope, and the user making the API calls is a co-admin with the correct "Edit settings for your company" permission.</param>
+        /// <returns>BoxClient that uses CCG authentication</returns>
+        public IBoxClient AdminClient(string adminToken, string asUser = null, bool? suppressNotifications = null)
+        {
+            var adminSession = Session(adminToken);
+            var authRepo = new CCGAuthRepository(adminSession, this);
+            var adminClient = new BoxClient(_boxConfig, authRepo, asUser: asUser, suppressNotifications: suppressNotifications);
+
+            return adminClient;
+        }
+
+        /// <summary>
+        /// Create user BoxClient using a user access token
+        /// </summary>
+        /// <param name="userToken">User access token</param>
+        /// <param name="userId">Id of the user</param>
+        /// <returns>BoxClient that uses CCG authentication</returns>
+        public IBoxClient UserClient(string userToken, string userId)
+        {
+            var userSession = Session(userToken);
+            var authRepo = new CCGAuthRepository(userSession, this, userId);
+            var userClient = new BoxClient(_boxConfig, authRepo);
+
+            return userClient;
+        }
+
+        /// <summary>
+        /// Get admin token by posting data to auth url
+        /// </summary>
+        /// <returns>Admin token</returns>
+        public async Task<string> AdminTokenAsync()
+        {
+            return (await CCGAuthPostAsync(Constants.RequestParameters.EnterpriseSubType, _boxConfig.EnterpriseId).ConfigureAwait(false)).AccessToken;
+        }
+
+        /// <summary>
+        /// Once you have created an App User or Managed User, you can request a User Access Token via the App Auth feature, which will return the OAuth 2.0 access token for the specified User.
+        /// </summary>
+        /// <param name="userId">Id of the user</param>
+        /// <returns>User token</returns>
+        public async Task<string> UserTokenAsync(string userId)
+        {
+            return (await CCGAuthPostAsync(Constants.RequestParameters.UserSubType, userId).ConfigureAwait(false)).AccessToken;
+        }
+
+        private async Task<OAuthSession> CCGAuthPostAsync(string subType, string subId)
+        {
+            BoxRequest boxRequest = new BoxRequest(_boxConfig.BoxApiHostUri, Constants.AuthTokenEndpointString)
+                                            .Method(RequestMethod.Post)
+                                            .Payload(Constants.RequestParameters.GrantType, Constants.RequestParameters.ClientCredentials)
+                                            .Payload(Constants.RequestParameters.ClientId, _boxConfig.ClientId)
+                                            .Payload(Constants.RequestParameters.ClientSecret, _boxConfig.ClientSecret)
+                                            .Payload(Constants.RequestParameters.SubjectType, subType)
+                                            .Payload(Constants.RequestParameters.SubjectId, subId);
+
+            var converter = new BoxJsonConverter();
+            IBoxResponse<OAuthSession> boxResponse = await _boxService.ToResponseAsync<OAuthSession>(boxRequest).ConfigureAwait(false);
+            boxResponse.ParseResults(converter);
+
+            return boxResponse.ResponseObject;
+
+        }
+
+        /// <summary>
+        /// Create OAuth session from token
+        /// </summary>
+        /// <param name="token">Access token created by method UserToken, or AdminToken</param>
+        /// <returns>OAuth session</returns>
+        public OAuthSession Session(string token)
+        {
+            return new OAuthSession(token, null, Constants.AccessTokenExpirationTime, Constants.BearerTokenType);
+        }
+    }
+}
diff --git a/Box.V2/CCGAuth/CCGAuthRepository.cs b/Box.V2/CCGAuth/CCGAuthRepository.cs
new file mode 100644
index 000000000..5a28f07d8
--- /dev/null
+++ b/Box.V2/CCGAuth/CCGAuthRepository.cs
@@ -0,0 +1,91 @@
+using System;
+using System.Threading.Tasks;
+using Box.V2.Auth;
+
+namespace Box.V2.CCGAuth
+{
+    /// <summary>
+    /// CCG auth repository used by an AdminClient or UserClient
+    /// </summary>
+    public class CCGAuthRepository : IAuthRepository
+    {
+        /// <summary>
+        /// OAuth session
+        /// </summary>
+        public OAuthSession Session { get; private set; }
+
+        /// <summary>
+        /// Box Authentication using a Client Credentials Grant (CCG)
+        /// </summary>
+        public BoxCCGAuth BoxCCGAuth { get; private set; }
+
+        /// <summary>
+        /// Id of the user
+        /// </summary>
+        public string UserId { get; private set; }
+
+        /// <summary>
+        /// Event fired when session is invalidated 
+        /// </summary>
+        public event EventHandler SessionInvalidated;
+
+        /// <summary>
+        /// Event fired after authetication
+        /// </summary>
+        public event EventHandler<SessionAuthenticatedEventArgs> SessionAuthenticated;
+
+        /// <summary>
+        /// Constructor CCG auth repository
+        /// </summary>
+        /// <param name="session">OAuth session</param>
+        /// <param name="boxCCGAuth">CCG authentication</param>
+        /// <param name="userId">Id of the user</param>
+        public CCGAuthRepository(OAuthSession session, BoxCCGAuth boxCCGAuth, string userId = null)
+        {
+            Session = session;
+            BoxCCGAuth = boxCCGAuth;
+            UserId = userId;
+        }
+
+        /// <summary>
+        /// Not used for this type of authentication
+        /// </summary>
+        /// <param name="authCode"></param>
+        /// <returns></returns>
+        public Task<OAuthSession> AuthenticateAsync(string authCode)
+        {
+            throw new NotImplementedException();
+        }
+
+        /// <summary>
+        /// Not used for this type of authentication
+        /// </summary>
+        /// <returns></returns>
+        public Task LogoutAsync()
+        {
+            throw new NotImplementedException();
+        }
+
+        /// <summary>
+        /// Retrieves a new access token using BoxCCGAuth 
+        /// </summary>
+        /// <param name="accessToken">This input is not used. Could be set to null</param>
+        /// <returns>OAuth session</returns>
+        public async Task<OAuthSession> RefreshAccessTokenAsync(string accessToken)
+        {
+            OAuthSession session = UserId != null
+                ? BoxCCGAuth.Session(await BoxCCGAuth.UserTokenAsync(UserId).ConfigureAwait(false))
+                : BoxCCGAuth.Session(await BoxCCGAuth.AdminTokenAsync().ConfigureAwait(false));
+
+            Session = session;
+            OnSessionAuthenticated(session);
+
+            return session;
+        }
+
+        private void OnSessionAuthenticated(OAuthSession session)
+        {
+            SessionAuthenticated?.Invoke(this, new SessionAuthenticatedEventArgs(session));
+        }
+    }
+}
diff --git a/Box.V2/Config/BoxConfigBuilder.cs b/Box.V2/Config/BoxConfigBuilder.cs
index f233469a9..cea5c52a5 100644
--- a/Box.V2/Config/BoxConfigBuilder.cs
+++ b/Box.V2/Config/BoxConfigBuilder.cs
@@ -46,6 +46,34 @@ public BoxConfigBuilder(string clientId, string clientSecret, string enterpriseI
             UserAgent = BoxConfig.DefaultUserAgent;
         }
 
