File tree Expand file tree Collapse file tree 1 file changed +8
-2
lines changed
Expand file tree Collapse file tree 1 file changed +8
-2
lines changed Original file line number Diff line number Diff line change @@ -905,7 +905,10 @@ def oidc_login():
905905 oauth = OAuth (current_app )
906906
907907 # Register the OIDC client
908- client_kwargs = {'scope' : 'openid profile email' }
908+ client_kwargs = {
909+ 'scope' : 'openid profile email' ,
910+ 'token_endpoint_auth_method' : 'client_secret_post' # Send credentials in POST body instead of header
911+ }
909912
910913 # Check if using discovery or manual endpoints
911914 if oidc_config .discovery_endpoint and oidc_config .discovery_endpoint .strip ():
@@ -991,7 +994,10 @@ def oidc_callback():
991994 use_manual = session .get ('oidc_use_manual' , False )
992995
993996 # Register the OIDC client (same as in login)
994- client_kwargs = {'scope' : 'openid profile email' }
997+ client_kwargs = {
998+ 'scope' : 'openid profile email' ,
999+ 'token_endpoint_auth_method' : 'client_secret_post' # Send credentials in POST body instead of header
1000+ }
9951001
9961002 if not use_manual and oidc_config .discovery_endpoint and oidc_config .discovery_endpoint .strip ():
9971003 # Try discovery endpoint
You can’t perform that action at this time.
0 commit comments