fix(api): 🛂 Default grant_type to authorization_code in token requests

2025-12-06 16:38:19 +01:00 · 2024-07-22 15:54:53 +02:00 · 2024-07-22 15:54:53 +02:00 · f3902f8c7b
parent 757eb835e9
commit f3902f8c7b
1 changed files with 12 additions and 10 deletions
--- a/server/api/oauth/token/index.ts
+++ b/server/api/oauth/token/index.ts
@ -23,16 +23,18 @@ export const schemas = {
    json: z.object({
        code: z.string().optional(),
        code_verifier: z.string().optional(),
-        grant_type: z.enum([
-            "authorization_code",
-            "refresh_token",
-            "client_credentials",
-            "password",
-            "urn:ietf:params:oauth:grant-type:device_code",
-            "urn:ietf:params:oauth:grant-type:token-exchange",
-            "urn:ietf:params:oauth:grant-type:saml2-bearer",
-            "urn:openid:params:grant-type:ciba",
-        ]),
+        grant_type: z
+            .enum([
+                "authorization_code",
+                "refresh_token",
+                "client_credentials",
+                "password",
+                "urn:ietf:params:oauth:grant-type:device_code",
+                "urn:ietf:params:oauth:grant-type:token-exchange",
+                "urn:ietf:params:oauth:grant-type:saml2-bearer",
+                "urn:openid:params:grant-type:ciba",
+            ])
+            .default("authorization_code"),
        client_id: z.string().optional(),
        client_secret: z.string().optional(),
        username: z.string().trim().optional(),