+        /// <summary>
+        /// Instantiates a BoxConfigBuilder for use with CCG authentication
+        /// </summary>
+        /// <param name="clientId"></param>
+        /// <param name="clientSecret"></param>
+        /// <returns>BoxConfigBuilder instance.</returns>
+        public BoxConfigBuilder(string clientId, string clientSecret)
+        {
+            ClientId = clientId;
+            ClientSecret = clientSecret;
+            UserAgent = BoxConfig.DefaultUserAgent;
+        }
+
+        /// <summary>
+        /// Instantiates a BoxConfigBuilder for use with CCG authentication for Enterprise
+        /// </summary>
+        /// <param name="clientId"></param>
+        /// <param name="clientSecret"></param>
+        /// <param name="enterpriseId"></param>
+        /// <returns>BoxConfigBuilder instance.</returns>
+        public BoxConfigBuilder(string clientId, string clientSecret, string enterpriseId)
+        {
+            ClientId = clientId;
+            ClientSecret = clientSecret;
+            EnterpriseId = enterpriseId;
+            UserAgent = BoxConfig.DefaultUserAgent;
+        }
+
         /// <summary>
         /// Create BoxConfigBuilder from json file.
         /// </summary>
diff --git a/Box.V2/Config/Constants.cs b/Box.V2/Config/Constants.cs
index 9c7b4e396..aa050f203 100644
--- a/Box.V2/Config/Constants.cs
+++ b/Box.V2/Config/Constants.cs
@@ -160,6 +160,8 @@ public static class Constants
         public const string AuthHeaderKey = "Authorization";
         public const string V1AuthString = "BoxAuth api_key={0}&auth_token={1}";
         public const string V2AuthString = "Bearer {0}";
+        public const string BearerTokenType = "bearer";
+        public const int AccessTokenExpirationTime = 3600; // seconds
 
