Merge pull request #294 from dbuchwald/master

lor6 · web-flow · commit c32a5cdf7d5d · 2022-09-15T17:39:09.000+03:00
Resolved issue #293 related to client_secret being passed in POST
diff --git a/oauth-rest/oauth-authorization-server/src/main/resources/baeldung-realm.json b/oauth-rest/oauth-authorization-server/src/main/resources/baeldung-realm.json
@@ -442,7 +442,7 @@
     "implicitFlowEnabled" : true,
     "directAccessGrantsEnabled" : true,
     "serviceAccountsEnabled" : false,
-    "publicClient" : false,
+    "publicClient" : true,
     "frontchannelLogout" : false,
     "protocol" : "openid-connect",
     "attributes" : {
diff --git a/oauth-rest/oauth-ui-authorization-code-angular/src/main/resources/src/app/app.service.ts b/oauth-rest/oauth-ui-authorization-code-angular/src/main/resources/src/app/app.service.ts
@@ -23,7 +23,6 @@ export class AppService {
     let params = new URLSearchParams();   
     params.append('grant_type','authorization_code');
     params.append('client_id', this.clientId);
-    params.append('client_secret', 'newClientSecret');
     params.append('redirect_uri', this.redirectUri);
     params.append('code',code);
 
@@ -63,4 +62,4 @@ export class AppService {
 
     window.location.href = logoutURL;
   } 
-}
+}
