diff --git a/clientcredentials/clientcredentials_test.go b/clientcredentials/clientcredentials_test.go index 061b43b..a18e95a 100644 --- a/clientcredentials/clientcredentials_test.go +++ b/clientcredentials/clientcredentials_test.go @@ -48,8 +48,8 @@ func TestTokenRequest(t *testing.T) { if err != nil { t.Errorf("failed reading request body: %s.", err) } - if string(body) != "client_id=CLIENT_ID&grant_type=client_credentials&scope=scope1+scope2" { - t.Errorf("payload = %q; want %q", string(body), "client_id=CLIENT_ID&grant_type=client_credentials&scope=scope1+scope2") + if string(body) != "grant_type=client_credentials&scope=scope1+scope2" { + t.Errorf("payload = %q; want %q", string(body), "grant_type=client_credentials&scope=scope1+scope2") } w.Header().Set("Content-Type", "application/x-www-form-urlencoded") w.Write([]byte("access_token=90d64460d14870c08c81352a05dedd3465940a7c&token_type=bearer")) @@ -84,7 +84,7 @@ func TestTokenRefreshRequest(t *testing.T) { t.Errorf("Unexpected Content-Type header, %v is found.", headerContentType) } body, _ := ioutil.ReadAll(r.Body) - if string(body) != "client_id=CLIENT_ID&grant_type=client_credentials&scope=scope1+scope2" { + if string(body) != "grant_type=client_credentials&scope=scope1+scope2" { t.Errorf("Unexpected refresh token payload, %v is found.", string(body)) } })) diff --git a/internal/token.go b/internal/token.go index 1c0ec76..2c1b857 100644 --- a/internal/token.go +++ b/internal/token.go @@ -153,9 +153,9 @@ func RetrieveToken(ctx context.Context, clientID, clientSecret, tokenURL string, if err != nil { return nil, err } - v.Set("client_id", clientID) bustedAuth := !providerAuthHeaderWorks(tokenURL) if bustedAuth && clientSecret != "" { + v.Set("client_id", clientID) v.Set("client_secret", clientSecret) } req, err := http.NewRequest("POST", tokenURL, strings.NewReader(v.Encode())) diff --git a/oauth2.go b/oauth2.go index 7b06bfe..3e4835d 100644 --- a/oauth2.go +++ b/oauth2.go @@ -180,7 +180,6 @@ func (c *Config) Exchange(ctx context.Context, code string) (*Token, error) { "grant_type": {"authorization_code"}, "code": {code}, "redirect_uri": internal.CondVal(c.RedirectURL), - "scope": internal.CondVal(strings.Join(c.Scopes, " ")), }) } diff --git a/oauth2_test.go b/oauth2_test.go index e98c01a..e757b0f 100644 --- a/oauth2_test.go +++ b/oauth2_test.go @@ -89,7 +89,7 @@ func TestExchangeRequest(t *testing.T) { if err != nil { t.Errorf("Failed reading request body: %s.", err) } - if string(body) != "client_id=CLIENT_ID&code=exchange-code&grant_type=authorization_code&redirect_uri=REDIRECT_URL&scope=scope1+scope2" { + if string(body) != "code=exchange-code&grant_type=authorization_code&redirect_uri=REDIRECT_URL" { t.Errorf("Unexpected exchange payload, %v is found.", string(body)) } w.Header().Set("Content-Type", "application/x-www-form-urlencoded") @@ -133,7 +133,7 @@ func TestExchangeRequest_JSONResponse(t *testing.T) { if err != nil { t.Errorf("Failed reading request body: %s.", err) } - if string(body) != "client_id=CLIENT_ID&code=exchange-code&grant_type=authorization_code&redirect_uri=REDIRECT_URL&scope=scope1+scope2" { + if string(body) != "code=exchange-code&grant_type=authorization_code&redirect_uri=REDIRECT_URL" { t.Errorf("Unexpected exchange payload, %v is found.", string(body)) } w.Header().Set("Content-Type", "application/json") @@ -325,7 +325,7 @@ func TestPasswordCredentialsTokenRequest(t *testing.T) { if err != nil { t.Errorf("Failed reading request body: %s.", err) } - expected = "client_id=CLIENT_ID&grant_type=password&password=password1&scope=scope1+scope2&username=user1" + expected = "grant_type=password&password=password1&scope=scope1+scope2&username=user1" if string(body) != expected { t.Errorf("res.Body = %q; want %q", string(body), expected) } @@ -364,7 +364,7 @@ func TestTokenRefreshRequest(t *testing.T) { t.Errorf("Unexpected Content-Type header, %v is found.", headerContentType) } body, _ := ioutil.ReadAll(r.Body) - if string(body) != "client_id=CLIENT_ID&grant_type=refresh_token&refresh_token=REFRESH_TOKEN" { + if string(body) != "grant_type=refresh_token&refresh_token=REFRESH_TOKEN" { t.Errorf("Unexpected refresh token payload, %v is found.", string(body)) } }))