lib-oauth2: Add client_id and client_secret to introspect request

diff --git a/src/lib-oauth2/oauth2-introspect.c b/src/lib-oauth2/oauth2-introspect.c
index 023bb5af4e0179458477bad98fa4476e36c555e3..3400ed6716ad2dc46980243a218f499ad0e6ba3a 100644 (file)
--- a/src/lib-oauth2/oauth2-introspect.c
+++ b/src/lib-oauth2/oauth2-introspect.c
@@ -81,6 +81,10 @@ oauth2_introspection_start(const struct oauth2_settings *set,
 
        if (set->introspection_mode == INTROSPECTION_MODE_GET) {
                http_url_escape_param(enc, input->token);
+               str_append(enc, "&client_id=");
+               http_url_escape_param(enc, set->client_id);
+               str_append(enc, "&client_secret=");
+               http_url_escape_param(enc, set->client_secret);
        }
 
        if (set->introspection_mode == INTROSPECTION_MODE_POST) {
@@ -91,6 +95,10 @@ oauth2_introspection_start(const struct oauth2_settings *set,
                enc = t_str_new(strlen(input->token)+6);
                str_append(enc, "token=");
                http_url_escape_param(enc, input->token);
+               str_append(enc, "&client_id=");
+               http_url_escape_param(enc, set->client_id);
+               str_append(enc, "&client_secret=");
+               http_url_escape_param(enc, set->client_secret);
                http_client_request_add_header(req->req, "Content-Type",
                                               "application/x-www-form-urlencoded");
                http_client_request_set_payload_data(req->req, enc->data, enc->used);