Skip to content

Commit

Permalink
lib-oauth2: Add client_id and client_secret to introspect request
Browse files Browse the repository at this point in the history
  • Loading branch information
@Sergey-Kitov @cmouse
Sergey-Kitov authored and cmouse committed Mar 14, 2019
1 parent d90893e commit 66f4367
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions src/lib-oauth2/oauth2-introspect.c
View file
Expand Up @@ -81,6 +81,10 @@ oauth2_introspection_start(const struct oauth2_settings *set,

if (set->introspection_mode == INTROSPECTION_MODE_GET) {
http_url_escape_param(enc, input->token);
str_append(enc, "&client_id=");
http_url_escape_param(enc, set->client_id);
str_append(enc, "&client_secret=");
http_url_escape_param(enc, set->client_secret);
}

if (set->introspection_mode == INTROSPECTION_MODE_POST) {
Expand All @@ -91,6 +95,10 @@ oauth2_introspection_start(const struct oauth2_settings *set,
enc = t_str_new(strlen(input->token)+6);
str_append(enc, "token=");
http_url_escape_param(enc, input->token);
str_append(enc, "&client_id=");
http_url_escape_param(enc, set->client_id);
str_append(enc, "&client_secret=");
http_url_escape_param(enc, set->client_secret);
http_client_request_add_header(req->req, "Content-Type",
"application/x-www-form-urlencoded");
http_client_request_set_payload_data(req->req, enc->data, enc->used);
Expand Down

0 comments on commit 66f4367

Please sign in to comment.