From cd6d486d585e8aced39129b282a4428df26f1971 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vincent=20Membr=C3=A9?= <vincent.membre@rudder.io>
Date: Wed, 22 Nov 2023 14:20:42 +0100
Subject: [PATCH] Fixes #23768: Remove Password authentication for OAuth2

---
 .../normation/plugins/authbackends/Oauth2Authentication.scala   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/auth-backends/src/main/scala/com/normation/plugins/authbackends/Oauth2Authentication.scala b/auth-backends/src/main/scala/com/normation/plugins/authbackends/Oauth2Authentication.scala
index f48b20609..8b31ba6dc 100644
--- a/auth-backends/src/main/scala/com/normation/plugins/authbackends/Oauth2Authentication.scala
+++ b/auth-backends/src/main/scala/com/normation/plugins/authbackends/Oauth2Authentication.scala
@@ -112,7 +112,7 @@ object RudderPropertyBasedOAuth2RegistrationDefinition {
 
   val grantTypes = {
     import AuthorizationGrantType._
-    List(AUTHORIZATION_CODE, REFRESH_TOKEN, CLIENT_CREDENTIALS, new AuthorizationGrantType("password")) // IMPLICIT is deprecated for security reason
+    List(AUTHORIZATION_CODE, REFRESH_TOKEN, CLIENT_CREDENTIALS) // PASSWORD and IMPLICIT are deprecated for security reasons
   }
 
   val baseProperty = "rudder.auth.oauth2.provider"