diff --git a/internal/services/gateway/action/user.go b/internal/services/gateway/action/user.go
index 5e62263..a585169 100644
--- a/internal/services/gateway/action/user.go
+++ b/internal/services/gateway/action/user.go
@@ -544,7 +544,7 @@ func (h *ActionHandler) HandleRemoteSourceAuth(ctx context.Context, remoteSource
 		if err != nil {
 			return nil, errors.Wrapf(err, "failed to create git source")
 		}
-		token, err := common.GenerateJWTToken(h.sd, rs.Name, string(requestType), req)
+		token, err := common.GenerateOauth2JWTToken(h.sd, rs.Name, string(requestType), req)
 		if err != nil {
 			return nil, err
 		}
diff --git a/internal/services/gateway/common/jwt.go b/internal/services/gateway/common/jwt.go
index c7e0871..aa02851 100644
--- a/internal/services/gateway/common/jwt.go
+++ b/internal/services/gateway/common/jwt.go
@@ -31,47 +31,39 @@ type TokenSigningData struct {
 	Key        []byte
 }
 
-func GenerateJWTToken(sd *TokenSigningData, remoteSourceName, requestType string, request interface{}) (string, error) {
+func GenerateGenericJWTToken(sd *TokenSigningData, claims jwt.Claims) (string, error) {
+	token := jwt.NewWithClaims(sd.Method, claims)
+
+	var key interface{}
+	switch sd.Method {
+	case jwt.SigningMethodRS256:
+		key = sd.PrivateKey
+	case jwt.SigningMethodHS256:
+		key = sd.Key
+	default:
+		return "", errors.Errorf("unsupported signing method %q", sd.Method.Alg())
+	}
+	// Sign and get the complete encoded token as a string
+	return token.SignedString(key)
+}
+
+func GenerateOauth2JWTToken(sd *TokenSigningData, remoteSourceName, requestType string, request interface{}) (string, error) {
 	requestj, err := json.Marshal(request)
 	if err != nil {
 		return "", err
 	}
 
-	token := jwt.NewWithClaims(sd.Method, jwt.MapClaims{
+	return GenerateGenericJWTToken(sd, jwt.MapClaims{
 		"exp":                time.Now().Add(sd.Duration).Unix(),
 		"remote_source_name": remoteSourceName,
 		"request_type":       requestType,
 		"request":            string(requestj),
 	})
-
-	var key interface{}
-	switch sd.Method {
-	case jwt.SigningMethodRS256:
-		key = sd.PrivateKey
-	case jwt.SigningMethodHS256:
-		key = sd.Key
-	default:
-		errors.Errorf("unsupported signing method %q", sd.Method.Alg())
-	}
-	// Sign and get the complete encoded token as a string
-	return token.SignedString(key)
 }
 
 func GenerateLoginJWTToken(sd *TokenSigningData, userID string) (string, error) {
-	token := jwt.NewWithClaims(sd.Method, jwt.MapClaims{
+	return GenerateGenericJWTToken(sd, jwt.MapClaims{
 		"sub": userID,
 		"exp": time.Now().Add(sd.Duration).Unix(),
 	})
-
-	var key interface{}
-	switch sd.Method {
-	case jwt.SigningMethodRS256:
-		key = sd.PrivateKey
-	case jwt.SigningMethodHS256:
-		key = sd.Key
-	default:
-		errors.Errorf("unsupported signing method %q", sd.Method.Alg())
-	}
-	// Sign and get the complete encoded token as a string
-	return token.SignedString(key)
 }