fix: include twitter client secret

2026-02-22 06:50:53 +08:00 · 2025-07-16 19:43:54 +08:00
parent ee25ba8ec6
commit a97818aa7e
1 changed files with 6 additions and 1 deletions
--- a/src/main/java/com/openisle/service/TwitterAuthService.java
+++ b/src/main/java/com/openisle/service/TwitterAuthService.java
@@ -28,6 +28,9 @@ public class TwitterAuthService {
    @Value("${twitter.client-id:}")
    private String clientId;

+    @Value("${twitter.client-secret:}")
+    private String clientSecret;
+
    public Optional<User> authenticate(
            String code,
            String codeVerifier,
@@ -50,7 +53,9 @@ public class TwitterAuthService {
        body.add("code_verifier", codeVerifier);
        body.add("redirect_uri", redirectUri);      // 一律必填
        // 如果你的 app 属于机密客户端，必须带 client_secret
-        // body.add("client_secret", clientSecret);
+        if (clientSecret != null && !clientSecret.isBlank()) {
+            body.add("client_secret", clientSecret);
+        }

        ResponseEntity<JsonNode> tokenRes;
        try {