From 3bbd143efd807a7cc0c7183b0e4c782b80478c3c Mon Sep 17 00:00:00 2001
From: Jan-Hendrik Willms <tleilax+studip@gmail.com>
Date: Tue, 4 Apr 2023 06:30:25 +0000
Subject: [PATCH] allow grant type 'refresh_token' as well, fixes #2507

Closes #2507

Merge request studip/studip!1694
---
 lib/classes/OAuth2/Bridge/ClientRepository.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/classes/OAuth2/Bridge/ClientRepository.php b/lib/classes/OAuth2/Bridge/ClientRepository.php
index b6fd4f6a856..526e8397ade 100644
--- a/lib/classes/OAuth2/Bridge/ClientRepository.php
+++ b/lib/classes/OAuth2/Bridge/ClientRepository.php
@@ -37,9 +37,10 @@ class ClientRepository implements ClientRepositoryInterface
      */
     public function validateClient($clientIdentifier, $clientSecret, $grantType): bool
     {
-        if ($grantType !== 'authorization_code') {
+        if (!in_array($grantType, ['authorization_code', 'refresh_token'])) {
             return false;
         }
+
         $client = Client::findActive($clientIdentifier);
         if (!$client) {
             return false;
-- 
GitLab