grant_type password doesn't require client_secret

[#167502528] Signed-off-by: Joshua Casey <[email protected]> Co-authored-by: Joshua Casey <[email protected]>
cloudfoundry · Jul 30, 2019 · 347645d · 347645d
1 parent da1d1fc
commit 347645d
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 13 deletions.
diff --git a/clients.go b/clients.go
@@ -123,10 +123,6 @@ func (c *Client) Validate() error {
 		return err
 	}
 
-	if err := requireClientSecretForGrantType(c, PASSWORD); err != nil {
-		return err
-	}
-
 	if err := requireClientSecretForGrantType(c, CLIENTCREDENTIALS); err != nil {
 		return err
 	}

diff --git a/clients_test.go b/clients_test.go
@@ -244,15 +244,6 @@ func testClientExtra(t *testing.T, when spec.G, it spec.S) {
 				Expect(err).NotTo(BeNil())
 				Expect(err.Error()).To(Equal("client_id must be specified in the client definition"))
 			})
-
-			it("requires client_secret", func() {
-				client := uaa.Client{
-					ClientID:             "myclient",
-					AuthorizedGrantTypes: []string{"password"},
-				}
-				err := client.Validate()
-				Expect(err.Error()).To(Equal("client_secret must be specified for password grant type"))
-			})
 		})
 	})