Use GET request method for calling OAuth2 userInfoUri

trinodb · Mar 11, 2022 · 74661d6 · 74661d6
1 parent e5732f8
commit 74661d6
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/core/trino-main/src/main/java/io/trino/server/security/oauth2/OAuth2Service.java b/core/trino-main/src/main/java/io/trino/server/security/oauth2/OAuth2Service.java
@@ -63,7 +63,7 @@
 import static java.nio.charset.StandardCharsets.UTF_8;
 import static java.time.Instant.now;
 import static java.util.Objects.requireNonNull;
-import static javax.ws.rs.HttpMethod.POST;
+import static javax.ws.rs.HttpMethod.GET;
 import static javax.ws.rs.core.Response.Status.BAD_REQUEST;
 
 public class OAuth2Service
@@ -316,7 +316,7 @@ private Optional<Claims> internalConvertTokenToClaims(String accessToken)
         if (userinfoUri.isPresent()) {
             // validate access token is trusted by remote userinfo endpoint
             Request request = Request.builder()
-                    .setMethod(POST)
+                    .setMethod(GET)
                     .addHeader(AUTHORIZATION, "Bearer " + accessToken)
                     .setUri(userinfoUri.get())
                     .build();