diff --git a/model/src/test/java/org/cloudfoundry/identity/uaa/constants/ClientAuthenticationTest.java b/model/src/test/java/org/cloudfoundry/identity/uaa/constants/ClientAuthenticationTest.java
index 1a25c34a689..bf3c438049c 100644
--- a/model/src/test/java/org/cloudfoundry/identity/uaa/constants/ClientAuthenticationTest.java
+++ b/model/src/test/java/org/cloudfoundry/identity/uaa/constants/ClientAuthenticationTest.java
@@ -27,19 +27,26 @@ void isMethodSupported() {
   }
 
   @Test
-  void isValidMethod() {
+  void isValidMethodTrue() {
     assertTrue(ClientAuthentication.isValidMethod(NONE, false, false));
     assertTrue(ClientAuthentication.isValidMethod(PRIVATE_KEY_JWT, false, true));
     assertTrue(ClientAuthentication.isValidMethod(CLIENT_SECRET_POST, true, false));
     assertTrue(ClientAuthentication.isValidMethod(CLIENT_SECRET_BASIC, true, false));
+    // legacy checks, no method passed
+    assertTrue(ClientAuthentication.isValidMethod(null, false, false));
+    assertTrue(ClientAuthentication.isValidMethod(null, true, false));
+    assertTrue(ClientAuthentication.isValidMethod(null, false, true));
+
+  }
+
+  @Test
+  void isValidMethodFalse() {
     assertFalse(ClientAuthentication.isValidMethod(CLIENT_SECRET_BASIC, false, false));
     assertFalse(ClientAuthentication.isValidMethod(CLIENT_SECRET_POST, false, false));
     assertFalse(ClientAuthentication.isValidMethod(NONE, true, false));
     assertFalse(ClientAuthentication.isValidMethod(PRIVATE_KEY_JWT, true, true));
+    assertFalse(ClientAuthentication.isValidMethod(CLIENT_SECRET_BASIC, true, true));
     // legacy checks, no method passed
-    assertTrue(ClientAuthentication.isValidMethod(null, false, false));
-    assertTrue(ClientAuthentication.isValidMethod(null, true, false));
-    assertTrue(ClientAuthentication.isValidMethod(null, false, true));
     assertFalse(ClientAuthentication.isValidMethod(null, true, true));
   }
 
@@ -54,7 +61,7 @@ void getCalculatedMethod() {
   }
 
   @Test
-  void isAuthMethodEqual() {
+  void isAuthMethodEqualTrue() {
     assertTrue(ClientAuthentication.isAuthMethodEqual(NONE, NONE));
     assertTrue(ClientAuthentication.isAuthMethodEqual(CLIENT_SECRET_BASIC, CLIENT_SECRET_POST));
     assertTrue(ClientAuthentication.isAuthMethodEqual(CLIENT_SECRET_POST, CLIENT_SECRET_BASIC));
@@ -62,6 +69,14 @@ void isAuthMethodEqual() {
     assertTrue(ClientAuthentication.isAuthMethodEqual(CLIENT_SECRET_POST, CLIENT_SECRET_POST));
     assertTrue(ClientAuthentication.isAuthMethodEqual(PRIVATE_KEY_JWT, PRIVATE_KEY_JWT));
     assertTrue(ClientAuthentication.isAuthMethodEqual(null, null));
+    assertTrue(ClientAuthentication.isAuthMethodEqual(null, CLIENT_SECRET_BASIC));
+    assertTrue(ClientAuthentication.isAuthMethodEqual(null, CLIENT_SECRET_POST));
+    assertTrue(ClientAuthentication.isAuthMethodEqual(CLIENT_SECRET_BASIC, null));
+  }
+
+  @Test
+  void isAuthMethodEqualFalse() {
+    assertFalse(ClientAuthentication.isAuthMethodEqual(PRIVATE_KEY_JWT, null));
     assertFalse(ClientAuthentication.isAuthMethodEqual(PRIVATE_KEY_JWT, CLIENT_SECRET_BASIC));
     assertFalse(ClientAuthentication.isAuthMethodEqual(PRIVATE_KEY_JWT, NONE));
   }