OAuth: allow HTTP Basic client authentication

author: Vitaly Takmazov 2023-01-04 08:53:22 +0300
committer: Vitaly Takmazov 2023-01-04 08:53:22 +0300
commit: 6d74934d18f345f2ffcbc219d13dd63a2f0b9810 (patch)
tree: d3ef48bc2f572eba2ab5bbe145a9ada36d9cc766 /src/main/java/com/juick/www/api/Mastodon.java
parent: d1569d9d2b6474fc7f6b3bb590d13ea04094b3fd (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/src/main/java/com/juick/www/api/Mastodon.java b/src/main/java/com/juick/www/api/Mastodon.java
index 69f0f4f6..ff7f2e8c 100644
--- a/src/main/java/com/juick/www/api/Mastodon.java
+++ b/src/main/java/com/juick/www/api/Mastodon.java
@@ -34,6 +34,7 @@ import javax.inject.Inject;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
+import java.util.List;
 import java.util.UUID;
 
 @RestController
@@ -84,7 +85,10 @@ public class Mastodon {
                 .clientId(UUID.randomUUID().toString())
                 .clientSecret("{noop}" + secret)
                 .clientName(clientName)
-                .clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_POST)
+                .clientAuthenticationMethods(coll -> coll.addAll(List.of(
+                    ClientAuthenticationMethod.CLIENT_SECRET_POST,
+                    ClientAuthenticationMethod.CLIENT_SECRET_BASIC
+                )))
                 .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
                 .redirectUri(redirectUris)
                 .scopes((coll) -> coll.addAll(parseScopes(scopes)))
author	Vitaly Takmazov	2023-01-04 08:53:22 +0300
committer	Vitaly Takmazov	2023-01-04 08:53:22 +0300
commit	6d74934d18f345f2ffcbc219d13dd63a2f0b9810 (patch)
tree	d3ef48bc2f572eba2ab5bbe145a9ada36d9cc766 /src/main/java/com/juick/www/api/Mastodon.java
parent	d1569d9d2b6474fc7f6b3bb590d13ea04094b3fd (diff)