fix: check for mTLS request options during token_endpoint calls

panva · Dec 6, 2019 · 269569f · 269569f
1 parent 0ebf798
commit 269569f
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/lib/helpers/client.js b/lib/helpers/client.js
@@ -128,7 +128,8 @@ async function authenticatedPost(endpoint, opts, {
   const auth = await authFor.call(this, endpointAuthMethod, { clientAssertionPayload });
   const requestOpts = merge(opts, auth, { form: true });
 
-  const mTLS = this[`${endpointAuthMethod}_endpoint_auth_method`].includes('tls_client_auth');
+  const mTLS = this[`${endpointAuthMethod}_endpoint_auth_method`].includes('tls_client_auth')
+    || (endpoint === 'token' && this.tls_client_certificate_bound_access_tokens);
 
   let targetUrl;
   if (mTLS) {