test converage

server/src/test/java/org/cloudfoundry/identity/uaa/provider/oauth/ExternalOAuthAuthenticationManagerIT.java

@@ -570,7 +570,6 @@ void discoveryURL_is_used() throws MalformedURLException {
         config.setAuthUrl(null);
         config.setTokenUrl(null);
         config.setDiscoveryUrl(new URL("http://some.discovery.url"));
-
         Map<String, Object> discoveryContent = new HashMap();
         discoveryContent.put("authorization_endpoint", authUrl.toString());
         discoveryContent.put("token_endpoint", tokenUrl.toString());
@@ -652,6 +651,23 @@ void pkceWithJwtClientAuthInBody_is_used() {
         mockUaaServer.verify();
     }
 
+    @Test
+    void testAdditionalParameterClientAuthInBody_is_used() {
+        config.setClientAuthInBody(true);
+        config.setAdditionalAuthzParameters(Map.of("token_format", "opaque"));
+        mockUaaServer.expect(requestTo(config.getTokenUrl().toString()))
+            .andExpect(request -> assertThat("Check Auth header not present", request.getHeaders().get("Authorization"), nullValue()))
+            .andExpect(content().string(containsString("token_format=opaque")))
+            .andExpect(content().string(containsString("client_id=" + config.getRelyingPartyId())))
+            .andRespond(withStatus(OK).contentType(APPLICATION_JSON).body(getIdTokenResponse()));
+        IdentityProvider<AbstractExternalOAuthIdentityProviderDefinition> identityProvider = getProvider();
+        when(provisioning.retrieveByOrigin(eq(ORIGIN), anyString())).thenReturn(identityProvider);
+        Map<String, Object> idToken = externalOAuthAuthenticationManager.getClaimsFromToken(xCodeToken, config);
+        assertNotNull(idToken);
+
+        mockUaaServer.verify();
+    }
+
     @Test
     void idToken_In_Redirect_Should_Use_it() {
         mockToken();