Skip to content

Commit

Permalink
AuzerAD: Handle empty client_authentication case (grafana#99437)
Browse files Browse the repository at this point in the history 
AuzerAD: Require client secret when client_authentication is set to empty string
  • Loading branch information
@kalleep
kalleep authored Jan 23, 2025
1 parent b034779 commit b79f1b2
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion pkg/login/social/connectors/azuread_oauth.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -373,7 +373,7 @@ func validateClientAuthentication(info *social.OAuthInfo, requester identity.Req
}
return nil

case social.ClientSecretPost:
case social.ClientSecretPost, "":
if info.ClientSecret == "" {
return ssosettings.ErrInvalidOAuthConfig("Client secret is required for Client secret authentication.")
}
Expand Down

0 comments on commit b79f1b2

Please sign in to comment.