Add Client Credentials Flow (Service Account) support to Authorizatio…

[Eldin-Behlic]

Add Client Credentials Flow (Service Account) support to AuthorizationService

Description

Adds support for Fortnox's Client Credentials Flow (Service Accounts), enabling server-to-server integrations without user-tied OAuth tokens.

Changes

• Added GetServiceAccountTokenAsync method to AuthorizationService and FortnoxAPIClient
• Added account_type parameter to GetAuthorizationUrl for service account activation
• Created new ServiceAccountToken model with AccessToken, TokenType, and ExpiresIn properties

Usage

// 1. Generate authorization URL with account_type=service
var authUrl = AuthorizationService.GetAuthorizationUrl(
    clientId, redirectUri, scopes, state, accountType: "service");

// 2. After consent, get tokens using Client Credentials Flow
var token = await AuthorizationService.GetServiceAccountTokenAsync(
    clientId, clientSecret, tenantId);

// Token is valid for 1 hour - request a new one when expired (no refresh token)

Notes

• Service accounts are not tied to individual users
• Tokens expire after 1 hour (3600 seconds)
• No refresh token is provided - simply request a new token when expired
• tenantId can be obtained via webhook (consent.created event) or from /3/companyinformation (DatabaseNumber field)

[Copilot]

Pull request overview

This PR adds support for Fortnox's Client Credentials Flow (Service Accounts), enabling server-to-server integrations without user-tied OAuth tokens. The implementation follows existing patterns in the codebase for OAuth flows, adding new methods to exchange credentials for service account tokens and extending the authorization URL generation to support service account activation.

• Added GetServiceAccountTokenAsync method that implements the Client Credentials Flow for obtaining access tokens
• Extended GetAuthorizationUrl with an optional accountType parameter to enable service account creation during the OAuth flow
• Introduced ServiceAccountToken model to represent the response from the Client Credentials Flow (containing access_token, token_type, and expires_in)

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 6 comments.

File	Description
Fortnox.NET/Services/AuthorizationService.cs	Added GetServiceAccountTokenAsync method and accountType parameter to GetAuthorizationUrl for service account support
Fortnox.NET/Models/Authorization/ServiceAccountToken.cs	New model representing service account token response with AccessToken, TokenType, and ExpiresIn properties
Fortnox.NET/Communication/FortnoxAPIClient.cs	Implemented internal GetServiceAccountTokenAsync method to handle HTTP communication for Client Credentials Flow; minor whitespace formatting fixes
Fortnox.NET/Fortnox.NET.csproj	Version bump from 3.4.0 to 3.5.0

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[GGAlanSmithee]

LGTM!