Nerzal/gocloak

GetToken with Client Secret always uses basic auth

jet-go opened this issue · 2 comments

jet-go commented

Describe the bug
If we use ClientID/ClientSecret, it's always set as BasicAuth header.
If we try to login/generate tokens for client_id with colon : (eg. client_id: my_svc:my_app), the basic auth fails (basic auth doesn't allow username with colons)

To Reproduce
Steps to reproduce the behavior:

  1. Try to generate tokens using client-id/client-secret with client_id including atleast one colon.

Expected behavior
Expected to use client_secret in form body as default or allow option to switch the auth type.

jet-go commented

either adding a new option to choose auth type or https://github.com/Nerzal/gocloak/blob/v13.8.0/client.go#L84-L94 or adding json tag might fix it. https://github.com/Nerzal/gocloak/blob/v13.8.0/models.go#L925-L927 (still need to test it though)

jet-go commented

I was able resolve it with resty middleware. Let me close this.

rc := resty.New()
rc.OnBeforeRequest(func(c *resty.Client, r *resty.Request) error {
  r.SetFormData(map[string]string{"client_secret": client_secret))
  return nil
})
gc := gocloak.NewClient(uri)
gc.SetRestyClient(rc)