feat: Make non public client authenticate with secret in basic

formancehq · Aug 4, 2022 · 1e9c25e · 1e9c25e
1 parent cda8889
commit 1e9c25e
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/pkg/client.go b/pkg/client.go
@@ -66,13 +66,18 @@ func (c *Client) Update(opts ClientOptions) {
 	if !opts.Public {
 		grantTypes = append(grantTypes, oidc.GrantTypeClientCredentials)
 	}
+	authMethod := oidc.AuthMethodNone
+	if !opts.Public {
+		authMethod = oidc.AuthMethodBasic
+	}
 
 	c.GrantTypes = grantTypes
 	c.RedirectURIs = opts.RedirectUris
 	c.PostLogoutRedirectUris = opts.PostLogoutRedirectUris
 	c.Description = opts.Description
 	c.Name = opts.Name
 	c.Metadata = opts.Metadata
+	c.AuthMethod = authMethod
 }
 
 func (c *Client) GenerateNewSecret(name string) (ClientSecret, string) {
@@ -127,7 +132,6 @@ func NewClient(opts ClientOptions) *Client {
 	client := &Client{
 		Id:              uuid.NewString(),
 		ApplicationType: op.ApplicationTypeWeb,
-		AuthMethod:      oidc.AuthMethodNone,
 		ResponseTypes:   []oidc.ResponseType{oidc.ResponseTypeCode},
 		AccessTokenType: op.AccessTokenTypeJWT,
 	}