From a97818aa7ec5e96db816928451e6c980e38fbee7 Mon Sep 17 00:00:00 2001
From: Tim <135014430+nagisa77@users.noreply.github.com>
Date: Wed, 16 Jul 2025 19:43:54 +0800
Subject: [PATCH] fix: include twitter client secret

---
 src/main/java/com/openisle/service/TwitterAuthService.java | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/main/java/com/openisle/service/TwitterAuthService.java b/src/main/java/com/openisle/service/TwitterAuthService.java
index 52bdc0825..aaaf52ae7 100644
--- a/src/main/java/com/openisle/service/TwitterAuthService.java
+++ b/src/main/java/com/openisle/service/TwitterAuthService.java
@@ -28,6 +28,9 @@ public class TwitterAuthService {
     @Value("${twitter.client-id:}")
     private String clientId;
 
+    @Value("${twitter.client-secret:}")
+    private String clientSecret;
+
     public Optional<User> authenticate(
             String code,
             String codeVerifier,
@@ -50,7 +53,9 @@ public class TwitterAuthService {
         body.add("code_verifier", codeVerifier);
         body.add("redirect_uri", redirectUri);      // 一律必填
         // 如果你的 app 属于机密客户端，必须带 client_secret
-        // body.add("client_secret", clientSecret);
+        if (clientSecret != null && !clientSecret.isBlank()) {
+            body.add("client_secret", clientSecret);
+        }
 
         ResponseEntity<JsonNode> tokenRes;
         try {