Relax detection of client authentication type (#2757)

2022-05-25 15:24:13 +02:00 · 2022-05-25 15:24:13 +02:00 · d7ed5c9e35
parent 3a82e3af7b
commit d7ed5c9e35
1 changed files with 1 additions and 1 deletions
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm
@ -1463,7 +1463,7 @@ sub getEndPointAuthenticationCredentials {
        $self->logger->error("Bad authentication header: $@") if ($@);

        # Using multiple methods is an error
-        if ( $req->param('client_id') ) {
+        if ( $req->param('client_id') and $req->param('client_secret') ) {
            $self->logger->error("Multiple client authentication methods used");
            ( $client_id, $client_secret ) = ( undef, undef );
        }