         /*** Return types ***/
         public const string TypeFile = "file";
@@ -234,6 +236,9 @@ public static class RequestParameters
 
             public const string Digest = "Digest";
 
+            public const string SubjectType = "box_subject_type";
+            public const string SubjectId = "box_subject_id";
+
             /*** Values ***/
             public const string RefreshToken = "refresh_token";
             public const string AuthorizationCode = "authorization_code";
@@ -261,6 +266,10 @@ public static class RequestParameters
 
             public const string IfMatch = "If-Match";
 
+            public const string ClientCredentials = "client_credentials";
+            public const string UserSubType = "user";
+            public const string EnterpriseSubType = "enterprise";
+
             /*** Values for specifically representations endpoint ***/
             public const string XRepHints = "x-rep-hints";
             public const string SetContentDispositionType = "set_content_disposition_type";

From 2907773947cea204c6ddb7f5308e3342b135ef34 Mon Sep 17 00:00:00 2001
From: mwoda <mwoda@box.com>
Date: Thu, 3 Feb 2022 14:07:30 +0100
Subject: [PATCH 2/3] remove ambigous constructor

---
 Box.V2/Config/BoxConfigBuilder.cs | 15 ---------------
 1 file changed, 15 deletions(-)

diff --git a/Box.V2/Config/BoxConfigBuilder.cs b/Box.V2/Config/BoxConfigBuilder.cs
index cea5c52a5..ecb229619 100644
--- a/Box.V2/Config/BoxConfigBuilder.cs
+++ b/Box.V2/Config/BoxConfigBuilder.cs
@@ -59,21 +59,6 @@ public BoxConfigBuilder(string clientId, string clientSecret)
             UserAgent = BoxConfig.DefaultUserAgent;
         }
 
-        /// <summary>
-        /// Instantiates a BoxConfigBuilder for use with CCG authentication for Enterprise
-        /// </summary>
-        /// <param name="clientId"></param>
-        /// <param name="clientSecret"></param>
-        /// <param name="enterpriseId"></param>
-        /// <returns>BoxConfigBuilder instance.</returns>
-        public BoxConfigBuilder(string clientId, string clientSecret, string enterpriseId)
-        {
-            ClientId = clientId;
-            ClientSecret = clientSecret;
-            EnterpriseId = enterpriseId;
-            UserAgent = BoxConfig.DefaultUserAgent;
-        }
-
         /// <summary>
         /// Create BoxConfigBuilder from json file.
         /// </summary>

From 5a0f6209d3f5a90bb9f044c13d1452c3ba1995a9 Mon Sep 17 00:00:00 2001
From: mwoda <mwoda@box.com>
Date: Thu, 3 Feb 2022 15:13:26 +0100
Subject: [PATCH 3/3] expose enterpriseId setter in BoxConfigBuilder

---
 Box.V2/Config/BoxConfigBuilder.cs | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/Box.V2/Config/BoxConfigBuilder.cs b/Box.V2/Config/BoxConfigBuilder.cs
index ecb229619..0f4e873cf 100644
--- a/Box.V2/Config/BoxConfigBuilder.cs
+++ b/Box.V2/Config/BoxConfigBuilder.cs
@@ -238,6 +238,17 @@ public BoxConfigBuilder SetTimeout(TimeSpan timeout)
             return this;
         }
 
+        /// <summary>
+        /// Sets enterprise id.
+        /// </summary>
+        /// <param name="enterpriseId">Enteprise id.</param>
+        /// <returns>this BoxConfigBuilder object for chaining</returns>
+        public BoxConfigBuilder SetEnterpriseId(string enterpriseId)
+        {
+            EnterpriseId = enterpriseId;
+            return this;
+        }
+
         public string ClientId { get; private set; }
         public string ClientSecret { get; private set; }
         public string EnterpriseId { get; private set; }