From f3902f8c7b1e2eac2c1f7e09d7e0bf5d6bbad457 Mon Sep 17 00:00:00 2001
From: Jesse Wierzbinski <contact@cpluspatch.com>
Date: Mon, 22 Jul 2024 15:54:53 +0200
Subject: [PATCH] fix(api): :passport_control: Default grant_type to
 authorization_code in token requests

---
 server/api/oauth/token/index.ts | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/server/api/oauth/token/index.ts b/server/api/oauth/token/index.ts
index c0f42a4c..1871a002 100644
--- a/server/api/oauth/token/index.ts
+++ b/server/api/oauth/token/index.ts
@@ -23,16 +23,18 @@ export const schemas = {
     json: z.object({
         code: z.string().optional(),
         code_verifier: z.string().optional(),
-        grant_type: z.enum([
-            "authorization_code",
-            "refresh_token",
-            "client_credentials",
-            "password",
-            "urn:ietf:params:oauth:grant-type:device_code",
-            "urn:ietf:params:oauth:grant-type:token-exchange",
-            "urn:ietf:params:oauth:grant-type:saml2-bearer",
-            "urn:openid:params:grant-type:ciba",
-        ]),
+        grant_type: z
+            .enum([
+                "authorization_code",
+                "refresh_token",
+                "client_credentials",
+                "password",
+                "urn:ietf:params:oauth:grant-type:device_code",
+                "urn:ietf:params:oauth:grant-type:token-exchange",
+                "urn:ietf:params:oauth:grant-type:saml2-bearer",
+                "urn:openid:params:grant-type:ciba",
+            ])
+            .default("authorization_code"),
         client_id: z.string().optional(),
         client_secret: z.string().optional(),
         username: z.string().trim().optional(),