allow specifying auth style (#51233)

conf/defaults.ini

@@ -576,6 +576,7 @@ tls_client_cert =
 tls_client_key =
 tls_client_ca =
 use_pkce = false
+auth_style = 
 
 #################################### Basic Auth ##########################
 [auth.basic]

conf/sample.ini

@@ -563,6 +563,7 @@
 ;tls_client_key =
 ;tls_client_ca =
 ;use_pkce = false
+;auth_style =
 
 #################################### Basic Auth ##########################
 [auth.basic]

pkg/login/social/social.go

@@ -105,13 +105,26 @@ func ProvideService(cfg *setting.Cfg) *SocialService {
 
 		ss.oAuthProvider[name] = info
 
+		var authStyle oauth2.AuthStyle
+		switch strings.ToLower(sec.Key("auth_style").String()) {
+		case "inparams":
+			authStyle = oauth2.AuthStyleInParams
+		case "inheader":
+			authStyle = oauth2.AuthStyleInHeader
+		case "autodetect", "":
+			authStyle = oauth2.AuthStyleAutoDetect
+		default:
+			logger.Warn("Invalid auth style specified, defaulting to auth style AutoDetect", "auth_style", sec.Key("auth_style").String())
+			authStyle = oauth2.AuthStyleAutoDetect
+		}
+
 		config := oauth2.Config{
 			ClientID:     info.ClientId,
 			ClientSecret: info.ClientSecret,
 			Endpoint: oauth2.Endpoint{
 				AuthURL:   info.AuthUrl,
 				TokenURL:  info.TokenUrl,
-				AuthStyle: oauth2.AuthStyleAutoDetect,
+				AuthStyle: authStyle,
 			},
 			RedirectURL: strings.TrimSuffix(cfg.AppURL, "/") + SocialBaseUrl + name,
 			Scopes:      info.Scopes,