From 59bfbd3b1e131287ea23ab4a1b83d3e014773ade Mon Sep 17 00:00:00 2001 From: Michael Kelly Date: Fri, 3 Dec 2021 10:17:21 -0800 Subject: [PATCH] Fix issues in existing client credentials change This fixes two issues in the existing client credentials change: - client_credentials was not listed as a supported grant type - access tokens are not the storage ID Signed-off-by: Michael Kelly --- server/handlers.go | 8 +++++++- server/server.go | 2 +- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/server/handlers.go b/server/handlers.go index 1854c56546..a72c00ebd5 100755 --- a/server/handlers.go +++ b/server/handlers.go @@ -1046,7 +1046,13 @@ func (s *Server) handleClientCredentialsGrant(w http.ResponseWriter, r *http.Req claims := storage.Claims{UserID: client.ID} - accessToken := storage.NewID() + accessToken, err := s.newAccessToken(client.ID, claims, scopes, nonce, "client") + if err != nil { + s.logger.Errorf("failed to create new access token: %v", err) + s.tokenErrHelper(w, errServerError, err.Error(), http.StatusInternalServerError) + return + } + idToken, expiry, err := s.newIDToken(client.ID, claims, scopes, nonce, accessToken, "", "client") if err != nil { s.tokenErrHelper(w, errServerError, fmt.Sprintf("failed to create ID token: %v", err), http.StatusInternalServerError) diff --git a/server/server.go b/server/server.go index df16e655cf..216f22b60b 100755 --- a/server/server.go +++ b/server/server.go @@ -213,7 +213,7 @@ func newServer(ctx context.Context, c Config, rotationStrategy rotationStrategy) c.SupportedResponseTypes = []string{responseTypeCode} } - supportedGrant := []string{grantTypeAuthorizationCode, grantTypeRefreshToken, grantTypeDeviceCode} // default + supportedGrant := []string{grantTypeAuthorizationCode, grantTypeRefreshToken, grantTypeDeviceCode, grantTypeClientCredentials} // default supportedRes := make(map[string]bool) for _, respType := range c.SupportedResponseTypes {