Use @types/simple-oauth2 instead of redoing it

[voxpelli]

Prior to #172 the Credentials was typed to a much more slim subset of what simple-oauth2 currently accepts, but in #172 (which contained #170 / #152) it was extended to pretty much be the full typing of simple-oauth2, but without actually referring to @types/simple-oauth2.

This PR adds @types/simple-oauth2 and uses the types from that one instead – and does so in a backwards compatible way by keeping ProviderConfiguration and Credentials.

My personal motivation for this was that I wanted to add a HTTP Header to some requests (I want to add a User-Agent as I personally think that's good practice to do) and when I looked around if it was supported I realized that it was, but through the Credentials['http'] that's currently typed as:

http?: {} | undefined;

This is what it looks like in @types/simple-oauth2, much more complete:

http?: Omit<WreckHttpOptions, 'baseUrl' | 'headers' | 'redirects' | 'json'> & {
    baseUrl?: undefined;
    headers?: {
        /**
         * Acceptable http response content type. Defaults to application/json
         */
        accept?: string;
        /**
         * Always overriden by the library to properly send the required credentials on each scenario
         */
        authorization?: string;
        [key: string]: unknown
    } | undefined;
    /**
     * Number or redirects to follow. Defaults to false (no redirects)
     */
    redirects?: false | number | undefined;
    /**
     * JSON response parsing mode. Defaults to strict
     */
    json?: boolean | "strict" | "force" | undefined;
 } | undefined;

When looking through the git log, PR:s and issues I can't find any mentioning of why these types wasn't referred to instead of duplicating them. Maybe the @types/simple-oauth2 wasn't available at the time, but now that they are I think its a good idea to refer to them.

Checklist

• run npm run test and npm run benchmark
• tests and/or benchmarks are included
• documentation is changed or added
• commit message and code follows the Developer's Certification of Origin
  and the Code of conduct

[Uzlopak]

Lets discuss this first:

By putting it as dependency and not dev dependency the types package will also be installed as production dependencies by Projects that use this plugin.

[voxpelli]

By putting it as dependency and not dev dependency the types package will also be installed as production dependencies by Projects that use this plugin.

Yes, that is unfortunate, it's a balancing act between smaller install size and correct/complete types I think.

One improvement could be that this module stops blankety passing through the options to simple-oauth2 and instead manages its own.

Another could be to add these types as a dev dependency and validate in the type tests that the types defined in this module are indeed assignable to the one in simple-oauth2

The latter I would then like to complement with fleshing out some of the http options (which in the simple-oauth2 types extend from wreck, so would need to be partially copied from there as well)

[Uzlopak]

Maybe better to talk to the simple-oauth2 team to merge this PR
lelylan/simple-oauth2#436

[voxpelli]

@Uzlopak One doesn't exclude the other. Also, that PR has some of the same concerns (lelylan/simple-oauth2#436 (comment)) as I raise here.

[voxpelli]

I'll make an alternative PR soon that avoids adding this as a prod dependency

[voxpelli]

@Uzlopak Perhaps the solution in #229 is better then?

[voxpelli]

Closing in favor of #229