fix(server): basic auth check

Merge pull request #293 from luclu7/main
fix: codeVerifier shouldn't be empty for basic auth
2022-11-17 05:44:40 +05:30 · 2022-11-17 05:44:01 +05:30 · 2022-11-16 23:31:39 +01:00 · 2022-11-16 22:40:45 +05:30
1 changed files with 6 additions and 0 deletions
--- a/server/handlers/token.go
+++ b/server/handlers/token.go
@@ -64,6 +64,12 @@ func TokenHandler() gin.HandlerFunc {
 			})
 		}

+		// check if clientID & clientSecret are present as part of
+		// authorization header with basic auth
+		if clientID == "" && clientSecret == "" {
+			clientID, clientSecret, _ = gc.Request.BasicAuth()
+		}
+
 		if clientID == "" {
 			log.Debug("Client ID is empty")
 			gc.JSON(http.StatusBadRequest, gin.H{
Author	SHA1	Message	Date
Lakhan Samani	0dd06d9afd	fix(server): basic auth check	2022-11-17 05:44:40 +05:30
Lakhan Samani	d2f472a9cf	Merge pull request #293 from luclu7/main fix: codeVerifier shouldn't be empty for basic auth	2022-11-17 05:44:01 +05:30
Luclu7	4678193300	fix: codeVerifier shouldn't be empty for basic auth	2022-11-16 23:31:39 +01:00
Lakhan Samani	67be8ae285	feat(server): allow using client_id & secret from basic auth header in token endpoint	2022-11-16 22:40:45 +05:30