Skip to content

Commit

Permalink
Fix issues in existing client credentials change
Browse files Browse the repository at this point in the history
This fixes two issues in the existing client credentials change:

- client_credentials was not listed as a supported grant type
- access tokens are not the storage ID

Signed-off-by: Michael Kelly <[email protected]>
  • Loading branch information
kellyma2 authored and CI Bot committed Jun 30, 2023
1 parent a6d141d commit be25663
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 2 deletions.
8 changes: 7 additions & 1 deletion server/handlers.go
Original file line number Diff line number Diff line change
Expand Up @@ -1103,7 +1103,13 @@ func (s *Server) handleClientCredentialsGrant(w http.ResponseWriter, r *http.Req

claims := storage.Claims{UserID: client.ID}

accessToken := storage.NewID()
accessToken, err := s.newAccessToken(client.ID, claims, scopes, nonce, "client")
if err != nil {
s.logger.Errorf("failed to create new access token: %v", err)
s.tokenErrHelper(w, errServerError, err.Error(), http.StatusInternalServerError)
return
}

idToken, expiry, err := s.newIDToken(client.ID, claims, scopes, nonce, accessToken, "", "client")
if err != nil {
s.tokenErrHelper(w, errServerError, fmt.Sprintf("failed to create ID token: %v", err), http.StatusInternalServerError)
Expand Down
2 changes: 1 addition & 1 deletion server/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -213,7 +213,7 @@ func newServer(ctx context.Context, c Config, rotationStrategy rotationStrategy)
c.SupportedResponseTypes = []string{responseTypeCode}
}

supportedGrant := []string{grantTypeAuthorizationCode, grantTypeRefreshToken, grantTypeDeviceCode} // default
supportedGrant := []string{grantTypeAuthorizationCode, grantTypeRefreshToken, grantTypeDeviceCode, grantTypeClientCredentials} // default
supportedRes := make(map[string]bool)

for _, respType := range c.SupportedResponseTypes {
Expand Down

0 comments on commit be25663

Please sign in to comment.